[wp-hackers] Revisiting phone home and privacy

Austin Matzko if.website at gmail.com
Wed Dec 9 17:06:04 UTC 2009 

On Wed, Dec 9, 2009 at 10:15 AM, Otto <otto at ottodestruct.com> wrote:
> Because, by default, WordPress sends your URL to Pingomatic every
> single time you post. That's sort of the whole point of XML-RPC pings.
> And, Pingomatic is owned by Automattic, in case you were unaware.

I don't see how this is relevant.  The last time I checked pingbacks
weren't sending out anything that wasn't obviously already public and
certainly not a list of the blog's plugins.

>> There's no reason to conflate the updates with the data collection.
>
> Sure there is, because the only "data collection" in the sense you
> mean it is the PHP and MySQL version numbers. That's the *only* thing
> sent that is used for statistical information.

You seem to be saying that the URL-to-plugins list information is not
being kept.  How do you know this?  When we last had this discussion
over two years ago, Matt said several times that the data being sent
in could potentially be used in the future for statistical purposes,
and I haven't since heard of any exceptions.  Besides, the fact that
the data is sent out is what's important from the standpoint of
privacy, whether or not that data is being used right at the moment.

>> It's possible to check for updates without collecting any data and
>> without revealing anything particular about the original requester
>> other than last proxy IP address.
>
> So, what is it, precisely, that you object to with the existing data
> collection. What piece of information is being sent that you consider
> to be private and would not want to send? No theoretical arguments,
> please. You know the data being sent, it's been posted here.
> Specifically which piece concerns you, exactly? Why?

I'm not "concerned"; I object in principle to phoning home the URL
with associated plugins.  It's the combination of data: associating
the URL to the plugins and the plugins with each other and with the
URL that together form an unnecessary intrusion into the privacy of
the users of WordPress.

The "why?" question is misplaced.  With respect to privacy, the burden
of proof should be on those collecting the information to prove that
their reasons for collecting it are justified.  All the good, stated
goals---keeping updated, knowing how many are using what version of
MySQL and PHP---could be done without the privacy intrusions I've
mentioned.

More information about the wp-hackers mailing list