Ubuntu faced stiff criticism from bodies like EFF and FSF over the data leak and privacy concern due to the way Dash handles local searches. When Canonical did not respond to suggestions from EFF, Richard Stallman, the creator of free software movement, went ahead and called Ubuntu a spyware for not respecting user's privacy and sending user data to its servers by default.
There is some confusion, but the fact is no one (including Richard Stallman) has any problem with Canonical gathering user data and displaying ads when local searches are conducted. The problem is with the way it has been implemented. The feature is turned on by default and users did not even know (they were never informed) that their search queries were being sent to, and stored at, Canonical's servers which are further shared with its partners.
Despite requests from users and bodies like EFF and FSF, Canonical doesn't seem to be making this feature opt-in under any circumstances (same approach by Apple, Microsoft or Google would have attracted lawsuits and government investigation -- thanks to smaller user-base of Ubuntu). But the company, which is founded by a security expert who created Thawte, seems to be taking some steps to address concerns raised by EFF.
We will make a very bold, clear way for you to turn on and off network queries across ALL scopes for any given session in the dash. Think about this like the 'anonymous' mode in your browser. Toggle it, right there in the Dash, and you are totally certain you are not sending network traffic. We will aim to enforce this at the kernel level, hence the CC to Jamie S who leads our security team.
This seems to deal with the 3rd request made by EFF, which is good news. But I am curious how many casual Firefox/Chrome user are even aware that there is an incognito mode? How many use it? We should not make a mistake by mising issues. When you use Firefox/Chrome you are conducting an online activity (which has nothing to do with your local data). You know you are online and you want to disable tracking of your activities. By giving a toggle switch Canonical does offer the option of disabling the search which was buried in Privacy Setting, but it doesn't address the core of the problem.
Another point which needs clarification is "for any given session in the dash." Does that mean after log out the online search will be toggle 'on' again and you will have to disable it every single time? It's also unclear if the switch wil be 'toggled' on by default; the safest thing would be to make it off by default so as to ensure the privacy of an innocent user.
But Google does that too?
I have seen arguement where user compare it with Google which is totally wrong. When you open a browser you know that you are conducting an online activity which, through cookies, is being recorded. But when you run a search in Nautilus or Dolphin you don't expect that search to be sent online. That where things get complicated, Dash started off with a place to find local data and applications and now it is being used for product placement. This is even more dangerous becuase Dash has become a single place to look for data. If you are looking for something, you will look in Dash and if you look in Dash, Canonical and its partners will know about it.
I don't care about 3rd party, even Canonical should not know about it.
You should be allowed to not to trusting
I trust Ubuntu (which comes with no warantee) that it will give me a stable platform to run those applications that I use and trust. Period. It's like trusting a pilot when I fly. I trust that he will fly me safe, but that trust doesn't mean I will hand over my house keys, car keys, ATM PIN, PayPal passwords to him. No. Just because I fly in his plane and my life rests in his hands doesn't mean he has access to everything else in my life. Canonical is no different. All I want from them is to give me a stable OS so that I can run the apps I need; but please don't take my house keys, or ATM passwords the moment I enter your plane just because I never told you to not to take them from me.
That's where the fundamental and ethecial problem the current Dash implementation has.
Shuttleworth further writes:
We will have the ability to configure the Home screen, including choice of scopes, and the behaviour of individual scopes.
That's great news. But at what stage will user do this? Will it be done when a user boots into a new system (or when he upgrades from on older system) where all online activities are turned off an a user can turn them on after read what will happen when the switch is turned on? Or will it be just present in privacy settings? In any case it's a great move to allow control over online search.
Legal mumbo jumbo
Shuttleworth also writes that they will make it easier for user to read the legal notice:
Legal notices will all be in one place, in the 'About Ubuntu' part of the UX, and visible in the install experience too.
While this is commendable I very much doubt any user reads 'About Ubuntu' or any legal notice. I have yet to find a user who reads the EULA before installing any software, let alone 'about' pages. I think it should be made more obvious/simplified and less legal so users can understand what they 'agreed' to.
I very much dobut a majority of current Ubuntu user are aware that they 'agreed' to something like this the moment they opened Dash (I have translated it into simple language):
Since this feature is enabled by default (and you were never prompted to opt-out) you have by default agreed that every keystrokes that you make inside Dash is sent to productsearch.ubuntu.com and selected third parties so that we show you product related to such keystores. These 3rd parties include, but not limited to Facebook, Twitter, BBC and Amazon. Canonical and these selected third parties will collect your search terms and use them to provide you with search results while using Ubuntu.
So, the legal notice (which I doubt anyone reads) tells a user that they 'agreed' to send their keystrokes (made in Dash) to Canonical's product server.
Let me simplify it so one can understand the gravity of the situation and why it is serious.
You have been living in an appartment from ages and then regular maintenace was conducted. Then they installed a hidden camera in your bedroom and left a tiny Legal Notice sticker somewhere (which you will never read) which said that by entering this room, and not turning off the switch that we told you about in this legal notice, you agree that everything that you do in this bedroom will be recorded and sent to company servers to be used by the company and its partners to offer you better products based on your bedroom activities.
How would I feel about it? Very angry.
The right approach is 1. To tell clearly that a camera is installed (in bold red letters). 2. Keep the camera off by default. 3. Let the user turn it on if he wants to. 4. Never install a web cameara in someone's bedroom.
It's not enough
So, while it's a positive move from Canonical and does 'inform' a user of what is being done to their local search queries, looking at the gravity of the matter it should be made more visible and obvious. Informing that there is a webcam is not enough, making sure that those who don't care to read such notices are also safe from such 'tracking' is what matters.
The ideal situation would be that when someone opens Dash for the first time there should be a pop-up (with online search disabled, toggled to off by default) and here user is clearly (in short and clear English - which can have a link to detailed version) told what happens when he turns the swicth on.
This can be a one time process but it will ensure that 'unware' and innocent users are not letting a company record their bedroom activities. At the same time it will help those users who don't care about their keystrokes been recorded and shared by Canonica as they can turn the swicth on with one click of the mouse.
What it will actually do, which is very imporatant, is that it protect those innocent, simple users (like my mom) by ensuring that none of their keystrokes are being sent to Canonical servers.
It is a very serious matter and Canonical seems to be listening but it is not addressing the real problem yet. The real problem still remains.
I appreciate the company for taking user's privacy seriously and paying heed to bodies like EFF but it is not addressing the real problem yet. The real problem still remains - the feature is turned on by default.
Canonical is a great company and has done a lot to popularize Ubuntu and created an atmosphere for companies like Valve to consider Ubuntu as a viable alternative of Microsoft Windows, but this tiny issue can hurt the company in the long run. I think the only way to bring an end to all privacy concern is what EFF proposed:
Disable "Include online search results" by default. Users should be able to install Ubuntu and immediately start using it without having to worry about leaking search queries or sending potentially private information to third party companies. Since many users might find this feature useful, consider displaying a dialog the first time a user logs in that asks if they would like to opt-in.