Comment by slg
4 years ago
>So why does $product need to send telemetry data via google?
Because Google is responsible for most of the software on said product. Who would be receiving that telemetry data if it wasn't Google?
>Why can highly complex software that runs most of the worlds internet infrastructure (linux) work without telemetry?
First, this is a false premise because it ignores the potential that telemetry could help improve this software but most Linux distros have decided against it for other reasons. Secondly, it ignores that some distros do in fact include telemetry.
>Why is telemetry not opt-in
It probably should be when it comes to something that has potential to invade privacy, but we have to be realistic that practically no one will actively turn on telemetry if it is initially set to off. That drastically decreases the value of the collected data and it basically turns into nothing more than something customer service can tell someone to turn on while trying to troubleshoot a specific issue.
>or relies on reports in situation where a bug causes an issue like firefox crash reports?
Telemetry isn't just about bugs. It is also about guiding future development, knowing what features are used, knowing the workflow for users, etc. It can provide value beyond crash reports.
>I'd rather have privacy and buggy software then bug free software in exchange for no privacy at all
This is completely fair. I would generally agree with you and bet that most HN readers would too. However this is not a binary choice. Not all telemetry is inherently bad. Not all loss of privacy is inherently damaging. This is a complicated issue that will involve compromises and anyone sticking to a complete extreme of it being all bad or all good isn't going to offer anything productive to this conversation.
> Because Google is responsible for most of the software on said product. Who would be receiving that telemetry data if it wasn't Google?
Depends, on Android maybe. On my Android Device, not really i don't use google software with the exception of the core android system without gplay services. On iOS, the HTML Based Web, or Desktop Systems, I see no need for google to exist. If you need telemetry, run your own damn telemtry server instead of feeding the FAANG Privacy nightmare even more.
> First, this is a false premise because it ignores the potential that telemetry could help improve this software but most Linux distros have decided against it for other reasons. Secondly, it ignores that some distros do in fact include telemetry.
Distros may, Linux itself does not. The fact that the majority of Linux Distros work just fine without telemetry shows that large scale software developement and deployment work just fine without invading peoples privacy needlessly.
> It probably should be when it comes to something that has potential to invade privacy, but we have to be realistic that practically no one will actively turn on telemetry if it is initially set to off.
so, if given the fair and free choice everyone will chose against telemetry? And that doesn't make you ask yourself "are we the baddies?".
> That drastically decreases the value of the collected data and it basically turns into nothing more than something customer service can tell someone to turn on while trying to troubleshoot a specific issue.
So, wheres the problem here? Sounds EXACTLY how a good telemetry system should work. If the bugs don't bother the users there's no need to invade their privacy to fix them, if they do bother them, telemetry can be a tool to help them. There's no need to generate "valuable data" except to invade peoples privacy.
> Telemetry isn't just about bugs. It is also about guiding future development, knowing what features are used, knowing the workflow for users, etc. It can provide value beyond crash reports.
Why is it any of your effing buisness what my workflow is like? If i need a feature i request it. This shit is only accepted because the majority of users lack a meaningful understanding of the depth of invasion by app and web developers into their privacy.
>Depends, on Android maybe. On my Android Device, not really i don't use google software with the exception of the core android system without gplay services. On iOS, the HTML Based Web, or Desktop Systems, I see no need for google to exist. If you need telemetry, run your own damn telemtry server instead of feeding the FAANG Privacy nightmare even more.
The article is specifically about the mobile OSes and the default apps and services. I'm not sure why your general complaint about third parties using FAANG tracking is relevant here, but I have no argument against it.
>Distros may, Linux itself does not. The fact that the majority of Linux Distros work just fine without telemetry shows that large scale software developement and deployment work just fine without invading peoples privacy needlessly.
You are doing the same thing again. You are assuming a level of "work just fine" without having a comparison for what it would look like with telemetry. Ignoring the privacy issues for a second, can you say definitively that Linux would see no technical improvements from developers having access to telemetry data?
>so, if given the fair and free choice everyone will chose against telemetry? And that doesn't make you ask yourself "are we the baddies?".
Because the benefits of telemetry are widespread while the downsides are localized. The incentive for an individual user to participate is low and isn't well understood so they will default to off. Expand that to everyone and you end up with the tragedy of the commons.[1] It has nothing to do with skulls on a cap, it is basic individualized economic incentives playing out that lead to less than ideal results for the whole.
>So, wheres the problem here? Sounds EXACTLY how a good telemetry system should work. If the bugs don't bother the users there's no need to invade their privacy to fix them, if they do bother them, telemetry can be a tool to help them. There's no need to generate "valuable data" except to invade peoples privacy.
>Why is it any of your effing buisness what my workflow is like? If i need a feature i request it. This shit is only accepted because the majority of users lack a meaningful understanding of the depth of invasion by app and web developers into their privacy.
Once again you are returning to bugs. This is about more than just bugs. Very few pieces of software are published and then abandoned beyond bug fixes. Today most software needs to constantly evolve and add new features. Maybe you are the type who will request those features from a developer in official channels, but that isn't common.
Also most users will simply decline when presented with the option to submit a bug report. They just don't see the a strong enough or immediate enough connection between a bug report and the bug being fixed. I would bet any developer who has spent time informally talking to their users would have heard some complaints about their software that were never previously voiced through official channels. That is just the nature of things. A developer will get more valuable data if they don't leave the sending of this information up to the whims of the user in the moment when a bug report screen might appear in front of them.
[1] - https://en.wikipedia.org/wiki/Tragedy_of_the_commons
Your arguments all ultimately focus on the value telemetry generates for the company, not for the user. These two should theoretically coincide, but in practice, they don't. Telemetry may be a fine thing in the abstract, but it's mostly used in a very hostile manner.
People would be more comfortable with telemetry if they could trust it's being used only to fix bugs and improve workflows. The reality is far from that, though. Telemetry's main use in end-user software is to provide data to direct various aspects of development that ultimately boil down to: how can we extract more money from our users? That's part of the reason we get dumbified apps full of questionable design decisions and user-hostile anti-features. Instead of asking people what software they want, "data-driven" companies are just setting up a control system around their users, with changes in the software being meant to influence behavior towards better monetization.
Until that gets fixed, I'm going to keep preemptively blocking any and all telemetry. I'm also very happy that GDPR forced companies to surface a lot of hidden surveillance, and that I can just dismiss all these notifications knowing I'm legally opted out by default. To the extent I am in fact opted in - i.e. companies literally breaking the law - I yearn for the day DPAs in member states get serious about issuing fines. Until then, the next time I spot telemetry enabled by default, so help me God I'm filing a GDPR complaint.
> You are doing the same thing again. You are assuming a level of "work just fine" without having a comparison for what it would look like with telemetry. Ignoring the privacy issues for a second, can you say definitively that Linux would see no technical improvements from developers having access to telemetry data?
"works just fine" in this case means "is the backbone of the global internet infrastructure". Could it potentially be better with telemetry? Maybe. Could it potentially be better if linus torvalds personally surveils all interactions with any technology i have, no matter how private? Likely. Could it be become better if i stick a probe up my butt to measure frustration when using any product? Sure. What an asinine argument, of course telemetry can make software better in some cases but the global invasion of privacy of literally every computer user is not a worthwhile trade off for some bugfixes and giving POs some rough idea of user interaction to ignore anyway.
> Because the benefits of telemetry are widespread while the downsides are localized. The incentive for an individual user to participate is low and isn't well understood so they will default to off. Expand that to everyone and you end up with the tragedy of the commons.[1] It has nothing to do with skulls on a cap, it is basic individualized economic incentives playing out that lead to less than ideal results for the whole.
the downsides are my privacy and the privacy of millions of user who frankly do not understand the implications of it is invaded for some fringe benefit to the developer. It's not a tragedy of the commons situation but abusive behavior from developers targeting users that don't know any better. Thought Experiment: If every person on the planet would magically gain a deep understanding of how telemetry works, what would the vast majority chose to do? Get it out of their live as much as possible. Would you give someone detailed data where you take your car, at what speed, at what time, with the added benefit of governments gaining access to that data so that you use 5% less wiper fluid?
> Once again you are returning to bugs. This is about more than just bugs. Very few pieces of software are published and then abandoned beyond bug fixes. Today most software needs to constantly evolve and add new features. Maybe you are the type who will request those features from a developer in official channels, but that isn't common.
This has nothing to do with bugs. I don't need google or mozilla to know how i use my webbrowser. It's none of their fucking buisness in any way shape or form. If it crashes enough i will either complain or use a different product. If they want to know what improvements they should make or how they should evolve their product they can ask me. openly, freely and with consent. If 99.999% of users do not care to answer, then that's fine. Just because you can invade my privacy to improve your product or evolve it doesn't mean you should or should be allowed to do so. In fact it should be fucking illegal without explicit, well informed consent.
> Also most users will simply decline when presented with the option to submit a bug report. They just don't see the a strong enough or immediate enough connection between a bug report and the bug being fixed. I would bet any developer who has spent time informally talking to their users would have heard some complaints about their software that were never previously voiced through official channels. That is just the nature of things. A developer will get more valuable data if they don't leave the sending of this information up to the whims of the user in the moment when a bug report screen might appear in front of them.
This is just insane. If a User doesn't care enough about a bug or a crash to fill out a bug report or voice their opinion on it why do think you can just invade their privacy instead? Just because almost everyone can't be bothered to answer surveys on the phone should survey designers just decide to go and analyse everyones trash instead without asking? It's valuable data after all and most people don't answer surveys. Why don't we just go ahead and track everyones movement while we are at it. I'm sure we can improve traffic flow with that valuable data. Just because most People wouldn't like that doesn't mean we cant just invade their privacy because we think we know better.
God, i hope the EU gets their shit together with the GDPR someday and fines devs and companys like that out of existence.
This argument does not hold because you can compare Google to Apple (in this case and based on the article) and say that if this was the case, then Apple which gathers less data would have inferior (more bugs, slow feature development, etc.) than Google. I see the competition, which is Apple in this case, doing relatively fair without (presumably) gathering as much data, therefore I absolutely don’t buy this claim.
Funny enough you are saying my argument doesn't hold but your reasoning actually falls perfectly in line with my comment.
The argument isn't that all telemetry is good or that we should accept any level of it.
The argument is that all telemetry is not inherently bad.
As the article states, Apple does telemetry too. If you are ok with Apple and not Google, you are agreeing with me that this is a nuanced issue and the specific level of telemetry needs to be debated. If you are taking the stance that all telemetry is bad. You need to find another company to champion besides Apple.
I agree with you that not all telemetry is bad and as a software engineer I understand the value of it. What I am trying to say is this kind of argument has been used by the likes of Google, Apple, Facebook, etc. as an excuse to collect an excessive amount of data (even sometimes illegally) and that’s the reason I pushed back against it. As you correctly mentioned, this is a complex issue. For example, there is no way for most users to differentiate between what could be useful and what is unnecessary violation, what privacy breach is severe and what is not. Until we have a practical solution to these problems, I won’t trust those companies to play ethical and only use my data in good harmless ways. As for Google, it’s worth keeping in mind that we are talking about a company that intentionally misleads users in occasions to collect their data.