CyanogenMod removes tracking opt-out, reverses decision, but still uses Google Analytics

The most successful and best managed version of Android CyanogenMod is gathering data from users for statistical purposes. The statistics are public and users have the chance to opt-out of being counted. On March 31st this changed. The founder of the CyanogenMod initiative Steve Kondik removed the opt-out feature from the source code (commit). He explained his reasons in the commit message:

Not having an accurate count of how many people are using CM is painful. I am making an executive decision to remove the opt-out and always turn stats on. The data is anonymized and there is nothing evil that can be done with it. The only purpose here is to tell us if we are a successful project or not.

Only a few minutes later, another CyanogenMod developer Koushik Dutta added an additional tracking feature (commit) which sends data not only to the servers of CyanogenMod, but directly to Google using Google Analytics.

After many users complained and IT media picked up the story, Steve Kondik reversed his decision (commit) today (3 days later) and says:

Apparently this is a bigger issue for a small number of extremely vocal users. We should respect their wishes, no matter how off-base their claims are in this context.

That does not sound like he understood the legitimate issues people have. He considers them “off-base”, but decided to still respect their wishes.

In a later post, he explains himself in more detail, but still seems to be upset:

It’s incredibly frustrating that a handful of incredibly vocal users are ready to “fork” over the issue. News flash: there are already a hundred forks of CM. We like it, and we enable it! And there’s no sinister plot to crack the hashed data and sell your deepest darkest secrets to Verizon and the NSA.

He does not seem to understand that this is all about trust. Many people do not trust Google with their data and CyanogenMod is their only (reasonable) choice. If they start to collect data as well without letting users know and without a way to at least opt-out, they can not be trusted anymore. The best way to protect data, is not to create it in the first place.

It is too bad that CyanogenMod can not have reliable statistics about its usage, but if users decide to opt out from being tracked for statistics, they have their reasons for it. These people and their reasons should be respected. Their privacy is more important than having more accurate statistics. Thankfully, Steve also seems to realize this:

In the end though, we should respect everyone’s wishes here. The change was well-intentioned- we just want to have better answers to certain questions. There are many applications out there who are doing incredibly dubious things like uploading all of your contacts without your consent, so certain suspicions are understandable. I do not want CM to ever be perceived as a group who doesn’t respect the privacy of it’s users.

You could think that in the end everything turned out to be good. Unfortunately, this is not really the case, because the addition of Google Analytics was never removed. It is still in there (source code) and when you decide to contribute to the statistics with your data, it will also be send to Google. It gets your device name, the device version, your country and your current IP address. CyanogenMod does not even tell you about what data they send to whom.

In my opinion, CyanogenMod should remove Google Analytics completely. What’s the point of having a Google-free operating system that still sends data to Google?

Update (2015-08-28): Cyanogenmod has now finally removed Google Analytics again and replaced it with a custom solution.


CyanogenMod removes tracking opt-out, reverses decision, but still uses Google Analytics — 6 Comments

  1. I agree. I thought about not to opt-out and let CM do send my data. Because the arguments I read, that the CM Team wants to know how many versions are in use on which device, are justified in my opinion.

    But now Google Analytics is involved. Sorry, collecting data yourself is one thing. But let a third party (and of all companies Google) collect the data is a different matter.

    • Agreed. I had opted-in from the start, assuming it went to CM only. So I had no problem with the proposed change to make it default. But if GA gets involved, I’ll disable stats as well.

  2. Thanks fot this interesting information.

    In my opinion, CyanogenMod should remove Google Analytics completely. What’s the point of having a Google-free operating system that still sends data to Google?
    I doubt that Cyanogenmod aims at providing a Google-free operation system. Now, most link or information to Google is gone from their pages but just half a year ago they seemed to apologize for not being able to integrate Google services directly into the ROM. And in their wiki, all apps they were recommending for backups, e.g., were linking to non-free apps from Google’s Play store.

    So, that CM is a Google free version is thanks to Google itself, not thanks to CM. Because Google prohibits them to integrate Google services in their custom ROM. I assume, else CM would integrate it.

    We are just the lucky winners of this dispute.

  3. One way or another, it has become Google-free and was making some progress with FOSS: removing ROM manager and introducing a new, source-built Superuser. Over the same period they got a proprietary project manager and adopted Google Plus. So up until now, with this being slipped in unannounced, I was guardedly enthusiastic. But it could also be just a symptom of what I like to call, proprietary jar amnesia: a common condition afflicting many other Android FOSS developers. If somebody can offer a Piwik implementation to Gerrit, maybe they will consider it.

  4. The reason for collecting the statistics was that the CyanogenMod project wasn’t able to determine the exact number of users of the software and according to project leader Steve “cyanogen” Kondik, this ‘is painful.’ Following this Kondik decided to “remove the opt-out and always turn stats on”. Cyanogen insisted that the data is going to be anonymized such that ‘nothing evil’ can be performed by using the data and that it will only be used to measure the success of the project and software. Patches were developed by Koushik Dutta allowing the project to analyze the collected data using Google Analytics.

Leave a Reply