Hi Sam On 17 May 2016 at 13:55, Samuel Greenfeld <[email protected]> wrote:
> I think there may be a difference between research studies and privacy law > related to collecting general user statistics. > I assert there is :) > This might be untested though, and for Sugar, both studies on how children > use it as well generic statistics straight from the application(s) may be > useful. > I'm sure they are. > I'm not interested in age/grade, or their specific IP addresses :) >> >> What information do you think is safe to collect? >> > > At this point in time, I'm not going to speculate. It's too easy to take > multiple identifiers (such as Name and Zip/Postal Code) and uniquely > identify someone the vast majority of the time. > Sure, I wouldn't want to collect either of those. > IP Addresses, Serial numbers, GUIDS/UUIDs, etc. all could be considered > uniquely or near-uniquely identifying of a person depending on the country. > Yep, if those can not be avoided in transmission (eg IPs) then they should not be retained. > Leah at OLPC might be able to tell you some things. But at the same time > she likely would have to point out she isn't your lawyer and cannot provide > you or Sugar Labs legal advice. > I couldn't find her contact details from a quick search; please ping me how can I contact her offline :) > If you want to know the gritty details of how this all works, you really > need to speak to a compliance specialist (which the Conservancy might be > able to point Sugar Labs to), and not ask for legal advice in a public > forum :) > I am not worried nor very interested in the details; since so many of you appear to be worried, I think it is worth following your advice to speak with a lawyer. > I want to understand which activities are used, in which languages, and in >> which countries. None of the above is needed for that. >> > > As long as you don't care about which machine(s) calls in how often and > carefully toss away (& don't log) anything which could identify a user, I > believe this is feasible. > Great! > What the criteria would be in order to get an application that calls home > in various distros would gave to be determined, although many distros have > things like Firefox which do this already. > Exactly :) > There would be some bias the results based on how well any particular > user/country has Internet access. > I think that's easy to design around: the usage data can be logged locally and then exported from an XO in an offline deployment to a USB drive/SD card and make its way over the sneakernet to Sugar Labs. > How this gets disclosed to users would have to be determined. > Since you have a clear idea about this, please draft something :) > Sugar already asks for user's grade and gender on first boot even if no > statistics engine is in place, so there may have to be some sort of privacy > policy or other explanation of what's going on > Where can I read more about that from the time it was introduced? -- Cheers Dave
_______________________________________________ IAEP -- It's An Education Project (not a laptop project!) [email protected] http://lists.sugarlabs.org/listinfo/iaep
