www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emilian Bold <emilian.b...@gmail.com>
Subject Re: What kind of metrics / telemetry is an Apache project allowed to record?
Date Wed, 01 Nov 2017 17:25:23 GMT
Note that JMeter has an UI. Of course, lots of people run it on some server.

--emi

Pe 1 nov. 2017, la 19:21, Konstantin Boudnik <cos@apache.org> a scris:

> The Privacy Policy (or a Disclaimer) is an important piece of this
> equation, indeed. The interesting part is how to make sure a user sees
> and understand it in case of projects like JMeter or Ignite where very
> little visual interaction is happening between the end-user and the
> software. Which I'd say is pretty generic case for the server-side
> software platforms and applications.
> 
> --
>  With regards,
> Konstantin (Cos) Boudnik
> 2CAC 8312 4870 D885 8616  6115 220F 6980 1F27 E622
> 
> Disclaimer: Opinions expressed in this email are those of the author,
> and do not necessarily represent the views of any company the author
> might be affiliated with at the moment of writing.
> 
> 
>> On Wed, Nov 1, 2017 at 10:16 AM, Alex Harui <aharui@adobe.com.invalid> wrote:
>> I'm not sure what other projects are looking for, I'm just explaining what
>> we did that seems to be ok.  We think we are getting "good enough" data
>> from our setup, but we know it isn't capturing everything.
>> 
>> -Alex
>> 
>>> On 11/1/17, 9:07 AM, "Konstantin Boudnik" <cos@apache.org> wrote:
>>> 
>>> Alex,
>>> 
>>> Please correct me if I am mistaken, but as I read this, the site
>>> privacy policy info is quite different from ping-back feature some of
>>> the projects need to have.
>>> --
>>> With regards,
>>> Konstantin (Cos) Boudnik
>>> 2CAC 8312 4870 D885 8616  6115 220F 6980 1F27 E622
>>> 
>>> Disclaimer: Opinions expressed in this email are those of the author,
>>> and do not necessarily represent the views of any company the author
>>> might be affiliated with at the moment of writing.
>>> 
>>> 
>>> On Wed, Nov 1, 2017 at 8:30 AM, Alex Harui <aharui@adobe.com.invalid>
>>> wrote:
>>>> You can go to flex.a.o and at the very bottom is a link to a "Privacy
>>>> Policy" page.
>>>> 
>>>> You can try out our Installer
>>>> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fflex.apac
>>>> he.org%2Finstaller.html&data=02%7C01%7C%7C1c21114dced44ac5284f08d52142b54
>>>> b%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C636451492755997991&sdata=3
>>>> qpx1%2FfmVNhqZFJQMqvMVwx1OqQB9YGLn9tk4Y2m2aU%3D&reserved=0
>>>> 
>>>> HTH,
>>>> -Alex
>>>> 
>>>> On 10/31/17, 11:06 PM, "Emilian Bold" <emilian.bold@gmail.com> wrote:
>>>> 
>>>>>> IANAL, but recording OS info or plugins might require an explicit
>>>>> consent of the users. You might find [1] to be useful for the
>>>>> background information.
>>>>> 
>>>>> I can't find the link you referred to with "[1]".
>>>>> 
>>>>>> Apache Flex uses Google Analytics.  We worked with the mentors to
get
>>>>> disclaimers in the right place.
>>>>> 
>>>>> This is a start. Any place this is documented?
>>>>> 
>>>>> Still, can we count on no INFRA help? What about adding our own backend?
>>>>> 
>>>>> 
>>>>> --emi
>>>>> 
>>>>> 
>>>>> On Tue, Oct 31, 2017 at 9:59 PM, Alex Harui <aharui@adobe.com.invalid>
>>>>> wrote:
>>>>>> Apache Flex uses Google Analytics.  We worked with the mentors to
get
>>>>>> disclaimers in the right place.
>>>>>> Apache Flex also has an installation program to assist users in
>>>>>> installing
>>>>>> our releases.  Folks who use it are also warned that the Installer
>>>>>> will
>>>>>> hit a URL tracked by GA when the install fails or succeeds.  It gives
>>>>>> us
>>>>>> some idea of who is using our product, but doesn't catch anyone who
>>>>>> just
>>>>>> grabs the bits off the mirrors.  Again the mentors helped us get
the
>>>>>> right
>>>>>> disclaimers in the right places.
>>>>>> 
>>>>>> FWIW, the Apache Flex Installation program can be easily repurposed
by
>>>>>> other projects.  It basically runs a subset of Apache Ant in a
>>>>>> graphical
>>>>>> UI.  You setup an XML file of releases that contain an xml file of
Ant
>>>>>> commands that move files into place and then it hits a URL when done.
>>>>>> It
>>>>>> only works on Mac and Windows though.  Our few Linux users use the
>>>>>> same
>>>>>> Ant script to install but don't hit a URL.  But such a thing might
be
>>>>>> allowable.
>>>>>> 
>>>>>> HTH,
>>>>>> -Alex
>>>>>> 
>>>>>>> On 10/31/17, 11:27 AM, "Konstantin Boudnik" <cos@apache.org>
wrote:
>>>>>>> 
>>>>>>> We are in a very similar situation with Apache Ignite, where
we'd like
>>>>>>> to track the usage stats of the project. But we really don't
want
>>>>>>> anything fancy, but to know the number of the installations and
their
>>>>>>> geo-spread. Incidentally, we don't even want to keep the info
once the
>>>>>>> stats were derived and clearly aren't interested in users IP
address
>>>>>>> beyond the general vicinity of it (e.g. UK, Russia, US, and so
on).
>>>>>>> 
>>>>>>> IANAL, but recording OS info or plugins might require an explicit
>>>>>>> consent of the users. You might find [1] to be useful for the
>>>>>>> background information.
>>>>>>> --
>>>>>>> With regards,
>>>>>>> Konstantin (Cos) Boudnik
>>>>>>> 2CAC 8312 4870 D885 8616  6115 220F 6980 1F27 E622
>>>>>>> 
>>>>>>> Disclaimer: Opinions expressed in this email are those of the
author,
>>>>>>> and do not necessarily represent the views of any company the
author
>>>>>>> might be affiliated with at the moment of writing.
>>>>>>> 
>>>>>>> 
>>>>>>> On Mon, Oct 30, 2017 at 2:56 PM, Emilian Bold <emilian.bold@gmail.com>
>>>>>>> wrote:
>>>>>>>> Hello,
>>>>>>>> 
>>>>>>>> We have very little metrics from ASF for Apache JMeter and
the best
>>>>>>>> source seems to be a 3rd party site that has a popular plugin
portal
>>>>>>>> and records more information.
>>>>>>>> 
>>>>>>>> This is a pretty sad state of affairs:
>>>>>>>> 
>>>>>>>> * downloads are not counted very accurately. I discovered
there are
>>>>>>>> some text logs on
>>>>>>>> https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww-u
>>>>>>>> s.
>>>>>>>> ap
>>>>>>>> ache.org%2Fdyn%2Fstats%2F&data=02%7C01%7C%7C2f3fbb2a870e4fb01f7108d52
>>>>>>>> 08
>>>>>>>> d1
>>>>>>>> 712%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C636450712715729336&s
>>>>>>>> da
>>>>>>>> ta
>>>>>>>> =vyzVBc03mnuLwQHWlaQjZQR2Dxziaez%2BnI9yVlzldFQ%3D&reserved=0
but
>>>>>>>> these
>>>>>>>> are
>>>>>>>> very approximate and the mirrors send no logs back to Apache
for
>>>>>>>> centralisation or such.
>>>>>>>> 
>>>>>>>> * website logs are on-demand only. I see the ASF does use
Google
>>>>>>>> Analytics as per
>>>>>>>> 
>>>>>>>> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.
>>>>>>>> ap
>>>>>>>> ac
>>>>>>>> he.org%2Ffoundation%2Fpolicies%2Fprivacy.html&data=02%7C01%7C%7C2f3fb
>>>>>>>> b2
>>>>>>>> a8
>>>>>>>> 70e4fb01f7108d5208d1712%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C
>>>>>>>> 63
>>>>>>>> 64
>>>>>>>> 50712715729336&sdata=4M%2FHlnH9ujWeNOdVA4O%2FrDawh0w50A6QTCUYOlYxdo0%
>>>>>>>> 3D
>>>>>>>> &r
>>>>>>>> eserved=0 but individual
>>>>>>>> projects don't (can't?) so we only have server logs(?)
>>>>>>>> 
>>>>>>>> It would be interesting to
>>>>>>>> 
>>>>>>>> * record version information, operating system, popular plugins
>>>>>>>> ourselves
>>>>>>>> 
>>>>>>>> * allow users to send an error "to us" when it happens (error
>>>>>>>> reporting).
>>>>>>>> 
>>>>>>>> So, what kind of privacy policy must we follow for such a
feature
>>>>>>>> and
>>>>>>>> how can INFRA help us with a server to receive these messages?
>>>>>>>> 
>>>>>>>> Having more info about the current state and the trend of
our user
>>>>>>>> base would allow some better planning since everybody is
>>>>>>>> time-constrained.
>>>>>>>> 
>>>>>>>> Having this info under our control would allow us to actually
>>>>>>>> follow a
>>>>>>>> given privacy policy instead of relying on a 3rd party site
that
>>>>>>>> does
>>>>>>>> not even *have* a privacy policy.
>>>>>>>> 
>>>>>>>> Some of these questions apply to Apache NetBeans too, as
we have a
>>>>>>>> very nice error reporting mechanism there with a custom server
>>>>>>>> backend
>>>>>>>> for detecting duplicates, statistics and such.
>>>>>>>> 
>>>>>>>> --emi
>>>>>>>> 
>>>>>>>> 
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>>> 
>>>>>>> 
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>>>> 
>>>>>> 
>>>>> 
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>>>> 
>>>> 
>>> 
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
>>> For additional commands, e-mail: legal-discuss-help@apache.org
>>> 
>> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message