@cassidy apple cares about privacy so far as it contrasts them to google. that’s not because they’re virtuous or care, but rather that they don’t compete in search or advertising. if they suddenly had a stake in these interests, you’d see a similar level of targeting as google.
@dylanwolters Apple has raked in 30 billion dollars with their advertising network. If it were a standalone company, it would make 6 billion dollars in revenue this year alone—nearly three times what it was just a few years ago. They're 100% an advertising company.
@dylanwolters that said, how does Apple “care” more about privacy than Google? I’m fairly sure every point on Apple’s privacy mini-site could be aped nearly 1:1 for Google/Android.
What they choose to talk about doesn’t make them care more as an organization, they care that the public thinks they care—that’s my take, anyway. It’s brilliant marketing.
@cassidy I think they do more, just by sheer technology. They do a really strong job with the actual hardware level security
Software wise... meh. I don't have a strong opinion because I'm not too sure, but afaik they have a "rules for you but not for me" model about privacy restrictions on their OSs. FOSS is much better
Overall, I suspect they, as a company, don't actually value privacy as much as they claim. It's a tool for them, not a goal. (ie look at them use "privacy" to be anti repair)
Did you know that every Apple device collects and uploads usage and diagnostics data from you across almost every Apple app by default, including at least what typing suggestions you choose, which emoji you use, which websites you browse, sensitive health info, how you use the clock, compass, and apps, everything you watch or listen to, your location when using most Apple apps, and your search history—in many cases linking this data to your identity?
@cassidy@blitzen RIP Cassidy. Telemetry is a radioactive topic (but of course it shouldn't be) there is a strong need for projects to gather usage data to improve their project, being very honorable, transparent, and using strict privacy protecting methods.
My ultimate conclusion is: if you use Apple devices and “trust” them, then why would it be so hard to trust an entirely open source, radically transparent, auditable, privacy-preserving metrics system run by an altruistic non-profit with a decades-long track record of trustworthy work? 🤔
@cassidy@scottjenson@blitzen The standard easy answer is "Because they can be bought" and "Organisations (even radically open source ones, today) change their strategy". Nothing is set in stone, especially in corporations.
@popey@scottjenson@blitzen do you think it is a realistic concern that an auditable, open source metrics system from, say, the non-profit GNOME Foundation with an elected board of directors accountable to its members would yield privacy concerns because they could theoretically change their strategy, even if the system is designed in a way that cannot collect user identifiable data—moreso than Apple deciding to change their terms some day?
@cassidy@popey@blitzen I agree that a not-for-profit organization is far more stable and unlikely. But even IF you think that is a possibility, it's possible to capture data in fully anonymous way that doesn't a) violate privacy and b) has zero value to the type of people that would pay for it.
This means that argument (it may have value in the future) just doesn't hold water.
@scottjenson@cassidy@blitzen Audacity is a fully free software tool loved by many. When ownership of the project changed a while back, there were plans made to add telemetry. There was quite the uproar and the plans subsequently changed. My point is not that these are identical scenarios, nor that telemetry is bad. My point is it’s naive at best and disingenuous at worst to be blinkered to future changes that occur after change in project leadership.
@popey@cassidy@blitzen I actually talked to @tantacrul about this very issue. I won't do it justice but my understanding is that they wanted "non-commercial telemetry" (that had ZERO individual user info) and the community reacted explosively.
I get it, corporates have done terrible things, and being skeptical is rational. Telemetry isn't the problem, it's how it's been abused. #OpenSource can do this safely and transparently (but obviously it's still a touchy subject)
@popey@cassidy@blitzen@tantacrul I think the biggest misconceptions that needs to be fixed are:
Telemetry == Money
and
Telemetry == Tracking
Both of these are most emphatically not true for #OpenSource. We can do this correctly, safely and transparently. The entire reason we're having this discussion is that there are significant quality issues that can be solved by gathering this information but the community thinks these two terrible things are true when they are not.
@scottjenson@cassidy@blitzen@tantacrul I feel I am been explained at. I worked for Canonical for a long while where we introduced telemetry in the Ubuntu desktop and in the snap store. I am not against telemetry. I am against naivety.
@scottjenson@blitzen I think I get what you’re saying, @popey (correct me if I'm wrong!). Basically, there is an argument that even well-intentioned telemetry could compromise privacy if the organization collecting data is sold/dissolved/changes strategy—so “we collect X, Y, and Z but that’s totally fine because you trust us to do the right thing,” is not a compelling argument on its own.
@scottjenson@blitzen@popey Instead, any telemetry must be collected in a way that is verifiably useless at identifying individuals, regardless of where that data goes.
At the same time, I think the same argument could be made for any product. If LinuxFooDistro is great today but changed hands tomorrow, it could go from having zero telemetry to being updated to ship all of your personal data off to some server. So you must implicitly trust any software you run to do the right thing.
@cassidy@scottjenson@blitzen absolutely. We collected data at Canonical about desktop and snap usage. I could confidently vouch for the security and anonymity of the collection until I am blue in the face. But the day Canonical IPO’s or is bought by $EvilCorp, that’s all out the window. Same for any other organisation, and we all need to be honest and upfront about that.
@cassidy@scottjenson@blitzen@popey the goals of the "privacy by design" standards aim to accomplish pretty much that. But the thing is: It's much, much easier to adapt existing engineering strategies, try to follow basic privacy standards at the last mile that people actually see, and act like it's all the same thing, when it isn't.
Not to toot our own horn too hard, but we discussed this a bit in the last Privacy is OSOM podcast. (Hoping to do a show on just data analytics soon, too!)
@ryne@scottjenson@blitzen@popey ooh, I gotta listen to the podcast. And I'll keep you in mind if we end up making some sort of working group or even just have some recurring conversations around this. 👀
Telemetry is also a security risk (all network communication is an attack surface), and even if well intentioned, it may inadvertently leak private information.
I don't see how telemetry can ever be tolerable, regardless of how it works or which data it's designed to collect.
@argv_minus_one
All communication is a security risk, yes but risk alone is not sufficient to decide for or against something. The benefits must be considered as well.
In an environment where security is paramount, the risk would outweigh the benefits and communication should be heavily restricted or disabled (and as we learned from stuxnet - not just network communication).
Telemetry can have very concrete benefits towards the health of an open source project, and can be reframed as a zero-effort data donation to the project which is just as important as money, time or code donations.
This doesn't mean that the risk/benefit calculation has to work out in favor of telemetry for you - but depending on the person and app, it has a possibility of working out for them.
Add comment