Store anonymous events for statistics

Hello everyone,

I am planning to release a feature in the app ToberQuizz which involves sending anonymous user data. I have been reading both the inclusion policy and the anti-features and unfortunately I am still confused… Should it be opted in? I would like to know your opinion before implementing it. Let me describe the feature:

ToberQuizz is an entertainment application where you can solve “complex” hieroglyphs for different topics. I have received feedback from users that would love to know how people are doing in the challenge. Basically, how many people guessed right X questions, how many people completed the challenge… I can achieve this by simply storing the amount of questions that were guessed right. Only that, a simple number and nothing more.

From what I understand, this does not mean that I would be tracking the user since I am neither using trackers nor storing IP addresses, user-agents nor browser stuff. Moreover, I am not reporting users activity since I don’t know absolutely anything about the user. However, this number I want to store is based on someone’s activity.

So, should I ask the user to opt-in in order to have this feature in F-Droid without it being marked as Anti-Feature? Is this feature even allowed in F-Droid?

Incidentally, I don’t know if this is the right place to ask, but I would rather ask to be 100% sure.

I personally don’t think video game stats/ranks should be considered tracking?
But maybe this is a bit nuanced.

“It’s better to ask forgiveness than permission.”

Now you’re going to have jerks like me asking:

Why you use Microsoft github?
Why previous version not has non-free net or tracking anti-feature already, @linsui ? It has network permission, and downloads quizzes? So how you know what logs are kept?

My opinion: scoreboards to be accurate must score unique users to have accurate “solved” counts. So Orbot VPN users won’t show up multiple times from different addresses. So yes it will be tracking, but what’s wrong with an anti-feature if users know?

I mean, if it could be “anonymous” then F-Droid would already have counts of apps installed. But they don’t, yet?

https://f-droid.org/en/2022/02/28/no-user-accounts-by-design.html

I’m more than happy to debate these things, and I don’t think that you or anyone replying to this thread is a jerk :slight_smile: In fact, the harder a debate is, the more people learn from it.

The app gets the challenge as a plain json file instead of consuming an API, the same way you get an image. I made it this way because I thought it would avoid many logs that way.

I have to say that this get challenge and get images behavior changed since @linsui reviewed it months ago. I did not think using images would violate the non-free anti-feature so that is why I didn’t say anything. If not, the app bundle would grow bigger and bigger with each image added. (Maybe that is the way to go in F-Droid)

I don’t think there is a problem if there are some users counted more than once in the scoreboard. You should not be able to answer 2 questions right 2 times in the same challenge unless you uninstall the app or remove the data. And then again, I don’t see a problem with them being counted more than once.

I understand that your point is that this app should have those 2 anti-features added, and that this should not be a problem if the user knows about them. I think it is reasonable, but I would really like to avoid that, so I am open to suggestions.

Done @linsui toberquizz add AF (f4c2f621) · Commits · F-Droid / Data · GitLab

If you fingerprint the users in any way, that’s like Tracking right?

As he already asked… it would still be flagged if it were opt in?

Missed that line, no, if it’s opt-in it’s ok, not “Tracking”.

NonFreeNet is kinda here to stay, right?

But I am not fingerprinting the users. With a fingerprint you can identify a person, I am just storing 1 number. I think of it like a sensor in a door that counts how many people crossed it. You know how many crossed it, but you will never know neither who they are nor what they did. People can even cross it multiple times and you won’t know that happened.

I honestly think in order to track someone you need much more data. In any case, I was going to create an opt-in version for the F-Droid release. However, I am still not 100% sure why this feature is considered an Anti-Feature.

Regarding the NonFreeNet, does that mean that every application that makes an HTTP request is flagged with this Anti-Feature? Because I am only making get requests to images and json files in a supabase bucket.

NonFreeNet needs a split, I’ll try to prioritise this next (ref: The term "nonfree network service" is not coherent (#553) · Issues · F-Droid / Data · GitLab ).

The current description explains this. I can’t replace your server address in the app? I can’t host it either, is the server open source? The app does not work without connecting to your server?

I can host my own XMPP server, so an XMPP client does not need this.

A Twitter client… that’s another story.

Why is tracking an antifeature? well… let’s ask someone jack⚡️ (@jack): "the days of usenet, irc, the web...even email (w PGP)...were amazing. centralizing discovery and identity into corporations really damaged the internet. I realize I'm partially to blame, and regret it." | FDNitter

/LE : added links

1 Like

Let me break this conversation into 2.

NonFreeNet

After reading The term "nonfree network service" is not coherent (#553) · Issues · F-Droid / Data · GitLab I understand there is still some discussion about how to clarify these Anti-Features. Thanks.

This server is just serving public plain static files. And as I said, I moved the assets there so that the bundle size is not >500MB. It is not an API.

You can if you recompile it. And, after watching your comment in that link, of course you would need to fork it and build it from the source. But incidentally, if the images and quizzes were in the bundle you would need to also fork and replace them if you want to customize your own.

Since the server in reality is a simple bucket with static content, you can host it. It is hosted in supabase so I guess it is open source.

It does not work, you are totally right. I suggest this specific question should be added to the Anti-Feature to avoid further misunderstandings. From my point of view, NonFreeNetwork means either using network services that are not gratis or libres. I cannot relation NonFreeNetwork with “the app requires connection in order to be functional”, for me that should be another Anti-Feature.

Tracking

Don’t get me wrong, I did not imply Tracking should not be an Anti-Feature. It must be, of course. What I am asking is if this specific case or cases like this should be considered tracking. Maybe is my misconception of tracking.

When I think about tracking, I think about things like Google Analytics, Snowplow and Hotjar which do track users with cookies and logging every single step, pageview, click or action they do. And of course they fingerprint the user. I do report user’s anonymous activity, but I do not track the user. If this is also considered an Anti-Feature, then I suggest adding this text to the anti-feature:

Reports, sends, or stores any piece of data, without explicit permission, that would not have been possible to be produced without user’s interaction.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.