Hi,

with TB 78, the default configuration of Thunderbird enables telemetry
data submission and one has to explicitly opt out of that. See attached
screenshot.

Please change the default to off and let users opt in instead.

Regards,
Michael

Dear Maintainers,

The current bookworm version 1:102.15.1-1~deb12u1 of Thunderbird
still has opt-*out*, not opt-in, for telemetry. While we don't
seem to have a formal Debian policy on this, it would be within
the spirit of Debian to set this to opt-in, not opt-out.

We do have some warnings at https://wiki.debian.org/PrivacyIssues,
but better that telemetry options are patched to be opt-in, not
opt-out. This is what people would expect from Debian.

The opt-out telemetry that I could find is this:

./python/mozbuild/mozbuild/test/test_telemetry_settings.py-135-
./python/mozbuild/mozbuild/test/test_telemetry_settings.py-136-def test_initialize_noop_when_telemetry_disabled_env(monkeypatch):
./python/mozbuild/mozbuild/test/test_telemetry_settings.py:137:    monkeypatch.setenv("DISABLE_TELEMETRY", "1")
./python/mozbuild/mozbuild/test/test_telemetry_settings.py-138-    with mock.patch("mach.telemetry.record_telemetry_settings") as record_mock:
./python/mozbuild/mozbuild/test/test_telemetry_settings.py-139-        did_prompt = _initialize_telemetry(None, False)
--
./python/mach/mach/telemetry.py-100-
./python/mach/mach/telemetry.py-101-def is_telemetry_enabled(settings):
./python/mach/mach/telemetry.py:102:    if os.environ.get("DISABLE_TELEMETRY") == "1":
./python/mach/mach/telemetry.py-103-        return False
./python/mach/mach/telemetry.py-104-
--
./python/mach/mach/telemetry.py-289-        state_dir = Path(state_dir)
./python/mach/mach/telemetry.py-290-
./python/mach/mach/telemetry.py:291:    if os.environ.get("DISABLE_TELEMETRY") == "1":
./python/mach/mach/telemetry.py-292-        return
./python/mach/mach/telemetry.py-293-


So I propose the following patch:

================================================================================
--- python/mach/mach/telemetry.py.orig  2023-10-21 00:34:41.135764889 +0200
+++ python/mach/mach/telemetry.py       2023-10-21 01:05:01.073107778 +0200


  def is_telemetry_enabled(settings):
-    if os.environ.get("DISABLE_TELEMETRY") == "1":
+    if os.environ.get("DISABLE_TELEMETRY") == "0":
+        return True
+    else:
          return False

      return settings.mach_telemetry.is_enabled
================================================================================

to switch from opt-out to opt-in. *Unless* the user has set DISABLE_TELEMETRY to 0,
the value of settings.mach_telemetry.is_enabled will be 'False'. (Python experts
might wish to leave the 'else' part blank, but making the alternative explicit
is safer and more readable.)

I haven't tested this, though ./python/mozbuild/mozbuild/test/test_telemetry_settings.py
is presumably used for testing it, and the test might have to be toggled in
order to pass with the ethically correct value: opt-in.

Cheers
Boud

hi again

Sorry, I didn't include the line numbers in the patch. The patch should
be:

================================================================================
--- python/mach/mach/telemetry.py.orig  2023-10-21 00:34:41.135764889 +0200
+++ python/mach/mach/telemetry.py       2023-10-21 01:08:02.500039001 +0200
@@ -99,7 +99,9 @@


  def is_telemetry_enabled(settings):
-    if os.environ.get("DISABLE_TELEMETRY") == "1":
+    if os.environ.get("DISABLE_TELEMETRY") == "0":
+        return True
+    else:
          return False

      return settings.mach_telemetry.is_enabled
================================================================================

The same suggestion patch is at https://paste.debian.net/1295726 (email clients may
modify the formatting when viewing this email).

My guess is that the initialize_telemetry_setting() part starting on line 281 is either
for the case where someone is a Mozilla employee or uses the script interactively,
so the section probably doesn't need to be changed.

Cheers
Boud

Hi Michael, Boud,

I just checked this and tested it on TB 115 and it is completely disabled,
without a way to enable it (which I don't see as a problem). It's config key
toolkit.temetry.enabled in the config editor.

Can you see if that's also the case for you? I think upstream will only enable
it for nightlies and maybe alpha/beta releases now, which I think is acceptable
for us.

Cheers,
Emilio

hi Emilio,

$ dpkg -l |grep thunderbird
ii  thunderbird                                              1:115.4.1-1~deb12u1                     amd64        mail/news client with RSS, chat and integrated spam filter support

(1) Starting with a completely empty .thunderbird directory, and starting up
thunderbird, I get in:

- Settings

   - Privacy & Security

      - Thunderbird Data Collection and Use


It is - I confirm.

OK, good policy (maybe thanks to the GDPR?).

If disabling toolkit.telemetry.enabled is sufficient to stop
telemetry, then what we have is a different, but related, bug about
unnecessarily giving misleading information to ordinary users, since
(1) makes the misleading statement that one of the two telemetry
options (configurable without the 'config editor') is opt-out, not
opt-in. Even if in reality there is no effect because of (2),
expecting the user to "just trust Debian" despite being told contrary
information is unwise.

The effect of toolkit.telemetry.enabled = false should be to show both