Comment by kuratkull
4 years ago
As a software engineer I disagree. You are saying that you want to collect my personal information so you can fix your bugs. I don't see it being a valuable trade. I'll just find someone who can fix their bugs without tracking me.
>You are saying that you want to collect my personal information so you can fix your bugs.
How do you define personal information? Let's use Chrome as an example. Recording what website I visit is clearly personal information. What about recording how many tabs I have open, how much RAM each tab is using, and when each tab was last viewed? Is that personal information to you? I personally don't value keeping that private and it is probably a valuable piece of information that could help the developers improve what has been one of the biggest user complaints about Chrome since almost its release.
I think that is generally OP's point. Each piece of data exists on a spectrum in value for both the user and the developer. Data should be kept private when it has value to the user. There is little harm in sharing the data with the developer when the user would deem it low value and the developer would deem it high value.
It's pretty easy to understand what information is technically static and could be used to track you. Number of tabs: low possible range and pretty variable, even for tab hoarders, so it's low entropy information. Amount of RAM used in each open tab: that should be statistically significant and I'm pretty sure could be used to identify people if there are enough tabs open for a long enough period. When each tab was viewed: every (not-)clicked tab is a bit of information, you don't need much to narrow down a person. Interesting reading on de-anonymizing people on seemingly anonymized data: https://www.wired.com/2007/12/why-anonymous-data-sometimes-i...
Telemetry isn't okay simply because it can't be used to track someone. The number of tabs I have open isn't identifiable information, but it's still my private information, and should not leave my computer without my advance consent. Using my computer hardware to transmit my usage activity (even my unidentifiable usage activity) without my consent is a dick move.
My usage data is mine, as is my hardware and network connection.
You are going beyond my example by saying this information can be used to track you. This is the only information collected in my example. It is not associate with any other information so there is no value in trying to deanonymize it.
Perhaps it is better if I approach the question from a different angle. What is the downside of someone having this specific information about you? Can you think of a single negative repercussion from someone knowing how many tabs you have open? That is the fundamental point here.
The idea that all information related to a user should inherently be private just seems like a needless draconian standard and one that didn't exist in the pre-digital age. The privacy value of each piece of information can vary wildly. Some of it deserves protecting. Some of it doesn't.
Personal information is a bit nebulous. Do we consider the list of function calls in a stack trace "personal information"?
If I sent the stack trace to you, no. Otherwise, yes. It's my stack trace after all.
(Perhaps "private" not "personal" is a better term here, but stack traces can expose personal information too, if they include details about function arguments.)