you forgot the most important part:

will we be able to disable this?

You still should have declared that in advance. You wouldn't tolerate that from Microsoft or any other company either.

Thanks for clearing this up. I for one trust your integrity 100%. However a disable option would be cool.

"Not amused": chances are you are tolerating this right now. Windows has some telemetry built in. for example watson sends crashes to microsoft.

People always forget that such features bring only benefit to them, but no harm and no cost. When asked "do you want to send feature usage data of sql server" I always reply yes in order to have the product be customized to my personal needs. It is in my own interest.

Ayende, I believe that those few who complain about your product calling home are just very outspoken about their opinion. In fact there are very few of those.

People got so excited, maybe you could charge extra to use the checkbox.

Ugh. This looks like a case of people not reading the documentation and then complaining about it after the fact. That's like people deciding to take up smoking and then, when they get cancer, saying, "I didn't know it was bad for me!" Of course, it's not nearly so serious, but you get my point. :)

@Kyle Szklenski, thats a poor argument. You read every EULA and all the documentation for every product you buy? Then do you check for updates whenever a change happens? Give me a break, comparing this to smoking is such a ridiculous leap in logic.

Franky I think most people wouldn't care. I often find that someone who is so concerned about their 'privacy' often have no problem screaming into their cell phones in public.

Ayende, the fear is you could always sell that data to a marketing company. I don't think any serious person really believed you were collecting connection strings or anything like that.

For me, a nicely worded anonymous data collection opt-out screen during installation (or in the initial config wizard) is a big brand image booster. Like MS has started doing in its betas.

It shows me the company cares enough to collect metrics and they're honest enough to ask me if that's OK even though they know how valuable those stats would be. Most even say something about how anonymous the stats really are and how much they will help improve future versions of the product.

As far as I'm concerned, this clears up any suggestion of inappropriate data collection. Never should have doubted you ;)

It's good to see your clarification on this.

You commented in the original post that Reports get relatively little attention. I don't use them very often - by their nature they're not something that I'd need to - but I have found them incredibly useful.

Trick me once, shame on you. Trick me twice, shame on me. Trick me three times and I get what I deserve!

@Ayende:

"I am at somewhat at a loss to understand what I would do with it even if I did."

A: Sell it. :) There's always some low-life organization looking to collect e-mail addresses, location data, and information about poeple to sell off down the pyramid.

It is good that you are adding the option to disable the feature tracking. As for version checking, hell I was "reminding" Adobe & Apple products to stop nagging me about product updates... Until I replaced them.

I don't want to sound like someone throwing gasoline on a fire, I certainly wouldn't suspect you of gathering anything worrysome; but the road to hell is paved in good intentions, one stone at a time. You should be up-front about any information your applications are collecting, and include a privacy disclaimer. The law on this varies from country to country so I would still advise consulting a lawyer about it.

Google started (took over) capturing images for streetview, and with just that there was hoo-haw over privacy; Then they got in some small heap of trouble over capturing packets from wireless networks along the way.

I suspect their famous whiteboard message "Do no evil" has been crossed out and replaced with "Do a little bit of evil."

I guess this is proof you are becoming successful, people have started to question your ethics. The more successful you are, the less you are trusted. ;)

Ayende,

Repeat after me: "I apologize. I never should have did that without asking the user permission".

Try it, It wouldn't kill you.

The enable "send to ayende" feature (disabled should be the default) should also have the "ask me every time" option, where i can see exactly what is being sent to you, BEFORE i allow sending it.

Also, you need to state specifically that you are not collecting any personal data, and that you wouldn't share the data that is being collected with any 3rd party (even by mistake, for example, by installing some other 3rd party component that collects data without asking) .

I find it troubling that you regard this so lightly. It seems to me that you don't understand that above all else, this jeopardizes your reputation (not to mention it subjects you to law suits).

Oren,

I think you forgot to realize most people that comments here are from your supporters. As you probably have seen in the past I am one of your fierce supporter.

That's why I urge you to consider your options carefully. Perhaps, this matter is more serious than you seem to think (base on your response).

Even if it's just anonymous data your users deserve an apology. This is not personal to you or anyone else for that matter. I hold every company to the same standard and I personally don't think it's okay for a program to phone home without the user permission. It's not the (anonymous) data that you collect but the implication of how you did it bother me greatly.

Resharper does a very similar thing. However they asked me for that option at installation time. It's also an option that I can switch on and off any time. It should also be included in the EULA and not buried in some obscure place in the documentation. We have seen enough of your ranting against other larger corporation (for the most part I think most of us agree with you). Now this is one of these time we hold you to a higher standard and we expect better response from you.

Now the good thing is that we find this out from you. This could have been a lot worse if somebody else find this out on their own. Case in point, this is a serious matter that need more attention it your part. It's at a very manageable stage at this point. How fast you response to this dictate the outcome.

To summarize,

Your users deserve a sincere apology. You need to be a lot more up front about it via the installation process. And your users need to be able to turn this on and off anytime.

Best,

Hoang

@Danny Boy

Can you define the problem because I don't really understand?

What, very specifically, are you concerned about - particularly in light of the information in this post?

@PandaWood

The issue seems to be not what was collected, but how it was collected. If you want to send information about a person it's only polite to notify and ask for permission first.

I agree with the above comments. You need something like the functionality in Eclipse which has a global option to toggle data collection plus a warning screen when it is about to send the data. I think you can even see a summary of what it is about to send.

While it is very tempting for a company or developer to think 'I have all this information, why don't I send it to my server' (particularly in mobile phone development) - it is actually a breach of trust and may leave your users feeling violated when they find out. Much better to be upfront about it and ask their permission.

I like the way Android apps show you all the permissions an app has before you install it on your phone, although that can backfire on you. I have a speed-dial application in which I use the built in web browser simply to display a local help file, but the browser requires Internet permissions. I get users asking me why a speed-dial app needs the Internet, so I have to put info upfront as to why, otherwise they distrust the app. That's because other, less well-intentioned companies have set a bad precedent.

We all know (hope?) you're not like that, so why get labelled with that tag?

@PandaWood

You really don't understand whats wrong here, or are you playing the devil's advocate?

Either way, here goes:

1. I paid for a software, and the software collected data on me, without asking me for permission, or even notifiying me.

2. As much as i belive ayende, that nothing that can hurt me is being sent, how can i be sure? I mean, he is publishing a version with every commit, what happens if he makes a bug? what happes if he string.Formats a connection string by mistake? Don't it deserve to know that he is doing that?

3. Far worse. Ayende doesnt think that collecting data on my own enviroment is wrong. He didnt apologize once. How can i know that it is not the tip of the iceberg?

Until Ayende applogizes, solve the problem, and thinks of some way to compensate his clients. hope the community will not silence.

I think it's very sneaky that usage data is "documented" in an article called... "What firewall permissions does the profiler need?"

There should be a page specifically for "Usage Data Collection and Privacy" explaining everything mentioned in this post.

I would prefer an option similar to what Microsoft does in SQL Server and Visual Studio (and other products) where the the checkbox to collect usage data defaults to false.

People!

Talk about exaggerating.

I'm a user of NHProf and as many others I am usually very suspicious about apps sending information about me but come on. Ayende is mostly a developer, and a really good one at that, and not a full blown software company. He has made an amazing piece of software and started charging money for it. Developing software is one thing, doing everything else around it (support, information, PR, legal etc) is another. I'm not surprised that he missed to think that some are very touchy about sending data. It's not that he is sneaky, but rather thinks like a programmer. Data is good.

+1 to comments by Danny Boy, firefly, and all the others who say this is pretty egregious.

Amazing that there is an apology for not replying sooner but not for breaching loyal user's trust.

Even if you trust Oren not to share this information, do you trust someone who may hack his computer/network/software?

Jonatan,

You make it sound like he accidentally left this in the code, like it's a bug or something. He made a conscious decision to collect this data.

Another Danny,

No, I am saying that he thought about it from his perspective and then he wanted to collect data to make a better product, He did not sit down and think "How will the different groups of user think about this". A bit like how Google does it. They mostly base their work on user data.

As a developer I am afraid to release software by myself becouse of the different legal aspects, being bombed with support, the work of setting up documentation etc.

I don't think anybody is accusing Oren or having any bad intent or collecting any inappropriate data, and it is nothing to get wildly excited about - we would all like data on how our apps are being used. It is just that these days it is wise (and might be a legal requirement in some places) to notify the user that you are doing that.

Personally, I don't think the documentation is clear about the fact that it is gathering stats and sending them back home. It should be explicit to the user and an option they can toggle, especially if they have paid for the application.

If they are getting a free app, then it may be a quid pro quo, but they should still be informed.

HI,

This has data collecting issue has been was discussed but I would like to highlight one small details : collecting data from user action is "angainst the law" in almost all european countries including Germany, Italy, France, (UK I may have to check as they a re bit more permissive), BE, NL, AT, CH ... (I Can provide countries and legal countraints for europe if requested)

According the law in those countries the user has to make a interraction to accept the data collection and in some countries the double optin policy force the user to accept twice.

The point is not whether or not the user is impacted. the point is Oren (this company actually) could be sued for that data collection feature.

Regards,