Fedora considering adding in 'privacy-preserving' telemetry

Quite a controversial topic currently floating around is that a change proposal has been made for Fedora Workstation 40 to have some "privacy-preserving" telemetry to "enable limited data collection of anonymous Fedora Workstation usage metrics".

This has generated quite the buzz across pretty much everywhere I look, with many people on both sides jumping in to argue about it. One thing to remember though, is that this is a proposal, nothing has been set in stone and the whole idea could be scrapped or changed a lot as discussions go on.

In summary:

Fedora is an open source community project, and nobody is interested in violating user privacy. We do not want to collect data about individual users. We want to collect only aggregate usage metrics that are actually needed to achieve specific Fedora improvement objectives, and no more. We understand that if we violate our users’ trust, then we won’t have many users left, so if metrics collection is approved, we will need to be very careful to roll this out in a way that respects our users at all times. (For example, we should not collect users’ search queries, because that would be creepy.).

We believe an open source community can ethically collect limited aggregate data on how its software is used without involving big data companies or building creepy tracking profiles that are not in the best interests of users. Users will have the option to disable data upload before any data is sent for the first time. Our service will be operated by Fedora on Fedora infrastructure, and will not depend on Google Analytics or any other controversial third-party services. And in contrast to proprietary software operating systems, you can redirect the data collection to your own private metrics server instead of Fedora’s to see precisely what data is being collected from you, because the server components are open source too.

As for what they might actually be collecting there's all sorts but they're not yet being exactly clear on what, because approval for it hasn't happened as it's early days for the proposal. If they do get approval, it seems then they will work out a clear idea of what to collect. They did suggest some of it may be things like what IDEs are popular, the click-through rate of recommended banners in GNOME Software, what panels are most used in gnome-control-center, what type of hard drive you have, count how many users use a particular locale so they can optimize language support and so on.

Telemetry is not actually a bad thing but the way it has been used in the past is what gives it a bad name. Some companies absolutely abused data collection in the past, and plenty still do. There are ways to do it properly though which they seem to be trying to do by fully informing people here.

What's a little confusing though is their part about opt-in versus opt-out. The way it has been explained could have been better. It seems they want to go for opt-out, with it turned on to collect the data by default but not actually upload anything until you've gone through a privacy page when installing Fedora to confirm it. Disabling it will then send them nothing but it will still collect it locally ready for if you turn it on later. For existing users upgrading, it will be opt-in though, as they don't currently have a mechanism for getting user consent through upgrades. This opt-in / opt-out also has it's own discussion area since it's a big thing.

How do you feel about this idea? Let me know in the comments.