On Monday, August 21, 2017 at 10:56:44 AM UTC-5, Georg Fritzsche wrote:
> One solution is the use of differential privacy [2] [3], which allows us to
> collect sensitive data without being able to make conclusions about
> individual users, thus preserving their privacy.
Differential privacy is a great tool, however, I'm concerned that even if we do
everything *technically* correctly to preserve user privacy, the *optics*
associated with this sort of data collection were not address in this email.
We attempted to do similarly with User Profile ("UP") / Directory Tiles
projects in Content Services, which proposed completely local history analysis
for purposes of advertising and content discovery. All of which was done in a
way that absolutely protected user privacy (the analysis never left the local
machine), but we weren't able to overcome the superficial impression that
Firefox was tracking users.
1. How do you propose we address the change in (and mis-)perception of Firefox
as a result of this telemetry?
2. Secondly, I'm far more comfortable with data collection that's strictly tied
to performance (jank, Flash domains, etc.) than I am with personal data, like
homepages or top sites. Would this project be as valuable *without* collecting
personalized information like the above?
Best,
Dan
_______________________________________________
governance mailing list
[email protected]
https://lists.mozilla.org/listinfo/governance
