no easy opt out of telemetry #514
Comments
|
Take a look at our privacy policy: https://github.com/JuliaEditorSupport/julia-vscode/wiki/Privacy-Policy. I do think we are respecting user privacy with the approach we take, i.e. we are never sending anything unless you explicitly opt-in. |
|
I really don't doubt that, but having an annoying pop up that has no way of making it go away permanently in an obvious way reminds of "free" android/windows apps that made me switch to open source in the first place. |
|
I do want to keep a slight nudge to opt-in, rather than an easy way to opt-out. The telemetry data is just super useful for us. Plus, I feel we are way, way more conservative than say VS Code itself (which, as far as I know, shows you one message at startup a la "we will send lots of telemetry, just so you know" and then proceeds). But, here is one concession I'm happy to make now ;) #515 adds a link to the privacy policy to the nagging message. So that should make it a bit easier for folks to find out how to opt out. Does that sound like a reasonable compromise to you? I should also say that in terms of numbers I feel we have found a pretty good compromise with the current setup: I think we heard from about five people that they don't like this behavior, which is really a very low number relative to the user numbers we have. So I think most folks seem ok with the current behavior. |
|
Another way to make things more transparent could be to make the actual data (anonymized of course) or some condensed statistics accessible to everyone, and maybe my own data to me, so I can see where my computer stands performance wise. This way the user gets an actual feeling on what data is being collected and what for, instead of an ominous "we are collecting your data", I am sure very few people actually read the privacy policy. Also data scientists (the Julia target group) will have much more fun with data than with a boring privacy policy ;-) |
|
Ha, that is a fun idea! We would probably have to make sure we don’t run into some privacy law gotchas, and we would have to find a way to export the data from Azure, but that is probably doable, somehow, and I really like this! |
|
Just for the record, I still think you should provide an opt-out button on that pop-up. |
|
vs-code and your extension is really nice, so don't misunderstand me: For our web-site we are currently also struggling with the right balance between getting helpful data and privacy and therefore we had to understand the GDPR regulations that hold since May 2018 in Europe: Usually, the approach is to provide once a default option "no telemetery" and "telemetry" is only switched on if you actively make a click (fulfilled by julia-vscode). The julia-vscode approach to always ask for "telemetry" at start-up (if "telemetry" is not selected) seems to be on the border. You are of course right that Microsoft vscode itself might have a much much larger problem to fulfill the GDPR. Note, Google got recently a 50 Mill Euro fine (see article) for the ads personalization in Android due to "... The amount decided, and the publicity of the fine, are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information and consent." |
|
We never, ever, send anything unless you opt-in explicitly. If you just ignore that notification, we won't send anything. I'm not a lawyer, so I can't tell if that is good enough or not, but I would hope that this is good enough... |
|
If you show someone the dialog often enough, they will almost certainly click on any of the buttons by mistake. I agree that nudging your users towards the choice you want them to make is probably fine, but having no UI at all for opting out feels shady. |
|
There should be an opt-out button. I just clicked "yes" because I finally got tired of closing the dialog for the 1000th time. So now I won't be pestered incessantly anymore, but also think you are behaving like jerks for annoying me in to submission. Is that how you want to be perceived? Edit: Like, I get it. I lead a large OSS project. Telemetry sure would be useful. But I would never dream of foisting something this unfriendly and antagonistic on users just to get it. I came here to report this assuming it was an innocent oversight, it blows my mind that to find out it is intentional policy. |
last time I checked, you could set in the Also: Please be nice to the developers, they put a ton of work into this extension and nobody forces you to use it, there are enough alternatives around. I am grateful to them because not only VSCode users profit from their efforts. |
|
Last time I tried to find the documentation I was confronted with an empty page. There should be a button. Edit: Here's a constructive suggestion: Add a one-time opt-out button, but put an "Are you sure" confirmation dialog on it. Make your affirmative case there that the user should allow telemetry for reasons X, Y, Z. But if they still don't want to allow it (permanently), they can do so. |
|
I'd be happy to accept any PRs that help with the documentation or clarify the privacy policy. I hear the folks that don't like the current default and I can understand your view, but at this point I feel that the number of complaints we have received is so low relative to the user base we have, and the upsides of the current setup for the development of the extension so large, that I think we should just keep things as they are. |
For most people convenience trumps privacy concerns and opting out is only for the more knowledgeable, just as in most parts of the internet. As this was declared a feature and there is no constructive discussion, I will close the issue. |
|
I'm going to leave the issue open, just to have one central place where people can voice their disagreement with the current policy. If the number of folks that are super unhappy with this increases a lot here, we can reconsider the decision. |
|
Please set a number, say 10 who added 1 to the top then you will add a button to opt out. Most user would click the other button after they find one that says agree. Low number of people complaining doesn' t mean users are not concerned. This just shows how successfully you cheat people, or just how often it crashes that people would switch to juno to get the work done. |
|
+1 number of complaints |
|
Your approach violates GDPR and therefore is against the law in Europe (it is impossible to switch telemetry off once). Besides that, think about, if all the other Julia package providers would act in the same way as you: No company/organization in the world want that people outside of the company/organization record activities. E.g. All Microsoft telemetry is switched off at my organization (German Aerospace Center). |
Hold on: you have to explicitly OPT-IN for the extension to ever send a single bit of telemetry. I don't see how that could possibly be in violation of the GDPR.
Sure, and unless you opt-in we won't send any information, ever. If you want us to stop asking you to opt-in, there is a clear explanation in the privacy policy how you can turn that question off. |
Obviously IANAL, but: The GDPR requires consent to be freely given (Recital 32). This implies:
Whether the pressure is inappropriate would of course be up to a judge in the end, but I don't think anyone could argue that getting a dialog without a decline button (potentially over and over) doesn't create some pressure to accept. There's also this:
Not saying the pattern is clearly illegal, but the opposite is also not as obvious as you make it sound. |
|
I don't think one can interpret a dialog that nicely asks as "inappropriate pressure or influence". The text you cite gives an example of an inappropriate pressure: if an employer asks employees to consent. I think it is entirely clear from what we do that there are literally zero consequences for anyone if someone does not opt-in. |
|
I'm new to Julia and was happy to find your VS code extension. Thank you for that. But I have to agree 100% with all the complaints above - not offering a "no thanks" option for telemetry in the dialog is shady, putting your wish as a developer for telemetry above what users wants. Also dismissing the complaints here as low, after already stating that you don't want to change this, isn't friendly. The number of users that find and read a long Github issue discussion will always be tiny for any software in the world. If for you it's really the criterion what users think, you could e.g. make a Twitter poll and ask. I also developed open-source codes and often times wished we had user telemetry. But I don't understand why you want them so bad - if you gave users the option to easily opt-out, and let's assume 80% do that, then you'll still get the telemetry from the other 20%, as I understand 1000s of users. Why isn't that sufficient to develop the extension? @davidanthoff - Please re-consider. |
This comment was marked as abuse.
This comment was marked as abuse.
|
Yes you can -- there even are instructions on how to do that in the pop up: See here for details. Also, please mind your tone. |
This comment was marked as abuse.
This comment was marked as abuse.
|
I'm not going to allow behavior like the one from @kkittykait on this repo and will block anyone who uses such language and starts to personally attack people. Happy to receive constructive feedback, but please keep it civil in tone, everyone here is doing this as their hobby and volunteering their time. |
|
Adding to the chorus here: "It shall be as easy to withdraw as to give consent." is clearly not being respected. I don't see how one can argue that having a pop-up that shows up every time you enter vscode if you don't consent is not pressure. It is not true that there are "literally zero consequences" if you don't opt in: this very thread has in @bryevdv an example of someone who consented to something they did not want to consent to because of the consequences. @davidanthoff please make the dialogue box have both an opt-in and an opt-out button. |
You've gotten lots of constructive feedback here, and casually waved off all of it. I'll reiterate my earlier suggestion:
|
|
I'd also direct you to the latest EDPB Guidelines on consent published May 2020 : https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_guidelines_202005_consent_en.pdf Specifically para 114 regarding consent parity:
(Speaking personally, I do not regarding rooting around obscure JSON config files to be anything like "equally easy" in this context.) As well as paras 87 and 88 regarding obligation to avoid click fatigue:
We are asking you to tackle this issue. |
|
It's my impression that most people would automatically opt-out if they see such an option presented, without taking the time to understand the tradeoffs. So the dark pattern might actually offset another human deficiency. (Opting out is a freeriding action.) Greedily removing bad stuff from a system does not automatically improve the system as a whole. I think publicizing the gathered data should be enough to assuage most privacy concerns, and that the tradeoffs can't be evaluated by us outsiders until then anyway. |
|
@davidanthoff, thank you for keeping this topic open. I’d like to urge you as strongly as I can to reconsider this. I’ve recently convinced some of my coworkers to try Julia and, unfortunately, I won’t be able to point them toward VSCode because of this telemetry policy. We have to work with customer proprietary and otherwise sensitive data. If our IT department sees that there is a window that pops up every time you open VSCode until you agree to send telemetry about your code (in which there may be sensitive data), it will lead to a pretty quick ban across our division. The Pkg.jl telemetry issue already raised some flags for people in our group, so there’s already unease about us using Julia. If this were added on top of that, I’m afraid the Julia language itself could even be disallowed for us. I get that you’re probably only collecting stack traces (or something similar) and not the actual file text, but that won’t matter to anyone’s IT department. It’s much easier to ban things than spend time trying to dive into exactly what’s being collected, especially when there is no easy way to get that information. Thank you (and everyone else working on it) for making and maintaining this extension. I know that the telemetry data is helpful for catching issues and that making it easy to opt out of will significantly reduce the amount of data you have to work with, but I would still ask you to reconsider. |
|
Actually, the sentence after the one @bryevdv posted from paragraph 114 of the EDPB Guidelines pretty straightforwardly applies to this case too.
@davidanthoff, @pfitzseb, I don't see how this could possibly be interpreted in a way that doesn't find the julia-vscode extension in violation. |
|
Instead of yes/no, how about three options:
By providing a middle ground, you could satisfy users who want to help out, but are wary of ongoing collection. |
I'm not a developer of the plugin nor a lawyer, but it doesn't look like anything in the current telemetry dialog breaks this rule. Click the button at the bottom ("yes") to consent, or click the button at the top ("X") to withdraw. When starting the extension in e.g. a week one may change his mind, so it makes sense that the dialog pops up again (sometimes). |
If "yes" is selected, the dialog never pops up again. If "X" is selected, the dialog pops up whenever vscode is started. So this is unsymmetrical and against DSGVO. |
|
@aplavin , this section is about withdrawing consent, which is different than not giving it in the first place. To withdraw consent after you've already given it, you have to go into a JSON file and edit the |
The telemetry dialogue does not provide a button "I do not want to send telemetry", the only thing you can do is to ignore the dialogue, which will pop up at every restart of VSCode, or go to the options and and change the value of
julia.enableTelemetrytofalse.It took me 10 minutes to do figure that out, is annoying and gives a bad impression about the plugin's respect for user privacy (it is about actions not statements).
And btw, does the plugin send telemetry if you ignore the dialogue?
The text was updated successfully, but these errors were encountered: