New Fedora Privacy Policy

[Jeremy Katz]

On Wed, 2008-07-16 at 21:52 -0400, Josh Boyer wrote:
> On Wed, 2008-07-16 at 17:47 -0400, Tom "spot" Callaway wrote:
> > For a while now, we've been butting up against the Red Hat Privacy
> > Policy (which we've been using to cover Fedora). To try to address some
> > of these concerns, I sat down and made a new privacy policy for Fedora
> 
> Could you enumerate what those concerns are/were?  Not everyone is aware
> of the reasons to write a new policy.

Paul gave some examples in his blog post earlier
(http://marilyn.frields.org:8080/~paul/wordpress/?p=1063).  To save
people some trouble, and as I'm sure he won't mind, here's the relevant
snippet to save people from having to click[1]

Paul wrote:
> Here’s an example: Recently, we found that the policy was going to 
> make it impossible for us to develop useful geographic data on 
> contributions. We can use data like that to develop the infamous “heat
> maps” to show where lots of Fedora work is happening. Those maps have 
> been absolutely instrumental in our community architecture plans, and 
> how we devote resources to Fedora worldwide.
>
> Even though we’re always very careful about aggregating this data so 
> it’s not tied to individuals, the old privacy policy still prevents 
> this and many other, similar reasonable uses. We can develop metrics 
> that are useful not just to the Board, or FESCo, but also Ambassadors,
> Marketing, and other groups. These are all our fellow contributors 
> whom we already trust, and with whom we share our account system.
>
> Moreover, some of this data is intended to be public already — data 
> like your Fedora Account System (FAS) account name and email; or the 
> fact that you used it to commit a specfile patch; or the fact that you
> uploaded that patch from a certain IP address. So the privacy policy 
> we’ve been using is completely out of whack with the reality of a 
> truly open project like Fedora.


Jeremy