[jubes]

Thanks for response. I assumed it was a bug and i'm sure there are quite a few start outs which find themselves on here via the power of copy pasta. That said it was the idea of having geolocation on by default which irked me. Is there a reason for this?

[MikusR]

Is there a reason it shouldn't be? When i take notes i would like to capture as much metadata as possible. So when i reference them later i get full picture.

[jubes]

Yes. I like transparency and I would like to live in a world where the products I consume don't assume and give me the choice of what data is sent on the back of my actions. In this case because the option was binary it was assumed I wanted geo-location data being sent. Let's consider the scenario where the data store containing these notes and their associated metadata was breached and owned. You then have the potential for learning additional facts about people which wasn't their intended choice. If you chose to allow for certain data to be sent then ultimately the onus is on the you. Because you want as much metadata attached to notes doesn't mean everyone does and therefore we should be given the option.

[kohanz]

But you are given the option. I bet the app also stores timestamps along with the posts - should that be off by default as well because some are uncomfortable with divulging when they created their note?

[muxator]

Does a set of timestamps have the same informative value of the geolocation history of a user?

Would you affirm this in a formal risk assessment?

[kohanz]

> Does a set of timestamps have the same informative value of the geolocation history of a user?

It depends on the user, which is why they are given an option.

> Would you affirm this in a formal risk assessment?

Are we still talking about a free, open-source note-taking app or is this a medical device now?

[laurent123456]

I see your point but my approach in general is to enable all these things by default, because otherwise many users will not know it's even there, same for example for auto-updates (which privacy conscious users often don't want).

And I assume that users who care about this will find out how to disable it. I realise it's not ideal - perhaps a better way is to ask the first time the app starts, like what VLC is doing (however this has the drawback of an extra popup on startup).