The GDPR and Linux Distros

dusting off hands imageIf you use a general purpose Linux distro which pulls from somewhere else (and they all pull from somewhere else) then you’ve experienced it when you tried to file a bug. Tickets file against Linux distros fall into two primary categories.

  1. Let it rot until it can be closed due to no longer supported version
  2. Flag it closed and tell the user to report it “upstream.”

Today’s rant is about the second category because it is how so many “maintainers” juice up their tickets closed count and because, you can’t do that anymore. Yes, I encountered it today when filing this bug report. If you visit the bug report you will see I was told to report it to Ubuntu because that is where they get the package. I politely informed them they had to report it. They proceeded to keep closing the bug.

Well, here is a cold water bath in reality. The GDPR has been law for a while. Every one of those “upstream” locations requires a user provide personal information to create an account before they can report a bug. I choose to use KDE Neon. The bug was discovered while using KDE Neon. I choose to give my information to the KDE Neon bug reporting system because I like the distro and wanted to report a bug which appears to be biting quite a few people in the writing world.

You cannot tell me to provide my personal information “upstream” which is what you are doing when you tell me to “report it upstream.” Every distro pulling something from somewhere now has to have their own method of forwarding bugs “upstream.” You cannot tell your users they have to provide their personal information to someone else. That’s my take on the GDPR.

Of course, you want to flag it “upstream” and dust off your hands, jacking up that closer rate. This was the norm before GDPR. It cannot be the norm now. Admittedly I live in America, but a large chunk of Linux users live in the EU which is where the GDPR became law in 2016. They will get around to knocking on your distro’s door. The kudos for doing nothing days are over.


By seasoned_geek

Roland Hughes started his IT career in the early 1980s. He quickly became a consultant and president of Logikal Solutions, a software consulting firm specializing in OpenVMS application and C++/Qt touchscreen/embedded Linux development. Early in his career he became involved in what is now called cross platform development. Given the dearth of useful books on the subject he ventured into the world of professional author in 1995 writing the first of the "Zinc It!" book series for John Gordon Burke Publisher, Inc. A decade later he released a massive (nearly 800 pages) tome "The Minimum You Need to Know to Be an OpenVMS Application Developer" which tried to encapsulate the essential skills gained over what was nearly a 20 year career at that point. From there "The Minimum You Need to Know" book series was born. Three years later he wrote his first novel "Infinite Exposure" which got much notice from people involved in the banking and financial security worlds. Some of the attacks predicted in that book have since come to pass. While it was not originally intended to be a trilogy, it became the first book of "The Earth That Was" trilogy: Infinite Exposure Lesedi - The Greatest Lie Ever Told John Smith - Last Known Survivor of the Microsoft Wars When he is not consulting Roland Hughes posts about technology and sometimes politics on his blog. He also has regularly scheduled Sunday posts appearing on the Interesting Authors blog.