[eterevsky]

> Being enrolled in a study should require prior informed consent.

It's right there in the License Agreement that you accept when you install VSCode. And unlike some other EULA's, it's close to the beginning of the document, easy to read, describes data usage and explains how to opt out of it. I honestly don't see what more can they do to get user consent.

You might argue that many users don't read License Agreement and I would agree with you concerns IF this condition was unexpected and/or malicious. In this case it is neither.

> Harvesting data without permission is just exploitation.

Exploitation is just a word. I could also call your usage of VSCode "exploitation" because you are exploiting the work of MS engineers.

What matters is whether it does any tangible harm or not. In my view it doesn't.

> Moreover, not everyone is like you.

That's why I added a caveat "unless you are very paranoid".

> This type of rhetoric is often used to dismiss accessibility concerns

I don't see what accessibility has to do with it.

[tempodox]

> That's why I added a caveat "unless you are very paranoid".

So everyone who disagrees with you has to be “very paranoid”? You may not agree with or understand the motivations of others, but summarily disparaging them is bad form.

[eterevsky]

I'm sorry, "very paranoid" is just a colloquial way of saying "very security conscious".

[hamburglar]

I think part of the issue that the “very security conscious” people are wary of is trusting an entity like Microsoft not to quietly increase what data they are collecting beyond what is actually beneficial to users. I love the idea of using telemetry to improve products and I know that crash reporting, when introduced back in office, led to fixes for an absolutely staggering number of bugs (I worked at MSFT at the time and know that crash reporting led to legitimate and gigantic leaps forward in software quality), but I also think the agreement needs to be very very explicit about what types of data they will collect and include promises that they won’t be expanding this definition for other purposes. They really need to spell out, in plain and convincing language, that they understand this concern and promise not to violate that trust in order for me to check the “yes, collect my data to improve the product AND FOR NO OTHER REASON” checkbox.

[digisign]

It won't happen because the powers that be don't want it noticed much less spelled out in 24pt bullets. Even if there were some kind of enlightened CEO that set policy, it would just be a few quarters before (being replaced by a Balmer-clone) that said-policy would get thrown out the window.

The EULA you agreed to would no longer apply, and no software provides EULA diff tools.