[Bug 1070598] Re: Opt-out for dash privacy violates Code of Conduct

Marius Kotsbak 1070598 at bugs.launchpad.net
Fri Oct 26 10:38:14 UTC 2012 

Your IP address in sent only to Canonical (through a proxy), so please
update the description accordingly.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to dash in Ubuntu.
https://bugs.launchpad.net/bugs/1070598

Title:
  Opt-out for dash privacy violates Code of Conduct

Status in “dash” package in Ubuntu:
  Confirmed

Bug description:
  It seems the humor of my last bug report was lost on some so here is a
  serious report.

  In 12.10, a semi-hidden legal notice tells us that by using the dash,
  unless we have opted out, we agree to allow Ubuntu to collect our
  keystrokes, and send them along with our IP address for storage by
  Canonical and selected parties including Facebook, Twitter, BBC and
  Amazon. The only cue to alert the user to this fact are the words
  "Legal Notice" written in small text at the bottom-right corner of a
  window frame. The agreement, according to Canonical, applies even if
  the user has not read the notice.

  I believe a great many people, especially those who have chosen to use
  free software, would not wish to use software that violates their
  privacy in this way. Those people can opt out, IF they notice the
  little "Legal Notice" down the bottom AND click on it to find out what
  is about to be done to their privacy, and what they must do to avoid
  it. Many people would not notice the text, or would not click to read
  it even if they did notice it. After all, they are using free
  software, and supposedly, free software respects the freedoms of its
  users, so it would be lax but not unreasonable for a user to believe
  they do  need to be on the alert, ever-vigilant and looking for ways
  in which free software might violate our freedoms.

  A software package that respected the freedoms of users would not
  operate this "feature" on an opt-out basis, would not make the notice
  overly obscure, and would not claim that simply using the dash without
  even reading the notice constitutes agreement to by spied upon by
  third parties.

  A software package that respected its users, yet wanted to provide
  this "feature", would work the following way. The first time dash is
  opened, a large modal dialogue box would appear with a prominent
  warning message. The user would be explicitly asked whether they
  consent for all of their dash search terms to be sent along with their
  IP address to Canonical, Facebook, Twitter, BBC and Amazon. They would
  have to answer yes or no before they could use the software. The
  dialog would have an optional checkbox to make this preference
  persistent.

  Having an opt-out system which will trick many users into allowing
  their privacy to be violated against their wishes does not respect the
  freedom of choice or privacy of users. It is not compatible the Ubuntu
  Code of Conduct, which states that "we expect members of the Ubuntu
  community to be respectful when dealing with ... users of Ubuntu." It
  is not possible for community members to support the implementation of
  the privacy settings in this way. Distributing 12.10 and promoting its
  use is not respectful of the users of this software, many of whom will
  be tricked into allowing their privacy to be violated against their
  wishes.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dash/+bug/1070598/+subscriptions

More information about the foundations-bugs mailing list