| > In this case, yes. No, not in this case. It does not matter that Ubuntu and KDE are the two biggest desktop Linux vendors, because (1) their telemetry (and, more generally, spying) are in a different league from Windows', and (2) users are capable of choosing to use another distro - a luxury you don't get with Windows. > This is a minor detail and I don't think it actually matters. For almost everyone, except possibly you, this is a huge point. Opt-out and opt-in anything are completely different, both in a conceptual sense, and in an actual privacy sense. On a conceptual level, opt-out vs. opt-in defines the normal behavior or expectation for a thing - Microsoft wants you to believe that it's normal for lots of your (potentially-)private data to go to them. On a practical level, many users aren't aware of (or change) the settings, so opt-out vs. opt-in significantly changes the number of people who actually receive telemetry. Here's a thought experiment to help you understand how important opt-in vs. opt-out is to most people - how many unhappy people are there that organ donation is opt-in - or opt-out? What if you made college opt-out - and got billed for the first semester even if you didn't attend unless you cancelled? What if social security payments were opt-in, or legal rights as an adult, or protection by civil or criminal law? > This has nothing to do with the implementation. Red herring - we're not concerned with just the implementation, we're concerned with Microsoft's behavior as a whole, and whether telemetry as a whole is different between Windows and Linux - the answer to which is a resounding "yes", because the exact same data going to Microsoft is far more likely to be exploited (not for the user's benefit) commercially than data going to the KDE foundation. So, sure, it's not related to the implementation - and that's irrelevant. > That sounds to me like a bug or glitch that someone should fix. Ubuntu or KDE could also manifest such bugs, I guess we're just lucky they haven't. This issue has been around for years and noticed by thousands of people on the internet, so if it's not intentional, then it's gross negligence, signifying a complete lack of concern for user privacy...that is not shared by Ubuntu or KDE. But, given Microsoft's past history of user abuse, compared with KDE's non-existence history (and Ubuntu's questionable status), it's rather more likely that it's intentional. > It's possible to change that. You can just read the Ubuntu privacy policy that I posted. Windows also has a similar privacy policy, you should do a search for it if you're interested. A snide and absolutely useless reply. My point, which you conveniently missed, was that I don't understand what Ubuntu or Microsoft collect because their privacy policies are obtuse, not because I haven't read them. If you were actually concerned about seeing what data was collected, you would have read the Ubuntu policy and then seen that it does not make clear what data is collected. For instance, on that page, there's a sentence: "Canonical may collect non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, referring site, and the date and time of each visitor request." ...that doesn't enumerate the complete list of "non-personally-identifying information" collected...and all of that applies a hundred times more to Microsoft and Windows, with Canonical being exceptional in being this bad for Linux distros. I also noticed that you didn't include a link to the Microsoft telemetry privacy policy. Perhaps that's because you weren't actually able to locate it yourself, just like I wasn't? For instance, let's search for "Windows Telemetry Policy" on DDG[1] - none of the first-page results are what we want. Meanwhile, "KDE telemetry policy" returns the document you linked and one on their telemetry philosophy on the first page. (I couldn't find anything on the Ubuntu telemetry) Meanwhile, if you were to actually go and read the generic Microsoft privacy policy[3], you would see that it is so vague as to not allow you to understand what is actually being collected - like I said. > Actually I have not done this, I mentioned they're different, and I explicitly explained how you shouldn't be afraid, uncertain or doubting anything. Except you didn't - you made vague false equivalences meant to try to portray Linux telemetry as being similar to Microsoft telemetry (even though you couldn't actually provide the technical details to back it up), meant to instill fear, uncertainty, and doubt in Linux by trying to associate Microsoft's brand of "telemetry" with them. You also didn't explain away any worries about Microsoft's telemetry itself. [1] https://duckduckgo.com/?q=windows+telemetry+policy
[2] https://duckduckgo.com/?q=kde+telemetry+policy
[3] https://privacy.microsoft.com/en-us/privacystatement |
I just find this to be not convincing, sorry. It doesn't matter that it's in a different league, they're always going to be different because the requirements are different. And it doesn't really matter that users can switch to a different distro either, what seems to be happening is that the more popular the distro gets with Windows users, the more telemetry it seems to gain. Saying "you can just switch" is more of the same reason why Linux is not popular to begin with. People don't want to keep switching to a new distro every 6 months to evade crapware because some vendor went rogue. So they just suck it up and deal with it all up front from Microsoft.
"For almost everyone, except possibly you, this is a huge point."
Please avoid making these assumptions, see my other comment. This is not about me because I don't use Ubuntu, this would be specifically about those Ubuntu users.
"Opt-out and opt-in anything are completely different, both in a conceptual sense, and in an actual privacy sense."
I get what you're saying but this is one of those things that just doesn't work when it's opt-in. Using one of your examples, social security is another thing that would not work if it was opt-in.
"we're concerned with Microsoft's behavior as a whole"
I don't see why this matters. Microsoft is a huge company, you can cherry pick examples of bad things and good things they do to try to prove a point, just like with the Linux community. In fact the whole point of open source seems to be that companies can commercially exploit the source code without paying. I get what you're saying about the KDE Foundation but that's just it: you've made a value judgement based on their privacy policy, other users can do the same thing about Microsoft and come to the same conclusions, and in fact millions (billions?) of them already do.
"This issue has been around for years and noticed by thousands of people on the internet"
So have many other bugs unfortunately. I just haven't seen any reason to suggest that this one is intentional versus any other bug, what you've made is a guess. If you have some hard data I'd love to see it.
"A snide and absolutely useless reply. My point, which you conveniently missed, was that I don't understand what Ubuntu or Microsoft collect because their privacy policies are obtuse, not because I haven't read them."
Please stop assuming bad faith, this is not helpful. If you're having trouble understanding it then let's go through it together and we can try to clarify. It should be easy enough for us if we put our heads together, those policies are written for laypeople.
"'Canonical may collect non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, referring site, and the date and time of each visitor request.' ...that doesn't enumerate the complete list of "non-personally-identifying information" collected.."
So that would be whatever your web browser transmits, not strictly under the control of Canonical. I suspect that's why they can't say more there.
"and all of that applies a hundred times more to Microsoft and Windows"
If you could mention some things you're confused about then we could work through it. Just let me know, thanks.
"I also noticed that you didn't include a link to the Microsoft telemetry privacy policy."
Well no I figured you could find it because it's pretty prominent when you install Microsoft software or use any of their services. Most companies won't have a "telemetry policy" and I have no idea where you go that term, it always ends up in the privacy policy. And you did post the right link to that privacy statement, that's what I would have posted.
"it is so vague as to not allow you to understand what is actually being collected"
Again please mention what is vague, I'm really not sure what you're referring to, it could be a number of things.
"you made vague false equivalences meant to try to portray Linux telemetry as being similar to Microsoft telemetry (even though you couldn't actually provide the technical details to back it up), meant to instill fear, uncertainty, and doubt in Linux by trying to associate Microsoft's brand of 'telemetry' with them"
I've done none of that and I explained why, my whole reason for posting here is to try to clarify the differences and clear up any fear or uncertainty. Please avoid taking this kind of combative attitude and assuming bad faith, we won't have a productive discussion. I don't really know how to put this any clearer. I am a Linux user trying to explain what is happening with Linux. I don't use any Microsoft products and I don't really care for them. If you're looking to accuse me of disparaging Linux to make it look bad then you're barking up the wrong tree, IMO what really makes Linux look bad is the constant infighting among its community members. I wish people would stop that.