On Thu, Jul 6 2023 at 11:33:03 PM +0200, Michal Domonkos
<mdomo...@redhat.com> wrote:
Given the detailed proposal, it's probably too late now for any
fundamental
changes, but there's a formal research area called Differential
Privacy [1]
that deals with the collection of user data in such a way that it
preserves the
privacy of each participating individual.
No, it's not too late for fundamental changes. Big changes would make
this harder and take longer, but we're still very early on here. If the
Fedora community wants to completely throw out the Endless system and
use something else instead, that would be sad since it would mean more
work for me, but we're still at the point where that's possible. (I'd
*much* rather make changes to the existing system to adapt it to our
needs, though. :)
But remember we do not want to keep information about individuals in
the data set in the first place. It's easier to dodge privacy concerns
if we just don't store such associations at all.
As for differential privacy, I'm quite unfamiliar with this topic so I
don't know to what extent it could be useful, but Endless is interested
in adding randomized response [1], where say 50% of the data sent is
fake and the other half is accurate. This only works for boolean and
possibly integer data, but it would make it even harder to deanonymize
reporterd data. But that is not supported yet.
[1]
https://blogs.gnome.org/wjjt/2023/07/05/endless-oss-privacy-preserving-metrics-system/
Have you guys, by any chance, considered looking into that for some
inspiration?
Either way, if anyone is curious, there's a nice and easy-to-read
write up on
the key concepts:
https://desfontain.es/privacy/differential-privacy-awesomeness.html
I will add that to my reading list. Certainly it seems a lot less
intimidating than the Wikipedia article. ;)
A specific set of algorithms (RAPPOR) for collecting arbitrary user
strings
that preserves Differential Privacy has been proposed (and
implemented) by
Google a while back, too:
http://arxiv.org/abs/1407.6981
https://github.com/google/rappor
Wow. I'll add this to my reading list too, although remains to be seen
whether I'll be able to understand it. :D
Michael
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
