Comment Ubuntu 18.04, launched last month, included a new Welcome application that runs the first time you boot into your new install. The Welcome app does several things, including offering to opt you out of Canonical's new data collection tool.
Ever since Edward Snowden confirmed so many once outlandish conspiracy theories, the technically savvy audience of Linux users - those who care about their privacy - have been (understandably) ultra paranoid about any data collection
The tool also provides a quick overview of the new GNOME interface, and offers to set up Livepatch (for kernel patching without a reboot).
In my review I called the opt-out a ham-fisted decision, but did note that if Canonical wanted to actually gather data, opt-out was probably the best choice.
I did not anticipate the firestorm this data-gathering tool would generate within the Linux community. Unfortunately, the controversy is built on misinformation I've seen produced by several articles, blog posts and especially YouTube videos. These sources seem to possess such a weak grasp of the truth that, I think, before we go further, there's one thing that must be said very clearly: Canonical is not "spying" on users.
Canonical wants to know a little about the hardware users are running Ubuntu on. If you do share the data about your hardware - size screen, chip, RAM, flavor of Ubuntu, whether you enable Livepatch and a few other things – you will, I believe, likely be helping make future distros of Linux better.
If you don't want to tell Canonical, you can easily opt out. In the 18.04 Welcome app, there's also a link to view the JSON file with the data you'd be sending to Canonical. It doesn't get any more transparent than that.
In my initial review of 18.04, I noted that the whole opt-out UI was very well done, making it simple to see exactly what data Canonical was gathering. You can click to view the actual data sent.
I don't know of any other data collection by a large company that offers that level of control. Firefox, which has been shipping with an opt-out data collection tool for many years, does not – so far as I know – give you access to the actual data file sent.
Also, I fell victim to something that I think is rampant these days, especially among more tech-savvy users: paranoia about things that report – well – anything to anyone. I also said that I had opted out of Canonical's data collection. I did that because I – like you – am paranoid about sending my data to anyone for any reason.
Ever since Edward Snowden confirmed so many once outlandish conspiracy theories, the technically savvy audience of Linux users - those who care about their privacy - have been (understandably) ultra paranoid about any data collection. So when people hear Ubuntu 18.04 is collecting data, it sounds bad.
But the problem here is not Canonical and it’s not data collection in and of itself. In this case, the data is very simple, totally anonymous (the server doesn't even record the IP it's sent from), and - most importantly - clearly disclosed so that you can decide for yourself if you're comfortable sharing it (if you already installed and can't find your way to the JSON file, here's a sample).
No, the problem here is much deeper - and more difficult to solve. What generated the controversy, in my view, is the need for click-baity headlines in this day and age of advertising-driven, small publishers.
Combine the deep-rooted, well-founded suspicion of the average Linux user with the opportunity to make money on YouTube and you've pretty much got a recipe for needless controversy. Linux is hardly unique in falling victim to that.
Some YouTubers and writers have become experts at manipulating our fears, playing off them to generate clicks that they turn into a few pennies while throwing Ubuntu, Canonical and the larger Linux community – that's you and me – under the bus.
Canonical makes an easy target for this sort of thing because it's the closest thing Linux has to a household name.
The fallout is that now, half-a-dozen videos and articles litter the web spreading – at best – half-truths, and in most cases, incorrect technical solutions that may well screw up your installation should you be so foolish as to blinding type in terminal commands you find on the internet.
Canonical developer advocate Martin Wimpress (who, among other things, is responsible for Ubuntu MATE) pointed out in recent episode of Jupiter Broadcasting's Linux Unplugged show, that several of these videos claim the solution is to remove a package that – wait for it – has nothing to do with data collection.
The "solution" being pushed would be ridiculous, even if they those pushing it do figure out how to use
dpkg-query to find out which packages own what files. It would be ridiculous, because if you uninstall rather than opt out, Canonical never knows you opted out and you've lost your chance to let the Ubuntu-maker know you didn't like the data collection.
Those pushing this so-called solution would probably be the first to complain when the next release of Ubuntu doesn't offer them anything new or helpful, and will never consider that perhaps their decision to not tell Canonical anything useful might be part of the reason behind that decision.
That's not real problem here, though. The problem comes by allowing such writers create this tempest in a teapot and scare way other projects from doing the same sort of data collection. We're forcing developers to work in the dark and then complaining when we don't like the results.
Take GNOME for instance. GNOME is rather famous for removing features (it is talking about removing the ability to launch apps from the file browser, although it hasn't actually decided for sure yet). Perhaps, if GNOME started gathering some basic data on a larger scale about how people use GNOME the project would make different decisions.
Small developers have an even harder time with this sort of thing and if they think they're going to have their projects labeled as "spyware" and angry YouTube videos posted, they're never going to even try getting data. They're going to continue developing in the dark and all of us will suffer for it.
Before you ask: no, I don’t think you should automatically opt in to every bit of data collection every piece of software wants. There is a middle ground; there are some companies doing it right, some doing it wrong. The question of whether you should opt into to Canonical's data gathering is something you alone must decide.
But decide it by reading the dialogs, looking at the actual data being sent, and considering the companies that want the data. Don't let ranting videos and articles playing on your fears and make your decisions for you.
Me? I went back and opted in to Ubuntu's data collection because I use Ubuntu (both Kubuntu and Ubuntu Server) and I want to help it get better. ®