Thanks Jean for your reply.
Non-free packages should definitely be checked with their privacy policy. But what about free packages? The license for the Go programming language is https://golang.org/LICENSE which is free but the privacy policy is invasive https://policies.google.com/privacy?hl=en (Note: it also has a patent file with some restrictions which can make the package non-free perhaps, would give more details if required) Free networking applications like browsers, p2p applications etc would definitely require internet but other free apps also connect with the internet automatically when starting for the first time (Eg: aseprite, libreoffice) or when checking for updates. One can know this via an application-based firewall. Free packages are available via main repositories (through terminal apt commands or a package manager) and also via other ways like websites, terminal commands like wget, curl etc, offline archive files etc. Would you say that all free packages via main repositories and via other ways (after checking their license to be DFSG-compliant) can be safely be allowed to connect to the internet? Thanks. ---- On Sun, 09 Jun 2019 05:49:01 -0700 Jean-Philippe MENGUAL <mailto:jpmeng...@debian.org> wrote ---- Hi, Privacy policy makes sense for software you quote, eithr because they are closd-code, or because thy are in the cloud and users send data to servers, so it is important to know what do this data once sent. Debian provides free software and does not support non-free one even if they exist in the Debian infra. They provide tools to be installed on your computer. So when you install a program in Debian, you can check the code, but more important, you dont send data to an external source. Then I dont think Debian needs a privacy policy. Neither Debian, nor the packages themselves collect the user data. And it would be a problem to do this, from the socail contract. I think we can consider having a thought about it if some program collects data. For a non free program, this should be in its licene or on th websie of its provider. Regards Jean-Philippe MENGUAL Le 08/06/2019 à 20:02, npdflr a écrit : Hello, How can one check the privacy policy for the packages/softwares (which can be free or non-free) installed in Debian? If one is downloading and installing a package from a website then he/she can check the privacy policy link on that website. Example: -- Skype (https://www.skype.com/en/get-skype/) which has privacy policy: https://privacy.microsoft.com/en-US/privacystatement -- Go programming language (https://golang.org/) which has privacy policy: https://policies.google.com/privacy?hl=en But if one is downloading a package (which may also install dependency packages) via terminal or synaptic package manager then how can one check the privacy policy of that package? Thank you.
