> I wonder what the comfortable medium between privacy and letting developers get feedback about how well their code works is.
I consider the nut of the problem to be informed consent. If you have user's informed consent to get the feedback, then there is no problem. If you don't, then the whole operation is unacceptable.
And no, mentioning it in the privacy policy or terms of use don't count as "informed consent".
This would be a real challenge for some companies. Having a clear privacy policy creates a hard dependency between it and the code. And developers are notorious for not even being able to keep comments updated along with their code changes.
It's not impossible at all, just in the current state of the industry there's a good reason we have vague agreements (also including good old-fashioned laziness, of course). It'd probably need to be developed ground up as an API with side effects, so when the code is compiled it spits out some details about how it's used.
> Having a clear privacy policy creates a hard dependency between it and the code. And developers are notorious for not even being able to keep comments updated along with their code changes.
That's just a small extra step in the QA pipeline.
Also: analytics and telemetry code doesn't just appear out of the blue. Someone makes an explicit decision to scoop error logs from users, or track clicks, or spy on system configuration. That someone is usually higher up the management or technical chain, and should know enough to recognize that sending anything collected on user's machine that is not crucial (in the most strict, technical sense) to performing the action user activated has privacy implications.
So what? Informed consent is also "a real challenge" for some medical studies, does that mean we should let doctors carry out unethical studies?
I'm actually pretty sympathetic to Wacom in this instance, more sympathetic than the blogpost author at least. But unethical actions are unethical regardless of whether acting ethically is "a real challenge" for some companies.
The deep problems of “informed consent” are apparent in medical studies/treatment. Few patients are equipped to be informed because they don’t have a med school degree.
Since users ”can’t be informed” about tracking, it doesn’t make sense to discuss whether they “should be informed”.
Doubtless there are deep problems with "informed consent", but saying they "can't be informed" is nonsense. Is your plan to not bother to inform people because they "can't be informed", and decide what's best for them without their knowledge or consent?
> This would be a real challenge for some companies.
Tough. If a company can't do it the right way, they shouldn't do it at all.
> in the current state of the industry there's a good reason we have vague agreements
Well, I guess that depends on your point of view. I see no good reason for this, but I have no doubt that the various companies do see a good reason by their definitions.
You're right about the current state of the industry, but the current state of the industry is a travesty.
Yeah, 'good' was the wrong word. Maybe 'understandable' but that's still is a bit too charitable.
I was mostly musing about how changing code can have legal/business as well as technical side effects, and we've seen that to some degree with mobile app permissions who just grab everything because it's seen as too much effort to do it right. So I'm curious if this is going to change for the better any time soon.
Thing that I know happens, from personal experience: you can put a giant modal alert, and write in blinking, all caps, 60pt bright-red font that you will do something unless the user presses a button, then draw a bright red arrow to the button. Users will still complain that they weren’t informed.
Users are lazy and dumb, and the most ideological users are often the laziest and/or the dumbest, because they have an agenda. They will go out of their way not to give you the benefit of the doubt (”why was the font not 80pt? Clearly, you’re trying to hide something from users on high resolution screens!”)
If your goal is to eliminate user complaints about this, justified or not, then just stop intrusive data collection entirely. Then you don't need to bother with obtaining consent.
I consider the nut of the problem to be informed consent. If you have user's informed consent to get the feedback, then there is no problem. If you don't, then the whole operation is unacceptable.
And no, mentioning it in the privacy policy or terms of use don't count as "informed consent".