More diagnostics data from desktop

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

More diagnostics data from desktop

Chris Rainey
Great ideas!

I've been _manually_ re-enabling these popcon reports at every install(Ubuntu gives me a $free OS and the least I can do is help 'em out w/ some telemetry!) via:

$ sudo dpkg-reconfigure popularity-contest

As a sys-admin, I do installs regularly and having so many apport notices user-facing has been an irritation(i.e. cups-browsed has crashed, gnome-shell has crashed, etc.). These are not show-stopping in the majority of cases and only confuse the end-user. I would welcome 'silent' crash-reporting for such use cases.

popcon.ubuntu.com seemed to go unmaintained for a while so I opened the following bug to determine it's future:  https://bugs.launchpad.net/ubuntu/+source/popularity-contest/+bug/1711420


Thanks for looking into this. Ubuntu & the greater GNU/Linux community has to reverse-engineer so much of the Wintel(Microsoft/Intel) world already, let's give the Dev's some good info on where to prioritize by use and greatest need !!



--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Reply | Threaded
Open this post in threaded view
|

Re: More diagnostics data from desktop

Brian Murray-5
On Thu, Feb 15, 2018 at 02:19:50PM +0000, Chris Rainey wrote:

> Great ideas!
>
> I've been _manually_ re-enabling these popcon reports at every
> install(Ubuntu gives me a $free OS and the least I can do is help 'em out
> w/ some telemetry!) via:
>
> $ sudo dpkg-reconfigure popularity-contest
>
> As a sys-admin, I do installs regularly and having so many apport notices
> user-facing has been an irritation(i.e. cups-browsed has crashed,
> gnome-shell has crashed, etc.). These are not show-stopping in the majority
> of cases and only confuse the end-user. I would welcome 'silent'
> crash-reporting for such use cases.

If you install the package apport-noui the crash reports should be
reported 'silently'. I haven't worked on in a bit but if you run into
any issues please let me know.

Thanks,
--
Brian Murray

--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Reply | Threaded
Open this post in threaded view
|

Re: More diagnostics data from desktop

Jonty Gamao
In reply to this post by Chris Rainey
Hi,

I noticed in the mailing list that you guys only talked about users who are installing Ubuntu for the first time, not upgrading from a previous version (unless I totally missed it, or misunderstood it):

> We would like to add a checkbox to the installer, exact wording TBD, but along the lines of “Send diagnostics information to help improve Ubuntu”. This would be checked by default.

If I understood it right, then you guys haven't decided whether to leave it enabled or disabled by default for users who are upgrading, right?

In my opinion, I think you guys should make it an opt-in thing for users who are upgrading from a previous version of Ubuntu.  It leaves a sour thought in people's minds when they get drafted to something they're against, even though they have the option to leave (pretty sure you noticed how this move became controversial and a hot topic right now).  I suggest doing a pop up right after the upgrade and reboot, or during the upgrade process, that asks them whether they want to participate (with VERY detailed info on what you'll be collecting) or not.  And maybe leave it unticked.

Personally, I'll help out by giving you guys the data you're asking, but there are others who are totally against this, especially the idea of opt-in.

Take care,
Jonas


--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Reply | Threaded
Open this post in threaded view
|

Re: More diagnostics data from desktop

Mark Rogers
On 21 February 2018 at 17:32, Jonty Gamao <[hidden email]> wrote:
>
> Personally, I'll help out by giving you guys the data you're asking, but there are others who are totally against this, especially the idea of opt-in.


"Me too".

But the issue of GDPR was mentioned earlier in the thread but seems to
have fallen on deaf ears. If you are collecting this kind of data in
the EU (and as far as I can tell telemetry data does get swept up into
it indirectly if not directly) then opt-in isn't just advisable but
legally enforceable.

Short of automatically ticking the opt-in box depending on location
(and how well can you know the location without a network
connection?), and potentially creating a documentation headache
because different people will see different things, and certainly
skewing the results, then surely the GDPR closes this part of the
debate down?

Going further: When the GDPR takes effect, will Ubuntu even be
compliant as it stands? Explicit and clearly defined consent on bug
reports, for example.

If someone has looked into this and determined that Ubuntu isn't
affected then I (and other EU) users would love to know more!

--
Mark Rogers // More Solutions Ltd (Peterborough Office) // 0844 251 1450
Registered in England (0456 0902) 21 Drakes Mews, Milton Keynes, MK8 0ER

--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Reply | Threaded
Open this post in threaded view
|

Re: More diagnostics data from desktop

Dustin Kirkland-5
In reply to this post by Jonty Gamao
On Wed, Feb 21, 2018 at 11:32 AM, Jonty Gamao <[hidden email]> wrote:

> Hi,
>
> I noticed in the mailing list that you guys only talked about users who are
> installing Ubuntu for the first time, not upgrading from a previous version
> (unless I totally missed it, or misunderstood it):
>
>> We would like to add a checkbox to the installer, exact wording TBD, but
>> along the lines of “Send diagnostics information to help improve Ubuntu”.
>> This would be checked by default.
>
> If I understood it right, then you guys haven't decided whether to leave it
> enabled or disabled by default for users who are upgrading, right?
>
> In my opinion, I think you guys should make it an opt-in thing for users who
> are upgrading from a previous version of Ubuntu.  It leaves a sour thought
> in people's minds when they get drafted to something they're against, even
> though they have the option to leave (pretty sure you noticed how this move
> became controversial and a hot topic right now).  I suggest doing a pop up
> right after the upgrade and reboot, or during the upgrade process, that asks
> them whether they want to participate (with VERY detailed info on what
> you'll be collecting) or not.  And maybe leave it unticked.

Yes, indeed, we agree -- upgrading users would need to purposely
"opt-in" to this behavior, as that wasn't explicitly asked in the
past.

Upgrading users would need to purposefully enable diagnostics in
System Preferences.  We should look into a tasteful way of asking this
question during the upgrade process.  We'll leave that to the Ubuntu
UI/UX team ;-)

> Personally, I'll help out by giving you guys the data you're asking, but
> there are others who are totally against this, especially the idea of
> opt-in.
>
> Take care,
> Jonas
>
>
> --
> ubuntu-devel mailing list
> [hidden email]
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
>

--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Reply | Threaded
Open this post in threaded view
|

Re: More diagnostics data from desktop

Jeremy Bicha-2
In reply to this post by Mark Rogers
On Thu, Feb 22, 2018 at 4:50 AM, Mark Rogers <[hidden email]> wrote:
> But the issue of GDPR was mentioned earlier in the thread but seems to
> have fallen on deaf ears. If you are collecting this kind of data in
> the EU (and as far as I can tell telemetry data does get swept up into
> it indirectly if not directly) then opt-in isn't just advisable but
> legally enforceable.

What proposed collected data do you think should be considered
personal data for GPDR purposes?

Thanks,
Jeremy Bicha

--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Reply | Threaded
Open this post in threaded view
|

Re: More diagnostics data from desktop

Mark Rogers
On 7 March 2018 at 11:46, Jeremy Bicha <[hidden email]> wrote:
> What proposed collected data do you think should be considered
> personal data for GPDR purposes?

I am a long way from being an expert on this, and the more I research
the more the ground seems to shift. You would need to seek legal
advice. I was certainly hoping that someone with more knowledge would
have jumped in by now!

When I wrote the email you replied to, my understanding was that
because it might become possible to correlate anonymised telemetry
data with bug reports etc (for which user details are logged in the
form of a user account) there was definite potential for them to get
swept up indirectly if not directly. Subsequent research suggests that
it might simply be required full stop, or only in certain
circumstances, or maybe not at all. None of the resources I found were
clear or authoritative enough to be worth linking to.

Therefore the biggest problem seems to be a lack of clarity. A quick
Google for "GDPR telemetry data" certainly gives no clear answers. One
option would be to pay someone to get clear legal advice and keep that
advice up to date. But the "informed opt-in consent" option seems a
lot easier.

--
Mark Rogers // More Solutions Ltd (Peterborough Office) // 0844 251 1450
Registered in England (0456 0902) 21 Drakes Mews, Milton Keynes, MK8 0ER

--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Reply | Threaded
Open this post in threaded view
|

Re: More diagnostics data from desktop

J Fernyhough
In reply to this post by Jeremy Bicha-2
(cross-posting because ubuntu-devel is moderated and this may not reach
that list)

On 07/03/18 11:46, Jeremy Bicha wrote:
> What proposed collected data do you think should be considered
> personal data for GPDR purposes?
>

"What constitutes personal data?

"Any information related to a natural person or ‘Data Subject’, that can
be used to directly or indirectly identify the person. It can be
anything from a name, a photo, an email address, bank details, posts on
social networking websites, medical information, or a computer IP
address." [1]

And more specifically:

"(26) The principles of data protection should apply to any information
concerning an identified or identifiable natural person. Personal data
which have undergone pseudonymisation, which could be attributed to a
natural person by the use of additional information should be considered
to be information on an identifiable natural person. ..."

"(30) Natural persons may be associated with online identifiers provided
by their devices, applications, tools and protocols, such as internet
protocol addresses, cookie identifiers or other identifiers such as
radio frequency identification tags. This may leave traces which, in
particular when combined with unique identifiers and other information
received by the servers, may be used to create profiles of the natural
persons and identify them." [2]

Hence, if you _ever_ record an IP address, you are recording "personal
data" and must be able to demonstrate you are meeting the requirements
of the GDPR **even if you pseudonymise that data**. Given the proposal
extends to storing a full hardware specification it's very easy to see
how that could be used as "additional information" or "other identifiers".


Regarding consent:

"(32) Consent should be given by a clear affirmative act establishing a
freely given, specific, informed and unambiguous indication of the data
subject's agreement to the processing of personal data relating to him
or her, such as by a written statement, including by electronic means,
or an oral statement.

"This could include ticking a box when visiting an internet website,
choosing technical settings for information society services or another
statement or conduct which clearly indicates in this context the data
subject's acceptance of the proposed processing of his or her personal
data. Silence, pre-ticked boxes or inactivity should not therefore
constitute consent.

"Consent should cover all processing activities carried out for the same
purpose or purposes. When the processing has multiple purposes, consent
should be given for all of them. If the data subject's consent is to be
given following a request by electronic means, the request must be
clear, concise and not unnecessarily disruptive to the use of the
service for which it is provided." [2] (Split to highlight central section)


Given the discussion is about about large-scale systematic data
collection Ubuntu/Canonical should also be aware of:

"Does my business need to appoint a Data Protection Officer (DPO)?

"DPOs must be appointed in the case of: (a) public authorities, (b)
organizations that engage in large scale systematic monitoring, or (c)
organizations that engage in large scale processing of sensitive
personal data (Art. 37).  If your organization doesn’t fall into one of
these categories, then you do not need to appoint a DPO." [1]


Essentially, the onus here is on Ubuntu/Canonical to demonstrate any and
all data collection meets the requirements of the GDPR. This is a bigger
issue than most people realise.



References

[1] https://www.eugdpr.org/gdpr-faqs.html
[2] http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679


--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: More diagnostics data from desktop

Jeremy Bicha-2
(Keeping the full comment since the replied email hasn't shown up in
the ubuntu-devel archives yet.)

On Wed, Mar 7, 2018 at 2:42 PM, J Fernyhough <[hidden email]> wrote:

> (cross-posting because ubuntu-devel is moderated and this may not reach
> that list)
>
> On 07/03/18 11:46, Jeremy Bicha wrote:
>> What proposed collected data do you think should be considered
>> personal data for GPDR purposes?
>>
>
> "What constitutes personal data?
>
> "Any information related to a natural person or ‘Data Subject’, that can
> be used to directly or indirectly identify the person. It can be
> anything from a name, a photo, an email address, bank details, posts on
> social networking websites, medical information, or a computer IP
> address." [1]
>
> And more specifically:
>
> "(26) The principles of data protection should apply to any information
> concerning an identified or identifiable natural person. Personal data
> which have undergone pseudonymisation, which could be attributed to a
> natural person by the use of additional information should be considered
> to be information on an identifiable natural person. ..."
>
> "(30) Natural persons may be associated with online identifiers provided
> by their devices, applications, tools and protocols, such as internet
> protocol addresses, cookie identifiers or other identifiers such as
> radio frequency identification tags. This may leave traces which, in
> particular when combined with unique identifiers and other information
> received by the servers, may be used to create profiles of the natural
> persons and identify them." [2]
>
> Hence, if you _ever_ record an IP address, you are recording "personal
> data" and must be able to demonstrate you are meeting the requirements
> of the GDPR **even if you pseudonymise that data**. Given the proposal
> extends to storing a full hardware specification it's very easy to see
> how that could be used as "additional information" or "other identifiers".
>
>
> Regarding consent:
>
> "(32) Consent should be given by a clear affirmative act establishing a
> freely given, specific, informed and unambiguous indication of the data
> subject's agreement to the processing of personal data relating to him
> or her, such as by a written statement, including by electronic means,
> or an oral statement.
>
> "This could include ticking a box when visiting an internet website,
> choosing technical settings for information society services or another
> statement or conduct which clearly indicates in this context the data
> subject's acceptance of the proposed processing of his or her personal
> data. Silence, pre-ticked boxes or inactivity should not therefore
> constitute consent.
>
> "Consent should cover all processing activities carried out for the same
> purpose or purposes. When the processing has multiple purposes, consent
> should be given for all of them. If the data subject's consent is to be
> given following a request by electronic means, the request must be
> clear, concise and not unnecessarily disruptive to the use of the
> service for which it is provided." [2] (Split to highlight central section)
>
>
> Given the discussion is about about large-scale systematic data
> collection Ubuntu/Canonical should also be aware of:
>
> "Does my business need to appoint a Data Protection Officer (DPO)?
>
> "DPOs must be appointed in the case of: (a) public authorities, (b)
> organizations that engage in large scale systematic monitoring, or (c)
> organizations that engage in large scale processing of sensitive
> personal data (Art. 37).  If your organization doesn’t fall into one of
> these categories, then you do not need to appoint a DPO." [1]
>
>
> Essentially, the onus here is on Ubuntu/Canonical to demonstrate any and
> all data collection meets the requirements of the GDPR. This is a bigger
> issue than most people realise.
>
>
>
> References
>
> [1] https://www.eugdpr.org/gdpr-faqs.html
> [2] http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679

Notably, in the very first email in this thread, Will Cooke
specifically said IP addresses will never be stored with this data. A
Launchpad account is not needed for apport to send crash data for
stable Ubuntu releases (it works a bit differently while an Ubuntu
release is still in development.)

In my opinion, the basic hardware data collection being proposed is
completely insufficient to identify people.

Thanks,
Jeremy Bicha

--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Reply | Threaded
Open this post in threaded view
|

Re: More diagnostics data from desktop

J Fernyhough
On 07/03/18 20:43, Jeremy Bicha wrote:
> Notably, in the very first email in this thread, Will Cooke
> specifically said IP addresses will never be stored with this data.

That doesn't mean it's not collected and so can be ignored. The
"collected" data must be "processed" to remove the IP address (unless
you can access a TCP/IP-based web service without revealing your IP
address?).


> In my opinion, the basic hardware data collection being proposed is
> completely insufficient to identify people.

Respectfully, GDPR compliance isn't based on opinions. It needs to be
studied and processes implemented to ensure compliance, i.e. it needs to
be taken seriously, even for statistical data:

"(162) Where personal data are processed for statistical purposes, this
Regulation should apply to that processing. Union or Member State law
should, within the limits of this Regulation, determine statistical
content, control of access, specifications for the processing of
personal data for statistical purposes and appropriate measures to
safeguard the rights and freedoms of the data subject and for ensuring
statistical confidentiality. Statistical purposes mean any operation of
collection and the processing of personal data necessary for statistical
surveys or for the production of statistical results. Those statistical
results may further be used for different purposes, including a
scientific research purpose. The statistical purpose implies that the
result of processing for statistical purposes is not personal data, but
aggregate data, and that this result or the personal data are not used
in support of measures or decisions regarding any particular natural
person."

Note that this specifically mentions processing with the result of
aggregate non-personal data.

J


--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

signature.asc (883 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: More diagnostics data from desktop

Robie Basak-4
Please stop.

"Lawyering" on this list is pointless and will not get us anywhere. "I
think this would be compliant" and "I think this would not be compliant"
is meaningless when coming from a bunch of random engineers.

Give Canonical some credit. They're not going to go ahead with something
that they think will violate the GDPR, since that would obviously be bad
for Canonical, bad for Ubuntu, and bad for everyone else.

As a project, for legal matters, we defer to Canonical's legal staff to
make a final determination, because we have to make *a single
determination* in order to proceed with anything. This is the only
reasonable way to proceed.

I'm sure someone will disagree with any determination, because someone
always does. Law is subjective like that. But arguing on this list about
it is pointless.

Leave it to the implementors to check with Canonical legal and make sure
that the final implementation will be in compliance. The minutiae of
compliance is not a matter for this list. If you think the whole
principle would not be in compliance, then either they'll agree with you
and it won't happen, or they'll disagree with you and it will happen.
Whichever way, arguments amongst engineers on this list from a legal
perpsective will not make the slightest bit of difference.

Let's leave the legal stuff to the legal people, and focus on the
technical stuff here.

--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

signature.asc (836 bytes) Download Attachment