Not parent but it's something that's been bugging me for a while (especially since I work in a field where you often have to debug based on field logs from three weeks ago from a device halfway across the world). My two cents, I think telemetry is OK if:
* It has a retention policy that ensures a data breach five years down the road won't compromise five years' worth of relevant data. 30 days of full data + maybe an year of relevant analytics (but no detailed data) are more than enough to improve software. Five years' worth of data, even if it's not strictly speaking personal data, can make identity theft trivial.
* The processes and criteria for who gets to access that data and in what manner are clear, transparent, enforceable and can be subjected to appeal by any user. Can I be reasonably sure (i.e. based on public, legally-binding statements from Microsoft) that, for instance, a Microsoft employee who has a beef with me won't be able to stalk me based on that data?
* For a large system or a piece of hardware, if I can have a reasonable assurance that, at least in the short-term (1-2 years), the data won't end up being used for ad targeting. An OS or a piece of hardware is something that you don't switch that often. If I make a purchase, I'd like to be sure that the reasons why I made it remain valid for a while.
"Makes the product better" is a great reason and I'd wholeheartedly support that, as long as I had an assurance that my data is handled responsibly.
I'm just sayin' -- if I break the terms of doing business with Microsoft (e.g. by using a pirated copy), there's a good chance that some DMCA organization comes knocking at my door and the best I can hope for is an out-of-court settlement that ruins me. I sure as hell expect that, if Microsoft breach the terms of doing business, someone can go knocking at their door and the best they can hope for is an out-of-court settlement that ruins them. That's why I insist on "legally binding". A blog post that says we totally don't spy on you is something that you can breach without any real consequences.
Until that's the case (or, you know, until there's no data being siphoned...) I can do my work on Linux just fine, I don't need no damn WSL :-).
* It has a retention policy that ensures a data breach five years down the road won't compromise five years' worth of relevant data. 30 days of full data + maybe an year of relevant analytics (but no detailed data) are more than enough to improve software. Five years' worth of data, even if it's not strictly speaking personal data, can make identity theft trivial.
* The processes and criteria for who gets to access that data and in what manner are clear, transparent, enforceable and can be subjected to appeal by any user. Can I be reasonably sure (i.e. based on public, legally-binding statements from Microsoft) that, for instance, a Microsoft employee who has a beef with me won't be able to stalk me based on that data?
* For a large system or a piece of hardware, if I can have a reasonable assurance that, at least in the short-term (1-2 years), the data won't end up being used for ad targeting. An OS or a piece of hardware is something that you don't switch that often. If I make a purchase, I'd like to be sure that the reasons why I made it remain valid for a while.
"Makes the product better" is a great reason and I'd wholeheartedly support that, as long as I had an assurance that my data is handled responsibly.
I'm just sayin' -- if I break the terms of doing business with Microsoft (e.g. by using a pirated copy), there's a good chance that some DMCA organization comes knocking at my door and the best I can hope for is an out-of-court settlement that ruins me. I sure as hell expect that, if Microsoft breach the terms of doing business, someone can go knocking at their door and the best they can hope for is an out-of-court settlement that ruins them. That's why I insist on "legally binding". A blog post that says we totally don't spy on you is something that you can breach without any real consequences.
Until that's the case (or, you know, until there's no data being siphoned...) I can do my work on Linux just fine, I don't need no damn WSL :-).