Comment by pabs3

> I don't think Debian intentionally shields you from privacy-invading software

There is a culture of valuing privacy though, including patching out privacy issues. Especially since a lot of Debian folks are from Europe, with corresponding GDPR knowledge.

I know that the lintian warnings pointing out privacy issues in HTML documentation do get a lot of patches.

Also, opensnitch is packaged as a mitigation.

You are right about the policy problem, Debian really needs to do something about that.

There is at least a privacy policy for Debian services.

https://www.debian.org/legal/privacy