GitLab dnes svým uživatelům rozeslal email, ve kterém se omlouvá za před týdnem oznámené změny a všechny je ruší. Tehdy uživatelům oznámili, že v proprietárních částech GitLabu (tj. na gitlab.com a některých self-hosted instalacích) přibudou first- a third-party sledovací javascripty, které budou zkoumat chování uživatelů. Mezi komunitou se ale zvedla silná vlna nevole, která žádá buď úplné zrušení telemetrie, nebo alespoň její přepnutí do opt-in režimu, kdy by uživatel musel s použitím telemetrie explicitně souhlasit.
Část původního emailu z 23. října:
We have launched important updates to our Terms of Service surrounding our use of telemetry services. Starting with GitLab 12.4, existing customers who use our proprietary products (that is, GitLab.com and the Enterprise Edition of our self-managed offerings) may notice additional Javascript snippets that will interact with GitLab and/or third-party SaaS telemetry service (such as Pendo).
…
Key Updates:
- GitLab.com (GitLab’s SaaS offering)and GitLab's proprietary Self-Managed packages (Starter, Premium, and Ultimate) will now include additional Javascript snippets (both open source and proprietary) that will interact with both GitLab and possibly third-party SaaS telemetry services (we will be using Pendo(https://www.pendo.io)).
- We will disclose all such usage in our privacy policy, as well as what we are using the data for. We will also ensure that any third-party telemetry service we use will have data protection standards at least as strong as GitLab and we will aim for SOC2 compliance. Pendo is SOC2 compliant.
Email zaslaný 30. října:
Dear GitLab users and customers,
On October 23, we sent an email entitled “Important Updates to our Terms of Service and Telemetry Services” announcing upcoming changes. Based on considerable feedback from our customers, users, and the broader community, we reversed course the next day and removed those changes before they went into effect. Further, GitLab will commit to not implementing telemetry in our products that sends usage data to a third-party product analytics service. This clearly struck a nerve with our community and I apologize for this mistake.
So, what happened? In an effort to improve our user experience, we decided to implement user behavior tracking with both first and third-party technology. Clearly, our evaluation and communication processes for rolling out a change like this were lacking and we need to improve those processes. But that’s not the main thing we did wrong.
Our main mistake was that we did not live up to our own core value of collaboration by including our users, contributors, and customers in the strategy discussion and, for that, I am truly sorry. It shouldn’t have surprised us that you have strong feelings about opt-in/opt-out decisions, first versus third-party tracking, data protection, security, deployment flexibility and many other topics, and we should have listened first.
So, where do we go from here? The first step is a retrospective that is happening on October 29 to document what went wrong. We are reaching out to customers who expressed concerns and collecting feedback from users and the wider community. We will put together a new proposal for improving the user experience and share it for feedback. We made a mistake by not collaborating, so now we will take as much time as needed to make sure we get this right. You can be part of the collaboration by posting comments in this issue: https://gitlab.com/gitlab-com/www-gitlab-com/issues/5672. If you are a customer, you may also reach out to your GitLab representative if you have additional feedback.
I am glad you hold GitLab to a higher standard. If we are going to be transparent and collaborative, we need to do it consistently and learn from our mistakes.
Sincerely,
Sid Sijbrandij
Co-Founder and CEO
GitLab
