Enviado desde mi iPhone >> El 16 ago 2017, a las 20:46, Thomas Pfeiffer <[email protected]> >> escribió: >> >> On Mittwoch, 16. August 2017 09:33:02 CEST Valorie Zimmerman wrote: >> Hi all, Mozilla has done a lot of work on telemetry, and we might be >> able to use some of their findings. On this page: >> https://wiki.mozilla.org/Firefox/Data_Collection they break down the >> data they might possibly collect into four buckets - technical (such >> as crashes), user interaction, web activity, and sensitive (personal >> data). >> >> This bit might be relevant to our discussion: "Categories 1 & 2 >> (Technical & Interaction data) >> Pre-Release & Release: Data may default on, provided the data is >> exclusively in these categories (it cannot be in any other category). >> In Release, an opt-out must be available for most types of Technical >> and Interaction data. " >> >> I think the entire page might be enlightening to this discussion. I >> believe our analysis of needs should be more fine-grained, and that >> some parts of what we need can be "default on" especially for >> pre-release testing. For releases, we can provide an opt-out. > > Hi Valorie, > Even if opt-out for some data is legally and even morally fine, it does not > align with the values we communicate to our users: > Unlike Mozilla's Mission, our Vision mentions privacy explicitly, and we're > striving to make privacy our USP. > > Therefore I agree with others who replied in this thread: We should respect > privacy unnecessarily much rather than too little. > > In the end, of course, it's a matter of how we present this opt-in. If it's an > option buried in some settings dialog, we might as well not do it at all. > > If we, however - like Firefox does -, pfominently present that choice to users > the first time they run one of our applications or desktop environment and try > to make clear why that data collection is important for us, I don't see why we > could not convince a relevant number of users to opt in. > Sure, we'll get less data than with an opt-out scheme, but let's try it out > first before we go for the option that carries a significant PR risk.
I think discussing this as "opt-in" vs "opt-out" may be misleading. In terms of amount of data collected, there would be a big difference between going to Preferences and ticking a checkbox hidden somewhere, and a first-run pop up that asks you, yet both could be reasonably called "opt-in". Similarly, in terms of privacy, there is a big difference between opt-out by un-ticking a checkbox hidden somewhere vs opt-out via a passive banner that says "we collect anonymous usage information, click here if you don't want that" before any data is sent. In slightly different words, as said in #kde-devel: <argonel> opt-in doesn't mean "unadvertised" <nicolas17> and opt-out doesn't mean you have to dig in settings to turn it off <nicolas17> so I think putting it as an opt-in vs opt-out binary discussion is too simplistic We need to talk about the specifics of what opt-in or opt-out *means*. Is there a first-use prompt? Is it a passive banner or a modal popup? What happens by default if I ignore it? What happens by default between starting the app and answering the prompt? How do I change the choice later? -- Nicolás
