The US approach to privacy is "let the market sort it out". It has sorted it out by transforming the internet into a giant spying machine sucking up contacts, photos, documents, videos, metadata, what packages you use, when where and how you exercise, everything

The EU approach to privacy (eroded by lobbying and lack of control over US companies) is that citizens have a right over their information. They can ask what personal information a company has on them, ask that it be corrected or deleted. This has resulted in companies that are more careful with data.

Whenever I read a post like yours I immediately think of so-called "useful innocents", to put it euphemistically [1]. Fighting for a non-goal of better open source through analytics (get real), corporate dominance and fewer rights for individuals.

Companies don't need analytics to improve software. They certainly don't need analytics from Google, the leading spyware-as-a-service company in the world.

I expect open source to become better through writing quality software, engaging with users and if need be doing some surveys or organsising other reach-out initiatives in the open. Not analytics turned on by default but it's-ok-cause-we-tell-you-we're-fucking-you.

[1]: https://en.m.wikipedia.org/wiki/Useful_idiot

>Data is being sent to Google everytime you do almost anything in almost all websites, using the same technology. So what?

This still doesn't mean we should just shut up and take it for desktop software. What anyone does on its OS shouldn't leave the LAN - same critique stands for recent MS endeavour with Windows 10.

>Data is being sent to Google everytime you do almost anything in almost all websites, using the same technology. So what?

No, it is not so what. This is a major problem with Google instead. The fact that a single company can track majority of the web traffic is a huge risk.

We have to start somewhere. Opt in should always be the standard.

> Some of the times it's to make the product better, or better targeted.

Homebrew lead maintainer here. This is exactly why we do it. To repeat myself from below: we're chronically understaffed and underfunded.

> Furthermore, now that you know, for brew specifically, will you opt out?

It's worth noting: if everyone who uses a niche piece of software opt-out when it breaks we'll look at our analytics and likely remove it from Homebrew instead of fixing it. This may be unfair but given the amount of work: we need ways to prioritise. Analytics have helped us do that so we can prioritise fixes on things that are critical for many people.

> Data is being sent to Google everytime you do almost anything in almost all websites using the save technology

No, it's not. µblock, µmatrix + clean links.

>Yes we know. brew tells you that. And you can disable it.

No, we don't know. This article wouldn't have hit the front page if it wasn't subtle and user-hostile by default (opt-out).

>Data is being sent to Google everytime you do almost anything in almost all websites, using the same technology. So what?

Brew is not a website, it's a CLI tool. People expect this behavior of websites, not of sysadmin tools. How would you feel if you found out your compiler shipped off a copy of your code to a remote server each time you encountered a compiler error "to improve the compiler" and you had to opt out of this behavior?

>Some of the times it's to make the product better, or better targeted. Some other times it's just for spying on the users.

It's always spying, regardless of the motivation.

>How do we expect open source to become better if everyone is being a crybaby because brew got a history of how often they do brew update?

Somehow open source has functioned all of these years without silently harvesting users' usage data. I don't know how new you are to open source, but this is definitely not the way you do QA for an open source project.

Opt Out is scammy.

Command line tools do not usually do this at all, particularly FOSS command line tools. This is a very worrying development and reduces my trust in FOSS.

--edit-- to whoever downvoted me, can you explain why?

I love FOSS but I also lovemy privacy. I have come to generally have a default level of trust for popular FOSS projects. Things like this make me question that trust. Why is this wrong?

> Some of the times it's to make the product better, or better targeted. Some other times it's just for spying on the users. Let's stop complaining

These kinds of complains are fine, I don't think we should stop them.

It's a bit like corruption in politics, it's not going to be solved anytime soon, but complains do raise awareness and prevent abuses. Who know what's going to happen if we stop complaining?

> Will you choose to make its progress slower because of no real security reason?

No real security reason? We can test that. The developer who added this feature can easy earn trust in such statement by changing the disclaimer and making themselves liable if information extracted through this mechanism causes any identifiable harm.

If this is a sure bet, no risk, perfectly guarantied to be safe, then such change should be trivial.

> Data is being sent to Google everytime you do almost anything in almost all websites, using the same technology. So what?

not on browsers I control

> you can disable it

if you know about it

> There are many more that do the same things without telling you

This makes it right?

> Will you choose to make its progress slower because of no real security reason

Some will, you think it's OK not to give them the choice?

> How do we expect open source to become better

Is opt-in that hard?

If it tells us, then this is a wake up call to me because I don't recall ever becoming informed of that. I must have rushed past the notification.

I probably would have still say OK but I like to at least be aware. Shame on me.

And why not make it opt in instead of the contrary?

It takes almost zero effort to implement Piwik instead of giving all your data to Google. A simple donate button will take care of the costs of a $15 per month shared server for this purpose.

Really that is all it takes. Everything else just goes against the fundamentals of open source software, which is, respect user rights.

Right, as if the feds are coming to get me because they know I installed ImageMagick. Oh no.

Is tracking user's actions the only way to improve software? That is not what one would expect from free and open source software project.

If developers needs an information about how user uses a program, they should ask them to help.

> Data is being sent to Google everytime you do almost anything in almost all websites, using the same technology. So what?

For websites, there's a standard process for blocking this shit. For desktop applications, there isn't.