[plt-scheme] Version Check

From: Stephen Bloch (sbloch at adelphi.edu)
Date: Fri Apr 28 09:25:26 EDT 2006

Somebody (Anton?) wrote basically that DrScheme should not make 
contact with any server anywhere without prior user permission.  I'm 
a strong proponent of user privacy, but I think that's a little more 
than we need: it seems perfectly reasonable to me for DrScheme to 
contact a server to RETRIEVE information (like the latest stable 
version number) without prior user permission.  And I wouldn't have a 
problem with seeing a dialog saying "There's a new version available; 
would you like to download and install it?"  Contacting a server to 
SEND information (like my current version number, language level, 
operating system, favorite pizza topping, etc.) is more problematic, 
and should have user permission.

There's a grey area in between, of course: it's impossible to 
retrieve information a server without sending at least your IP 
address, and usually a bunch of other things like what application is 
asking for the information (which may include the version number). 
The question then becomes what use, if any, is made of that 
information.  I'm sure Eli would (does already?) find it useful to 
log the number of distinct IP addresses hitting the server as an 
estimate of the number of users.  I'm sure it would be much more 
useful (and more invasive of privacy) to gather those data whenever 
someone STARTS DrScheme rather than only when someone explicitly 
visits the download site in a browser: it would tell not only 
(roughly) how many people had downloaded DrScheme, but how many 
people were actually USING it.  Is this too invasive of privacy?  I 
really don't know.

In addition, any such data will be gathered over some window of time. 
Is it acceptable to aggregate the data over a month or a year, but 
too invasive of privacy to aggregate the data over only a day or an 
							Stephen Bloch
							Math/CS Dept
Adelphi University
sbloch at adelphi.edu

Posted on the users mailing list.