Comments (8)
CNCF's parent, the Linux Foundation, recently conducted its GPDR audits. Based on my reading, Google Analytics (GA) is compliant with GDPR as long as no Personally Identifiable Information (PII) is captured, which it's not in this case. So, whether charts should default to supporting analytics is not, I believe, a legal question.
It does seem one that should be addressed by the Helm project maintainers and that could presumably be escalated to the Kubernetes Steering Committee.
For prior art, I would point to the Homebrew package manager, which had some controversy about using GA, and put together a clear explainer of what they were doing and how a user could turn it off.
https://github.com/Homebrew/brew/blob/master/docs/Analytics.md
https://news.ycombinator.com/item?id=11566720
Cc @michelleN
from toc.
To add my point of view, as I started with opposing the default:
My biggest concern (not my only one, though) is with regards to GDPR. I'm in the EU and the GDPR is a Big Thing:tm: over here. I'm not a lawyer or versed in legal issues in any way, but from what I've been told, it's very important that end-users in the EU need to explicitly approve any form of tracking. Defaulting to allow
is not allowed any more.
I proposed two solutions to the developers:
-
Switch to default
disallow
and make a plea in the README and/or NOTES file to the user to enable the tracking. This would be my preferred solution. -
Do not default the value at all, but require the user to make a conscious decision about it. This will make the Chart a little bit more work to install, but it solves the problem with the tracking while still leaving it up to the end user.
Defaulting to allow tracking is Not Done, imho. It's always been rather questionable and we're seeing more and more backlash against it (which I personally think is not unwarranted), so I expect a lot of users would not be amused by having the default set to allow tracking. There's no legal argument in that sentence, I'm aware, just wanted to voice my opinion as well.
from toc.
cc: @dankohn @bgrant0607 @technosophos @mattfarina @timstoop @unguiculus
from toc.
Thank you for your reply! That takes away the legal concerns then. I'll take the moral concerns to the project maintainers and have them decide whether it should be escalated to the Steering Committee or not.
from toc.
I'll close then unless @tamalsaha wants to add anything, but if you open an issue on the Helm repo can you please paste the URL here to link them for posterity.
from toc.
What is the full set of data sent to Google Analytics? This is not documented in the other PR or cli options, so it is hard to be sure if it is PII, or indeed reasonable or not.
from toc.
Thanks Dan! I think we can start having a discussion with those thoughts in our minds. Let's close this out and bring the discussion back to the charts/helm dev calls and report back.
I've filed a ticket here for discussion: helm/charts#4697
from toc.
Thanks @dankohn ! This is immensely helpful .
@justincormack , to answer your question, this is the actual logic, https://github.com/appscode/stash/blob/master/pkg/cmds/root.go#L36 .
Say, my cli has a command mycli get pods
. Then we compute a client_id by taking md5 hash of clusters master ip. Then we send an event to GA where category=myapp, action=get/apps, version=git-version . If you have further question, please ask in the charts issue. I am happy to answer.
from toc.
Related Issues (20)
- Define a process for WG lead transitions HOT 4
- [Incubation] Tekton Incubation Application HOT 2
- Request for Review: TAG App Delivery - WG App Development HOT 10
- Health of Carvel project HOT 7
- [HEALTH]: Skooner project
- [Incubation] WasmEdge Incubation Application HOT 4
- [Incubation] Fluid Incubation Application
- [VOTE] TAG Environmental Sustainability TL - Saiyam Pathak HOT 16
- [Incubation] KubeArmor Incubation Application HOT 1
- [VOTE]: Roberth Strand as a Tech Lead for the TAG App Delivery HOT 10
- [Incubation] wasmCloud Incubation Application HOT 1
- Understand the project proposal process and reqs: https://github.com/cncf/toc/blob/main/process/project_proposals.md#introduction HOT 1
- [Incubation] Lima Incubation Application
- Add application context to moving levels templates
- Change "engineer" requirement to be on the TOC HOT 10
- [Graduation] Dapr Graduation Application HOT 3
- DTR WG: New General Technical Review Questions for Projects HOT 1
- [Graduation] Dragonfly Graduation Application
- [ARCHIVE] Curiefense HOT 1
- [ARCHIVE] (Migrate) OpenMetrics HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from toc.