Linux
Telemetry
Inventory
Linux is having no telemetry. Not spying on what people do on their computer is Linux unique selling point. Everybody is free to use Linux. And free because they have no fear being monitored. Linux is not having to question if your data is sent into the cloud.
However..
Linux "Privacy by Design" has ~3% global laptop & desktop OS market share. Renegades within the Linux community thinking "how can we spoil things" are slowly destroying this last safe place by introducing spying on users via telemetry. They sweet-talking their introduction of telemetry to Linux "it's only this, it's opt-in, it's opt-out, statistics, helping developers, bla bla bla". Seems there's no stopping it. Telemetry within Linux is spreading like a virus.
Suprisingly, a lot of users are fine with it "it's minor, only this, a bit of that, I'am helping devs etc" parroting false prophets. But it's the frog in the pot: if this telemetry invasion doesn't stop, within a few years Linux will be 
assimilated (click for details), allowing information from every device beeing shared into the cloud. At that time there is no rolling back.
Linux is the last place on earth with no spying on users. And it is threatened big-time. Linux must be sheltered or privacy will go extinct. For that, below there is an inventory within the GNU Linux Domain of currently used ways of spying on users via telemetry "sending user info & data via internet into the cloud".
There are also suggestions for improvement, to roll back currently implemented telemetry, to cleanup the mess already created, hoping that Linux will be trully "Privacy by Design".
Linux distros categorized:
Cat.0 is having no telemetry
Cat.1 software for location telemetry built-in
Cat.2 is Cat.1 & user survey telemetry built-in
Cat.3 is Cat.2 & QI collect & analyze user data telemetry built-in
Cat.4 above & track/trace user activity & content telemetry built-in
Cat.1 and Cat.2 built-in telemetry is not necessary, results can be obtained privately & securely by other methods. Cat.3 built-in telemetry needs an overhaul. And Cat.4 telemetry must be completely banned from (using the name) Linux.
Recommendation:
- Use Cat.0 distro
- Be careful when using Cat.1, -2, -3 distros
- Avoid Cat.4 distro: it's not worth it. Paid by big tech, they have extended built-in never to leave highly tuneable spying on user telemetry engine, equivalent to any other up to no good mainstream OS.
Category 0 - No telemetry Paradise
No telemetry Linux Paradise is a real life community that possesses highly desirable or nearly perfect qualities for its occupants. These Linux users are able to trust their operating system for privacy & security without any doubt.
In Cat.0 computing is great. Linux having no telemetry gives users a deep sense of trust, not being hunted by some invisible force when being on their computer. Privacy & security is reliable like it used to be back in the old days not so long ago.
Example NO internet connections WHILE using foss Office App: * Yes, view is empty
Conclusion
Cat.0 zero telemetry in Linux is the reason for companies, governments, organisations and users all over the world to spend money, mobilize energy, make efforts and take risks to adopt and migrate to Linux. No telemetry in Linux is "Privacy by Design".
Category 1 - Usage statistics
Linux distros are maintained by for-profit companies, nonprofit organisations, dedicated groups of developers and individuals. They want to know if their work is a success, what their market share is, insight about usefulness and appreciation. Several distros can't bare uncertainty and just have to know. They built-in Cat.1 telemetry asking user to send location. By doing so they are also acquiring the number of users.
If Cat.1 telemetry data is sent to distro headquarters. The user must trust what it will be sent. User doesn't know the content of the message. Maybe distro also sends device fingerprint, distro version, what else! Unknown is how often data is sent: once during installation, per day, week, month, year. From different location? At work, visiting friends, family, guilty pleasure, holidays, abroad etc?
The recieving server is unknown. The data is shared with whom, their colleagues, affiliated organizations, agencies, government? What is distro doing with data? For how long is data retained? Is data safe and secure? Root admin must be able to overrule sending data.
Most users decline approval sending their location to distro. So this built-in telemetry software is not efficient. But if user didn't agree on sending location, having "dormant" telemetry software is a potential risk and can be exploited by nefarious entities.
Not having such telemetry software in the first place will give developers less work on oversight. And especially users will have no worries about possible misusages or doubting about what's going on under the hood.
Not having telemetry is not having to be afraid that maybe one day some update can deliver a hidden privacy invading feature, which suddenly can change settings and start sending his/her data into the cloud. For users to trust Linux it must be inherent safe "privacy by design" thus no telemetry software.
How to count users
Distros have official websites and world wide trusted partners like educational organisations, companies and-so-on. Their servers contain mirrors from which users download distro ".iso"-files. And servers contain "updates" from which users get them on a regular basis.
Example YES internet connections WHILE update from mirror:
Example user IP address WHILE update from mirror:
BTW To be in charge UpdateManager can easely be switched off by user and periodically via cli ~$ sudo apt update & upgrade / $ sudo pacman -Syy & -Su or equivalent.
Above mentioned supply chain servers have logfiles in which the IP address of users are stored. This is a normal internet feature when two computers connect for data transmission (NGINX $realip_remote_addr). If distros want usage statistics they can acquire info from their affiliates servers logfiles.
→ Guide get real IP of visitor
Default server monitoring & statistics tooling is very good. There is also avaiable additional open source software to help distros built their in-house dedicated fancy dashboard. When using in-house servers logfiles data including trusted affiliates servers logfiles the end result "usage statistics" will be far better and much more reliable then the current distro built-in yes/no opt-in and yes/no opt-out telemetry.
Examples of dashboard tooling:
→ NGINX monitoring
→ The Apache HTTP Server Project
→ Elasticsearch, Logstash, Kibana
→ Prometheus, Grafana
→ Netdata
Conclusion
Cat.1 distro doesn't need asking user help, distro doesn't need built-in telemetry, distro doesn't need sending user location to itself. A distro already has the information they need as part of ongoing transmissions. If location telemetry in distro is built-in, this functionality can and must be deleted for Linux to be "privacy by design".
Although some Cat.1 distros have the ability to ~sudo dpkg uninstall telemetry that is not the way forward and possibly for a lot of mainstream (new) users it's too complex. Hindering potential newcomers asking themself "WTF Linux also telemetry - difficult to remove - ain't worth the trouble".
Category 2 - Surveys
Previous Cat.1 telemetry is about location and number of users. Some distros want advanced statistics with much more information. So, the user is asked to "help". For that there are multiple parameters. E.g. in App "Settings" a question is presented with default value set to "ON", which enables various non specified telemetry sent to distro.
About participation default set to "ON or OFF": when user agrees (thus not opt-out or opt-in) then telemetry is active and will send user's information and user's data into the cloud. In these cases, it is not clear, strangely enough, to whom, what, when, where, why and how about user's data and his information is sent. Root admin must be able to overrule sending data.
To facilitate such possible surveys, distro have built-in telemetry functionality. Most users don't opt-in or opt-out and in that case the built-in telemetry is "dormant" (or.. not?). even though it is not activated, this software is a potential risk, it can be exploited by nefarious entities.
And like next Cat.3 telemetry, using Cat.2 telemetry in a professional Production environment is a liability. A business Privacy & Security Officer would advise against taking such risk and advise againt it. This is also applicable for Personal use.
In Linux the user must know that there is no telemetry whatsoever. Not having telemetry software in the first place will give developers less oversight and, especially to users, no worries about possible misusages or doubting about what's going on under the hood.
Linux is not having to be afraid that maybe one day some update can deliver a hidden privacy invading feature, or make a setting change and the distro starts out-of-the-blue sending his/her data into the cloud. For users to trust Linux it must be inherent safe and "privacy by design" thus no telemetry software.
How to conduct Surveys
A distro can create in App "Settings" new option "Survey" containing questions like "Do you want to participate in surveys" with default "OFF". If user change anwser to "YES" a follow-up question can be asked "Frequency - give number of months between surveys".
After that the following message can be displayed: "Thanks, you will be notified by cron for next sheduled survey" including link of website on wich the survey can be done "survey link is https://survey.distroname.org".
The distro's survey website will of course have EU GDPR privacy policy in place. And the user will be able to create anonimus account to login, including safe & secure like 2FA. If applicable the user is able to view previous surveys. While conducting a survey it will not require any user's sensitive information reated to privacy or security.
Example of survey tooling:
LimeSurvey is a free and open source online statistical survey web app written in PHP based on a MySQL, SQLite, PostgreSQL or MSSQL database, distributed under the GNU General Public License.
As a web server based software it enables users using a web interface to develop and publish online surveys, collect responses, create statistics, and export the resulting data to other applications.
→ LimeSurvey info & get started
Conclusion
A Cat.2 distro doesn't need asking for sending data into the cloud automatically, a distro doesn't need built-in telemetry, a distro shouldn't want to send user's information and user's data to itself. Instead, a distro can conduct surveys privatly & securely seperated from the user's device. Therefore, if survey telemetry in a distro is built-in, this functionality can and must be deleted for Linux to be "privacy by design".
Although some Cat.2 distros have the ability to ~sudo dpkg uninstall telemetry that is not the way forward and possibly for a lot of mainstream (new) users it's too complex. Hindering potential newcomers asking themself "WTF Linux also telemetry - difficult to remove - ain't worth the trouble".
Category 3 - QI collect & analyze user data
Previous Cat.1 telemetry is about location and number of users. Cat.2 is also having advanced statistics. A distro with Cat.3 Quality Improvement (QI) collect & analyze user data functionality also has the ability to make snapshots via built-in software. As part of the user environment at a given moment "during error or event" it is able to send user content into the cloud "to help developers".
Any IT person knows that's unthinkable such an activity can take place within a DTAP-Production environment. Using Production environment for Quality Improvements by collecting & analyzing user data is definitely not private & secure and it is against policies in any company all over the world! And "home" users should never expose their personal computing to this practice.
Nevertheless, some distros have Cat.3 telemetry built in their downloadable .iso for daily usage. A lot of businesses and home users are not aware of its presence, or maybe in good faith trust the distro.
Cat.3 when user agrees (thus not opt-out or opt-in) then telemetry is active and will send snapshots into the cloud. In these cases, it is not clear, strangely enough, to whom, what, when, where, why and how user's data and information is sent. And, albeit user consent, root admin must be able to overule.
"QI collect & analyze user data" distros have built-in telemetry functionality. Most users don't opt-in or opt-out and in that case the built-in telemetry is "dormant" (or.. not?). even though it is not activated, this software is a potential risk, it can be exploited by nefarious entities.
In Linux the user must know that there is no telemetry whatsoever. Not having telemetry software in the first place will give developers less oversight and, especially to users, no worries about possible misusages or doubting about what's going on under the hood.
Linux is not having to be afraid that maybe one day some update can deliver a hidden privacy invading feature, or make a setting change and the distro starts out-of-the-blue sending his/her data into the cloud. For users to trust Linux it must be inherent safe and "privacy by design" thus no telemetry software.
How to help developers
A distro can create a seperate .iso clearly marked on their server as a special category "User-Dev-Program-Environment" describing "not suitable for daily use" because snapshots of "special events or circumstances" will be sent to the distro to help developers solve issues.
The distro has to publish details about the content:
- to Whom, what, when, where, why and how user data & information is sent
- what is the reporting server domain name or IP-addresses
- detailed EU GDPR Privacy & Security Policy
A distro can (in its "User-Dev-Program-Environment".iso) create in App "Settings" an option "User Development Program": Account: xxxxx. After that message could display "Thanks, you will be notified when a snapshot is sent" including a link of snapshots collecting site https://user-dev-program.distroname.org".
Distros user-dev-program site has anonimus account to login, including a protocol like optional 2FA. Users are able to view his/her snapshots and results over a period. Also user is able to change or delete contributions.
Conclusion
It is absolutely not done Cat.3 distro taking snapshots from a production environment. Distro know that. Distro shouldn't want to send user information and user data to itself. Instead, a distro can create a seperate .iso for users to download and use when they want to help a distro solving issues. Therefore, if "QI collect & analyze user data" telemetry in a distro is built-in, this functionality can and must be deleted for Linux to be "privacy by design".
Although some Cat.3 distros have the ability to ~sudo dpkg uninstall telemetry, that is not the way forward and possibly for a lot of mainstream (new) users it's too complex. Hindering potential newcomers asking themself "WTF Linux also telemetry - difficult to remove - ain't worth the trouble".
Category 4 - track/trace user activity & content
Cat.4 distro has extended built-in, non deleteable, never to leave highly tuneable spying on user telemetry engine, equivalent to any other up to no good mainstream OS. Cat.4 telemetry is a threat for user privacy & security and the brand name Linux.
Existing Cat.4 engine is named "KUSerFeedback" and it is developed by KDE desktop. It has the built-in ability to completely transform Linux into a privacy & security dystopia, creating a nightmare not different from other operating systems like MS Windows, macOS, iOS & derivatives, Android, Chromebook ChromeOS. KDE is paid by Canonical, Google, SUSE, The Qt Company, Blue System, Haute Couture Enioka, Slimbook.
At this moment a fraction of Cat.4 KUSerFeedback capabilities is activated. But there is a steady roll out going on, each next "update" taking one step further to a higher level of privacy & security intrusion. No end in sight.
This website, via its Twitter account, after many many months of objections at @kde tag #KDE recieved a very disappointing response from the Dev Team Lead "How can we take you serious? You are using Twitter thats also telemetry - so you have no complaining" hereby creating a false equivalent between a social media App (Twitter) versus computer operating sytem (Linux). KDE reasoning: Apps are doing it, so do we.
Cat.4 telemetry has been described on a separated page on this website:
→ Distro Telemetry Watch
Conclusion
Avoid Cat.4 distro.
Epilogue
There is a global digital tsunami going on whereby user privacy & security is invaded by operating systems like Microsoft Windows, Apple macOS, Google Chromebook ChromeOS, Android, Apple iOS and derivatives.
On top of that most Apps in these ecosystems also gather user information. Using Office App typing letters, editing spreadsheets, mailing, organizing photos, videos, creative work: everything is monitored, nothing is private anymore.
On internet search engines users' questions, topics, everything is stored. Google knows your interests, hopes, dreams, worries, illnesses, hobbies, travel destinations, beliefs, politic opinion, name, age, gender, address, phone number, family members, fiends, work, their phone numbers etc.
Besides a few minor attempts e.g. EU GDPR non-effective “cookie consent”, in general governments are doing little or nothing to stop the decline on privacy. In fact adding distrust by major spying on their own citizens.
Online shopping, bank payments, organization, everybody is "sharing" aka selling or handing out user info with you as a target. Hey Alexa, hey Siri, hey Google, gadgets like your TV everything is listening of course "to help and assist" meanwhile storing user information in the cloud.
Distrust towards big tech, governments, companies, online shops, websites, Apps, Services etc. is growing. Your computer, phone, gadgets have become liabilities. The feeling “nothing or nobody” can be trusted has its effect on society. Computing is becoming a glooming place affecting people’s well beeing.
It's a big mess. This constant spying on users generates an unsecure feeling, and real life threats because of data breaches. So, distros, we need a safe place therefore please stop & delete telemetry in Linux!