@philm
is this questionable “manjaro data donation” tool included or kept back till the final decission and the clearance about legal and license aspects of mdd ?
@Olly: Your comment is off-topic and irrelevant - Did you read the last comment in that relevant thread?
Is it @linux-aarhus ? If so then i wonder why this mdd is already in the extra-repository, even in stable.
@linux-aarhus There is a concern, so I don’t think it’s OOT. In the QA thread, several users have expressed this concern, as well as the legal issues this feature goes against if it’s opt-out, and this post seems to brush those concerns away with a weird logic.
Basically, “We won’t use opt-in because we’re afraid that people may be annoyed by a pop-up.” There’s room for checkboxes in the installation screens, and there are already questions during updates, so I fail to see the problem. On the contrary, I think it’d pay off to be open and honest about it.
There are regulations and ethical concerns. Also, what happens all those users realize there’s been telemetry all along without their knowing, and without they consent? In Europe at least, this could have a serious backslash, and not only from users. A few distros have become infamous for that.
I only found a privacy policy for the website, not for the software (I probably failed to find the right place). The whole thing should logically hinge on that. Telemetry data is associated with the incoming IP, which clearly identifies the users. What happens next is unknown to the users.
The QA thread was locked, so it’s understandable the concerns pop-up somewhere else, like here.
He asked for clarification on whether something is going to be included in the release candidates that this thread is about. Some may want to know this information before testing.
We could assume it won’t be included, but asking for clarification seems perfectly reasonable and I can’t imagine a better place to do that.
It’s not off topic nor irrelevant.
So people can test it.
The list of packages is included at the github page along with the ISOs.
None of them contain mdd
.
pamac search mdd ✔
python-torchist 0.2.1-1 AUR
The torchist package implements NumPy's histogram and histogramdd functions in PyTorch with support for non-uniform binning.
medict-bin 3.0.1_alpha_dba43c-4 AUR
A cross platform dictionary application,support mdict (*.mdx/*.mdd) dictionary format
cmdd 1.0.2-1 AUR
ConnMan D-bus network state Dispatcher
mdds 2.1.1-2 extra
A collection of multi-dimensional data structures and indexing algorithms
mdd r25.035e262-1 extra
Manjaro Data Donor
Yes, we know it is in the repos, what is your point?
@linux-aarhus
It is a pity, that the Q&A is closed, having this unsolved data protection issues.
And now “Manjaro Data Donor” should be off-topic in further developments…
There were many comments about GDPR. However, what the Manjaro Team is planning isn’t compliant with GDPR, ePrivacy regulation and many national ePrivacy implementations, e.g. the German TDDDG. This is also valid for the current practice of the “ping.manjaro.org”
According to GDPR the current release is already processing the IP-Address of an enduser, the IP-Adress is cleary defined as personal data according to Art. 4 Sec. 1,2, by the CJEU.
In addition, according to ePrivacy and e.g. § 25 German TDDDG, as the data transfer is not technically necessary for running the system, any reading from or writing on the enduser’s terminal equipment requires consent.
This is neither limited to individuals or personal data, means is valid for companies or legal entities and non personal data.
TDDDG be aware even if the article is focussing on Cookies the content is not limited to cookies.
Consent has to comply with consent requirements in Art. 7 GDPR.
In addtion the mentioned legal basis according to Art. 6 Sec 1 lit. f was recently detailed by the CJEU. You need to povide and evaluation about the comparison of the legitimate interests vs. the interests of the data subject. This evaluation also has to be evalutated by the respective DPO.
From my PoV in the current case the interest of the data subject overrule any of Manjaros’ legitimate interests.
But beyond all the legal arguments which require consent, the idea of MDD is against all basic pricnciples of Linux.
- Linux is providing data protection and not breaking it.
- Linux is made fo the enduser and not for any financial or data interest of any distro developper.
- Linux respect human rights
- Linuxis not spying on its enduser
The Manjaro development team should not think about opt-in or opt-out. It should shut down the idea immediately.
Very nicely summarized @bogota,
For me and my user base (business and private) the case is clear,
either there will be a clear statement on the topic within 2 weeks, by November 24th at the latest,
or we will roll out something new/different for our clients and servers (preparations are already underway).
A Linux that goes against the basic principles will unfortunately be thrown out.
The discussion has been going on since 2021 and this was the 2nd attempt and is still being discussed,
this behavior reminds me very much like MS Recall feature…
So unfortunately I have only a little hope that you will change your mind,
but i’ll wait (but not forever), since the topic is old, it needs a result for the future:
- A result which is carved in stone!
@romangg (see my pm concerning SME)
Now we are off topic, it would be better to create a new thread for this, or perhaps wait and see what the team says about mdd
.
Are you sure @dmt, is it really off topic if 24.2 would contain mdd?
However, I tried to open a new topic, but on the category Development/Translation was available, which for me would not be the right place to be with this discussion.
If you instruct me, where to open this as a new topic I’ll do. It is also the question, what this means:
perhaps wait and see what the team says about
mdd
.
Where may they say something?
Beyond this, I think a development like MDD is too fundamental, so shift it away.
This is really starting to resemble trolling…
-
Nobody is forcing you to install
mdd
-
Nobody is forcing you to install Manjaro’s 24.2 Release Candidate
-
Nobody is forcing you to use Manjaro
Here is a meaningful take on MDD. It gives you an insight on what we try to achieve with this tool:
As stated before, we will be very transparent when and how it may be implemented into Manjaro. Since it is a very sensitive topic, we aim to do it the most acceptable and logical way. The source is given and the current provided data by our test users is also available.
mdd
is not included on testing ISOs
manjaro-xfce-24.2-testing-241106-linux612.iso.pkgs
I’ll monitoring this and decide if the final “mdd” is out if to stay or leave BUT @philm @romangg and all other devs:
it’s the total wrong way and behaviour to invent such a application first and start thinking about legal and ethical aspects in second ! that’s not the right order and a bad fault to handle it.
Of course I thought about this before. Don’t you think people can come to different conclusions on topics like that nevertheless?
I created a Poll now about the topic: MDD - Opt-in vs Opt-out
Please continue the discussion there.
This is very nice statement about the freedom of choice.
You are just ignoring, that there is someone who made his choice and want to contine with a product which is respecting the principles of Linux and private data of an enduser!
If this will not be the case, I surely will choose another Linux distro!
The same thing they said with systemd, including proprietary drivers that many people like, Enterprise Distros, paid Distros like Zorin. It’s all too irrelevant.
It’s just realizing that Manjaro is not Google, and not crying so much for a couple of system information that are useful to further improve the system.
Do you want total privacy? Disconnecting the internet from your computer is a reality, not even VPNs, Proxies or whatever you can think of will give you that false sense of privacy.
And it’s already been clarified many times about what they will do with the data and how transparent they are, do you think Manjaro is going to get into legal trouble by lying? It’s absurd. But if you want “pure” distros, you have many others but you won’t have as much support, limited drivers, and even package software.
Opening your mind and heart is not that difficult.
Opening your mind and heart is not that difficult.
That should be valid for all parties. The question is not about privacy, total privacy or Privacy Enhancing Technologies.
The question is about ownership of personal data and data on devices. That’s what I want.
Granting this is not that difficult.
A simple opt-in solution for giving consent on processing of my personal data as well as for data on or from my devices is not that difficult.
Furthermore, I can hear nobody crying and a little bit respect for the opinion of others should not be that difficult.