Ghostboard pixel Skip to content

Privacy Scare! Google's Go Programming Language Wants to Enable Telemetry by Default

A proposed change to Google's Go programming language toolchain might end up scaring off developers more than ever.

Google and privacy concerns, a match made in heaven? 🔒

Well, I do not intend to make any false claims here. But Google does not have the best reputation regarding privacy protections.

It may not be bad for everyone, but they're not good at it either.

In 2019, Google's Go (open-source programming language) latest release introduced a change where GOPROXY defaults to a mirror operated by Google and is subject to Google's privacy policy.

Update: The engineer decided to submit a proposal with opt-in transparent telemetry.

Now, about the news story for the present:

Google's Go programming language is under the crosshair of various developers when Russ Cox, an engineer at Google, proposed a change for its toolchain to adopt telemetry by default 📊

Toolchain refers to a set of programming tools used in a software development project.

While the idea behind the proposal may not be wrong, the current idea planned may scare off developers from using the Go programming language in any future project.

What is the suggestion?

Russ aims to introduce a "Transparent Telemetry" concept to help open-source projects get more insights into the software, keeping privacy in mind.

In his blog posts (a series of 3 articles), he mentions that surveys and bug reports are insufficient. So, there is a need to introduce the easiest way to collect data on an app's usage (i.e., telemetry) while keeping things open to everyone.

This means that the entire process of collecting the data, how it is processed, and what happens with it is open to everyone.

Not bad, I guess? 😕

GitHub Discussion locked

📰 So, what's the catch? Why is the discussion locked at the time of publishing this?

Well, the current proposal plans to add telemetry with an opt-out option. In other words, the telemetry is enabled by default unless someone explicitly disables it.

While that is a terrible choice for a privacy-respecting concept, what makes it worse is Google's association with the project.

Google may end up processing some information with the telemetry.

an image displaying collection of usage data sent to servers

Yes, as the proposal is open for discussion, one may think every concern should be resolved before proceeding.

However, what if Google internally made this decision? Well, we do not know for sure. But, if that is the case, it would be bad news for projects using the Go programming language.

The solution proposed for this debacle:

Even though some support the idea, it is safe to say - most do not. To consider this, one of the suggestions includes making it an opt-in instead of an opt-out by default.

So, if someone wants to share the data, they can choose to enable the telemetry. If not, it would remain disabled by default.

⭐ My take on this: An opt-in is an excellent way to implement this.

However, if an opt-out measure goes ahead regardless, it would be crucial to keep an eye on the information planned for collection and how to make sure it will be anonymous data that Google will not have access to.

💬 Tell us what you think about this proposal in the comments below.

More from It's FOSS...