Online Smart Scopes Do Not Respect User Privacy

Status changed to 'Confirmed' because the bug affects multiple users.

Hi,

With a group of benevol, LoCo ubuntu-fr started a work on a project called "Dash-Privacy-Online" ( https://launchpad.net/dash-privacy-interface/ ). Ubuntu-fr is taking this modest project seriously, especialy after recommandations gave by the french CNIL ( http://en.wikipedia.org/wiki/CNIL ) in a meeting last week; and is thinking about making the 12.10 french speaking iso with Dash-Privacy-Online included.

 * Dash-Privacy-Interface is launched at the first login …
 * …for every new unity user created on the machine (guest session too)
 * include 2 buttons: enable, diseable online results
 * include descrption with :
 * a link to help page of the dash
 * a link to the legale notice
 * a link to Canonical privacy policy
 * a link to the privacy menu (learn that u can change your choice later at your wish)

LoCo who distribute their own iso should have a look on this project if they have doubt with their local legislation and don't have people to code ( translation is opened at https://translations.launchpad.net/dash-privacy-interface )

In the hope a patch become native

Librement

Question:

Isn't that bug supposed to affect all default lens using online results in search ? (not only shopping)

@cm-t: I would agree that this bug might affect all other online-search lenses, i,e, unity-scope-video-remote and unity-scope-musicstores (if I understand well, these are the only 2 other supported lenses that perform online search for now). I'm not so sure however how to link the current report to these packages. Opening 2 new bug reports seems redundant...

Should we understand that the French CNIL advice was supporting the EFF one? I wouldn't be surprised if in Canada (Québec), where I live (bonjour en passant!), our own privacy protection agencies/laws (there is one at federal level and another at provincial level) would have similar requirement to the recommendations coming from EFF... To get an idea on the Canadian privacy agency's concerns in relation with online services, see this: http://www.priv.gc.ca/resource/topic-sujet/owp-pvplrsf/index_e.asp#fs

No doubt that it's really important for Ubuntu/Canonical to respect high standards/universally recognized rules on privacy protection when implementing new services or delivering new products, in order to avoid any clash with various national requirements. In that respect, the legal notice that has been introduced in the dash (bottom right corner) in a hurry at the end of the 12.10 development cycle seems kind of weak to me (for one thing and as far as I can see, it's not even localized/translated!).

@mlaverdiere
Bonjour :)
I don't know how to affect more projects to the bug too. Maybe ask on the launchpad and link to here.

 When we meet French CNIL, we discussed about "online result" (all lens including these query), not only the amazon one. CNIL said: "Très bien" ("Very good") about our proposed patch. In _my_ own opinion, French CNIL have a very good and neutral view of the privacy (indeed the people we meet), and I beleive it might meet the EFF recommandation in the background: online results should not be activated until user are warned about their data privacy and how to enable/disable this feature...

 We included, in Dash-Privacy-Interface, a french translated version of the legal notice, it is not integrated with the translation tool, but it can be merged with bazaar. If anyone want to propose his branch to merge his translated legal notice, it must contain some details:

 * "not official translation" tag
 * link to the original
 * _LANGUAGECODE at the end of the file name as you can see for the French version at http://bazaar.launchpad.net/~dash-privacy-interface-t/dash-privacy-interface/dash-privacy-interface/files/head:/data/legalnotice/

Librement

@mlaverdiere: Bonjour, I adjusted bug headline since it seemed demanding because clearly Canonical is not "required" to do anything they choose not to after all they invest so much into Ubuntu. I think for purposes of being polite the bug should just be described as is without adding demanding wording to the headline of it.

@Kees: Thanks for your blog post it was straight to the point.

Please Kees, you konw as previously working for canonical that the policy is not to assign to a team before legal and design saw the issues and gave their advice. This is counter-productive.

I'm pinging them and will only assign the desktop team (or rather, the correct team, which is the product strategy one as you probably know) once we are settled down on the topic.

@Benjamin: Bonjour! - I don't mind the headline change (and being polite!), but I do think that, in some ways, Ubuntu/Canonical may be *required* to introduce some changes (those recommended by EFF and maybe others) regarding the shopping lens (and probably other online search lenses) it they really want, as they claim, to respect users privacy... and even maybe some regional/national laws. The fact that Canonical is investing a lot of $/efforts in Ubuntu is great but IMHO is irrelevant as far as the current issue is concerned.

no longer affects:unity-lens-shopping ??

could you give some more details ? are we to understand that the issue is resolved ?

I think it affects all lens having remote results.
Privacy (user information/choice: ergonomy) and Data (user data security in/out: technical) should be resolved from the container of these lense. This bug affect these package like a symptom, but maybe I am wrong (I didnt check dependency).

@didier: please assign this to someone. Leaving it "unassigned" looks like no one is working on it.

i see different people working on solutions and idea's on launchpad on this topic , for example the legal notice, not sure where to comment on the issue,

but, could it be an idea that in the installation proces, at the same spot that is ticked for install third-party software , you get the option to install the online search lenses , or to not install it, with the legal notice there. Seems to me the right spot.

http://www.ico.gov.uk/for_organisations/data_protection/the_guide/principle_1.aspx

is an interesting read on the topic of "Processing personal data fairly and lawfully" from ICO ,

@unimatrix9: Just an error from me when I tried to link the current report to other online search/shopping lenses (unity-scope-video-remote and unity-scope-musicstores) and I mistakenly added the unity-lens-shopping. I removed it since it was redundant as the current report is already (and still) linked to unity-lens-shopping.

I see two steps:

1) set default to "none" (instead of "all")
2) develop a sensible configuration system that allows granulary control over the remote search settings

There is no reason to wait on 1 before 2 is finished.

Status changed to 'Confirmed' because the bug affects multiple users.

@unimatrix9
If I understand what you said, in the installation process you have information and choice about online results(...)
I think this is not a way to resolve fully this bug:
Only the user "admin" will be notified about his own privacy;
indeed data belong to every single users of the system. (It is the main reason why we added the 'ballot screen' (https://launchpad.net/dash-privacy-interface) launch at the start of all user first login in unity.)

From the Amazon Product Advertising API Operating Agreement:

"ensuring that you do not use the Product Advertising API, Data Feed, Product Advertising Content, or your application in a manner that *infringes*, *violates* or *misappropriates* any of our rights or those of *any other person* or entity (including copyrights, trademarks, *privacy*, publicity, or other intellectual property or proprietary rights); "

I'm pretty sure that Amazon would accept the EFF's position that user privacy is being violated.

@bkerensa
- Users privacy not respected - Implementation of EFF recommandations
- required
+ Shopping Lens Does Not Respect User Privacy

Shouldn't be "Remote result in the Dash (lenses/scopes) Does No Respect User Privacy" since it is not a shopping lens issu only as we said before ? or should considere to open the clone of this bug for every lens and package this bug is related (I'd rather not do)?

i think the title is accurate as it explains the bug but yes new bugs for each affected package will need to be opened.... like the unity music lens still does not use ssl.

Not action on this bug yet?

@benjamin: Please do open many many bugs regarding privacy, especially things like the lack of SSL (what the hell were they thinking?)

Here is the Free Software Foundation describing Ubuntu as a spyware: http://www.fsf.org/blogs/rms/ubuntu-spyware-what-to-do

I'm pretty sure that the Ubuntu community is not so proud to be pointed at for privacy concerns by such respected institutions as EFF and FSF...

Now, what Canonical is feeling (and more important, doing) about this?

We are also waiting for Canonical response regarding this issue.

Here is Jono Bacon (Ubuntu Community Manager) comment about the FSF (RMS) statement: http://www.jonobacon.org/2012/12/07/on-richard-stallman-and-ubuntu/

I know this a bug report is not the place to discuss/argue, but I just want to present what is I think the rationale behind the issue at stake with the current bug report (which also explains I think why there is a massive rejection of the way the Amazon search feature has been implemented and why the few reasons given up to now by Canonical and relatives - like Jono - are not calming things).

Here's what I wrote as a comment on Jono's blog:

Privacy is not just a "deeply personal thing". In law, there is what we* call common and basic "reasonable expectations" in relation to privacy, that may exist in a variety of situations, including when using an operating system. I really doubt that having search data sent to a third party without the user's express authorization could be considered a "reasonable expectation", in the particular context where the search is performed within what is primarily known or viewed by a vast majority of users as a local application/file launcher/searcher (i.e Unity's Dash).

I understand that "the goal of the dash in Ubuntu has always been to provide a central place in which you can search and find things that are interesting and relevant to you". But if Ubuntu/Canonical want to outgrow the usual local
application/file launcher/searcher paradigm, it has to be really clear about it with users (I doubt that the untranslated legal notice at the bottom left of the Dash is sufficient) and request all necessary users express authorizations. Without specific authorization, these external (online) search features should be off.

And the explanation related to the "iterative"nature of the Ubuntu development is not really convincing me. If , really, "privacy is critically important" to Ubuntu/Canonical and is put "forward as a high priority", then privacy should be considered at the root of any project development. It shouldn't be an afterthought, leading to incomplete solutions implemented late in the development cycle. Ubuntu 12.10 is not an alpha or beta version of Ubuntu. It is an official released to my understanding.

Finally, it seems to me that it would be so much more productive for Canonical to just say what they intend to do to fix the problem, either with 12.10 or, at least, with Raring (13.04). Obviously, implementing EFF recommendations is probably the right thing to do here.

*I'm a lawyer, although not specialized in privacy law, but with a bit of knowledge about these issues.

I read R. Stallmans article "Ubuntu Spyware: What to Do? " as well as the reply "On Richard Stallman and Ubuntu" by Jono B. Therefore I can say that Jono plain wrong. On the one hand he shares the goals of the FSF and points out that he shares the very same goals as well and on the other hand he apolizizes for pushing it by implementing this technology into recent Ubuntu releases. In my opionion Ubuntu became what it is today (among other reasons) due to the fact it did not include spyware. Yes, it is spayware and about the same Microsoft, Apple and some others implemented in the past.

@papukaija lets keep this civil & factual and not conflate this software bug with sexual assault please.

@papukaija: Please be mindful of the Ubuntu Code of Conduct. Bugs do not exist to argue but instead to resolve a issue with software.

While I agree that things must remain civil, your comment implies a dialogue that just doesn't seem to be happening to get the issue fixed.

So far the EFF has proposed a series of fixes that i think are reasonable compromises to fix this "bug" but we have yet to hear a real response plan from those maintaining the package..

and for that matter..why hasn't notice for these issues made it out to ubuntu security notices as other<http://packetstormsecurity.com/files/113307/USN-1465-1.txt> ssl<http://packetstormsecurity.com/files/113306/USN-1465-2.txt> / privacy<http://www.ubuntu.com/usn/usn-1619-1/> bugs have on 12.10 so that users can take appropriate steps to mitigate?

-mike

On Jan 8, 2013, at 4:39 PM, Benjamin Kerensa <<email address hidden><mailto:<email address hidden>>> wrote:

@papukaija: Please be mindful of the Ubuntu Code of Conduct. Bugs do not
exist to argue but instead to resolve a issue with software.

--
You received this bug notification because you are subscribed to a
duplicate bug report (1074780).
https://bugs.launchpad.net/bugs/1073114

Title:
 Shopping Lens Does Not Respect User Privacy

Status in “libunity” package in Ubuntu:
 Confirmed
Status in “unity-lens-shopping” package in Ubuntu:
 Confirmed
Status in “libunity” source package in Quantal:
 Confirmed
Status in “unity-lens-shopping” source package in Quantal:
 Confirmed
Status in “libunity” source package in Raring:
 Confirmed
Status in “unity-lens-shopping” source package in Raring:
 Confirmed

Bug description:
 See this from the Electronic Frontier Foundation (EFF), a well
 respected "international non-profit digital rights advocacy and legal
 organization" (as described on Wikipedia):
 https://www.eff.org/deeplinks/2012/10/privacy-ubuntu-1210-amazon-ads-
 and-data-leaks

 Obviously, despite some improvements that have came late in the 12.10
 development cycle, there are still serious privacy concerns with the
 unity shopping lens. To be more precise, here are the main problems
 to be fixed according to EFF:

 - Disable "Include online search results" by default.

 - Explain in detail what Canonical does with search queries and IP
 addresses, how long it stores them, and in what circumstances it gives
 them to third parties.

 - Make the Search Results tab of the Privacy settings let users toggle
 on and off specific online search results, as some users might want
 Amazon products in their search results, but never anything from
 Facebook.

 Here is another related bug:

  #1055952 Direct data leaking to Amazon:
 https://bugs.launchpad.net/ubuntu/+source/unity-lens-
 shopping/+bug/1055952

 ProblemType: Bug
 DistroRelease: Ubuntu 12.10
 Package: unity-lens-shopping 6.8.0-0ubuntu1
 Uname: Linux 3.5.6-030506-generic x86_64
 NonfreeKernelModules: wl
 ApportVersion: 2.6.1-0ubuntu6
 Architecture: amd64
 Date: Tue Oct 30 06:35:38 2012
 InstallationDate: Installed on 2012-02-12 (260 days ago)
 InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012)
 MarkForUpload: True
 SourcePackage: unity-lens-shopping
 UpgradeStatus: Upgraded to quantal on 2012-09-28 (31 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+sourc...

Thanks to Mike Davis for the summary. I'd just like to add that I really hope to see this issue fixed in 13.04.

As a formerly very active member of the Ubuntu LoCo and present free software activist, I really don't feel I can recommend Ubuntu 12.10 to anyone as long as this bug stands. It's a betrayal of the values that formerly led me to support Ubuntu and struggle to get the word out to people, and after 12.04 (which is an excellent system BTW) I may well have to start recommending that people use Trisquel or Debian instead of Ubuntu.

As a user, my strong feeling is that if my computer is to search for anything online it's because *I* ask it to, explicitly. If Amazon search is opt-out not opt-in, a very basic trust is betrayed.

While a genuine privacy concern is standing, also note that the Ubuntu brand IS being tarnished. A lot of valuable community members and users are having second thoughts because of it. I think that's not in the interest of either Canonical, Ubuntu or anyone else in the free software community. Ubuntu needs to stay strong and well-respected.

Isn't this bug easy to be fixed?
I mean, make an entire "step" of Ubiquity claiming why the online results are important.

You don't have to make any assumption by default, just make buttons:

(back) (No,I don't want) (Yes, I want)

and don't make any of them 'default' (don't color any of them orange).
The first time a new user logs in, show him the same screen!

Wouldn't it solve our first big problem?

Them, just make switches in the Search Results tab of the Privacy Settings, to let users toggle
on and off specific online search result (amazon, ubuntu one, etc.).

There is already a fix attached. (See "Related branches" above.) No one has reviewed it.

@all

There is a collection of design proposals from a broader community here: http://pad.ubuntu.com/4OnwYN3HVT

Code (and more ideas) appreciated! (I think there's more the one way to resolve this bug.)

Full background is here: http://randall.executiv.es/bestsearchintheworld3

@Randall Ross , i cant look at the collection of design proposals, i seem to have no acces, maybe its just me, could you check settings ? Thanks..

@unimatrix9, as described in Randall's "Full Background" link in comment #36, you must be a member of the ubuntu-etherpad team. Visit this link (https://launchpad.net/~ubuntu-etherpad) to join the team, then wait for an admin (Randall, I think?) to authorise your membership. Then you'll be able to see the etherpad content surrounding this privacy flaw.

Temporary solution is a remastering ISO image: http://www.helplinux.ru/wiki/en:kb:make-ubuntu-safe

a cool feature, but should not be activated by default.

or: the lens perhaps could be implemented the way, that result query (privacy lag) is sent when the shopping area is clicked the first time

FIX:

I have begun advocating alternate distributions after mr shuttleworth's most recent statements on the direction of the "fix".

to date, there has been no public announcement (by ubuntu) on the dangers presented to users by the addition of the lens which has been done for many other applications not directly produced by ubuntu. if i were to put my cynical hat on i might believe that this shyness might be due to some financial incentive provided by the lens (or the consumers of its data).. but to date no one has confirmed or denied that the lens functions primarily as a fund raising mechanism.. instead this feature is pitched as something the community wants.. Instead the fixes seem to be centered around sneaky legal maneuvers like implied consent; and temporary disablement of the plugin for "any given session" rather then opt-in or easy, permanent, removal.

frankly, i think it shows a lack of respect for the community and i'm deeply concerned that this is the direction being taken from the top of the organization; I'm moving on. maybe you should too.

-mike

On Feb 8, 2013, at 7:42 AM, ctvoigt <email address hidden> wrote:

> a cool feature, but should not be activated by default.
>
> or: the lens perhaps could be implemented the way, that result query
> (privacy lag) is sent when the shopping area is clicked the first time
>
> --
> You received this bug notification because you are subscribed to a
> duplicate bug report (1074780).
> https://bugs.launchpad.net/bugs/1073114
>
> Title:
> Shopping Lens Does Not Respect User Privacy
>
> Status in “libunity” package in Ubuntu:
> Confirmed
> Status in “unity-lens-shopping” package in Ubuntu:
> Confirmed
> Status in “libunity” source package in Quantal:
> Confirmed
> Status in “unity-lens-shopping” source package in Quantal:
> Confirmed
> Status in “libunity” source package in Raring:
> Confirmed
> Status in “unity-lens-shopping” source package in Raring:
> Confirmed
>
> Bug description:
> See this from the Electronic Frontier Foundation (EFF), a well
> respected "international non-profit digital rights advocacy and legal
> organization" (as described on Wikipedia):
> https://www.eff.org/deeplinks/2012/10/privacy-ubuntu-1210-amazon-ads-
> and-data-leaks
>
> Obviously, despite some improvements that have came late in the 12.10
> development cycle, there are still serious privacy concerns with the
> unity shopping lens. To be more precise, here are the main problems
> to be fixed according to EFF:
>
> - Disable "Include online search results" by default.
>
> - Explain in detail what Canonical does with search queries and IP
> addresses, how long it stores them, and in what circumstances it gives
> them to third parties.
>
> - Make the Search Results tab of the Privacy settings let users toggle
> on and off specific online search results, as some users might want
> Amazon products in their search results, but never anything from
> Facebook.
>
> Here is another related bug:
>
> #1055952 Direct data leaking to Amazon:
> https://bugs.launchpad.net/ubuntu/+source/unity-lens-
> shopping/+bug/1055952
>
> ProblemType: Bug
> DistroRelease: Ubuntu 12.1...

I personally don't have a particular issue with Canonical trying to moneytize Ubuntu with some ads. However, anything touching the user privacy, be it direct or remote, should be EXPLICITLY presented to the user. This should be done early enough so that the user can act upon, either by turning the option off (could be a pre-install or post-install, or a detailed howto, whatever...) or deciding not to install the OS.

A step has been done in the right direction by adding the privacy setting in the control center. But I still needed to see it mentioned on a blog to realize this option actually existed in 12.10. I cannot see why this could not be at least shown in the install slideshow, something like:
- "Look Ubuntu integrates online search directly to the Dash" and all the inovative and awesomness marketing blabla,
- "Don't like it ? Have a look at your privacy settings, this can be turned off".

On a more general note, I gave Canonical the benefit of the doubt of rushing some features for the release of Ubuntu 12.10. However, for 13.04, I expect both the implementation and communication around this feature to be mature and crystal clear.

This bug is still present on Ubuntu 13.04.

From reading the comments in this bug report I get the impression that there is a general sense of agreement about how enabling on-line search results through the Dash lenses by default violates the user's reasonable expectancy of privacy, but I don't see any response from the package maintainer (or rather, Canonical) explaining why this feature is still enabled by default in Ubuntu 13.04, and when and how this high priority bug will be fixed.

I am not heavily involved with Ubuntu, so it is quite probable that I have overlooked some explanation on a mailinglist or blog, but shouldn't the resolution of a confirmed high importance issue be addressed here on the bugtracker?

The bug is unassigned since no one whats to have the responsibility I assume. Honestly I came to Xubuntu and Canonical (to a certain extend) years ago since I was fed up with M$ and their broken system. At present however I'm in the middle of a migration to FreeBSD -- also because of bugs like this one. By the way I agree with the last commenter, Jeroen Hoek. I don't have the time to read every newsletter or announcement but at least some of them. I never received an explanation either and probably never will. In my opinion its O.K. for a company like Canonical to make profit like Red Hat and others do but its not O.K. to do it like M$ or companies like these.

@aquina: Its unassigned because the decision makers for product strategy have decided to ignore a member of the Ubuntu Technical Board and the privacy of users. Kees made some really good suggestions on how to notify users and none of this was done.

I'm on Ubuntu 13.10 beta and I observe that this bug is still present, with a slight regression, as the untraslated botome right legal notice in the dash has dissapeared.

It could be considered anecdoctical I guess, but anyway, for the record! : Ubuntu’s Amazon Shopping Feature Wins Anti-Privacy Award - http://www.omgubuntu.co.uk/2013/10/ubuntu-wins-big-brother-austria-privacy-award

http://www.heise.de/open/meldung/Big-Brother-Award-Austria-fuer-Mark-Shuttleworth-2034943.html

https://fixubuntu.com/ has a script which turns off remote search, uninstalls unity-lens-shopping, disables remote scopes and blocks connections to Ubuntu's ad server.

Can someone please mark this as "CRITICAL" ?

On the basis of EFF recommandations, here the what's need to be done to solve this bug, considering the stagnation/progress/regession observed since Ubuntu 12.10:

- Disable "Include online search results" by default -----> Nothing has been done. To do.

- Explain in detail what Canonical does with search queries and IP addresses, how long it stores them, and in what circumstances it gives them to third parties -----> Regression since 13.10, as the untranslated legal notice is more difficut to find. It has been relegated to an obscure "Diagnostics" tab, in the "Security and Privacy" panel, in the System settings, instead of being available at the bottof right corner of the Dash. So, at leat, it needs to be translated. Also, if it has to remain in the"Security and Privacy" panel, it should be in a more properly designated tab. Also, if the online search remains activated by default, there should be some sort of proheminent popup that would ask for user attention, upon first login or first access to the Dash, refering him/her to the legal notice and asking him what he/she wants to do with online search (and related scopes).

- Make the Search Results tab of the Privacy settings let users toggle on and off specific online search results, as some users might want Amazon products in their search results, but never anything from Facebook. -----> Some progress has been made with 13.10, as now, in adition to be able to disable onlne search, within the "Security and Privacy" panel, users can also deactiate some particular scopes (or sources?), by right cliking on them, in the Dash, and then clicking for deactivation. Now the process is tedious if, as an example, a user only wants 1 or 2 scopes to be activated. One solution could be to include these options in the "Security and Privacy" panel (which would be more coherent, if done in a proper way) with a complete list of the sources, and with some easy and quick way to turn some of them on or off.

It seems that this bug is partially solved, at least for the upcoming Unity 8 (so not for Ubuntu 14.04) where the Amazon scope activation will become opt-in: http://www.omgubuntu.co.uk/2014/03/ubuntu-make-amazon-product-results-opt-unity

@mlaverdiere: I agree this announcement addresses any privacy concerns users should have do we have a likely milestone to attach it to and is it worth marking Fix Committed?

@bkerensa: well, right now we just have the OMG Ubuntu article and some explanations from Michael Hall on Google+. I would wait to see what explanations/details the devs from Unity team can provide here. AFAIC, to be considered fixed, all the correctives proposed by EFF should be implemented and the opt-in should applied not only to Amazon scopes, but also to all online scopes/search.

The problem isn't solved. I understood it like this:
Unity 8 will drop the Home Scope and therefore include a Scopes Scope. When pressing the meta key and typing something into the Dash in Unity 8 the input will be >>send<< to Canonical and then the Canonical server will return a list of Scopes the user might want to search further. In the end all input will still be send through the internet to Canonical. The only thing that would change is, that not all input would be send to e.g. Amazon... but still, the input leaves your computer what is IMHO a bad thing.

I do not agree, this bug has not been solved and should remain open.. as titled the “bug” is “online smart scopes do not respect user privacy”
and from what i can tell; the new setup still does not respect user privacy.. keystrokes typed in search are still sent to canonical services (correct me if i’m wrong).
and the scopes scope is still opt-out.. and does not appear to address the EFF’s concerns at all..

Mike Davis
IOA

On Mar 31, 2014, at 9:34 PM, Benjamin Kerensa <email address hidden> wrote:

> @mlaverdiere: I agree this announcement addresses any privacy concerns
> users should have do we have a likely milestone to attach it to and is
> it worth marking Fix Committed?
>
> ** Changed in: libunity (Ubuntu Quantal)
> Status: Confirmed => Won't Fix
>
> ** Changed in: libunity (Ubuntu Raring)
> Status: Confirmed => Won't Fix
>
> ** Changed in: unity-lens-shopping (Ubuntu Quantal)
> Status: Confirmed => Won't Fix
>
> ** Changed in: unity-lens-shopping (Ubuntu Raring)
> Status: Confirmed => Won't Fix
>
> ** Changed in: unity-lens-shopping (Ubuntu)
> Milestone: None => later
>
> ** Changed in: libunity (Ubuntu)
> Milestone: None => later
>
> ** Changed in: unity-lens-shopping (Ubuntu)
> Status: Confirmed => In Progress
>
> ** Changed in: libunity (Ubuntu)
> Status: Confirmed => In Progress
>
> --
> You received this bug notification because you are subscribed to a
> duplicate bug report (1074780).
> https://bugs.launchpad.net/bugs/1073114
>
> Title:
> Online Smart Scopes Do Not Respect User Privacy
>
> Status in “libunity” package in Ubuntu:
> In Progress
> Status in “unity-lens-shopping” package in Ubuntu:
> In Progress
> Status in “libunity” source package in Quantal:
> Won't Fix
> Status in “unity-lens-shopping” source package in Quantal:
> Won't Fix
> Status in “libunity” source package in Raring:
> Won't Fix
> Status in “unity-lens-shopping” source package in Raring:
> Won't Fix
>
> Bug description:
> See this from the Electronic Frontier Foundation (EFF), a well
> respected "international non-profit digital rights advocacy and legal
> organization" (as described on Wikipedia):
> https://www.eff.org/deeplinks/2012/10/privacy-ubuntu-1210-amazon-ads-
> and-data-leaks
>
> Obviously, despite some improvements that have came late in the 12.10
> development cycle, there are still serious privacy concerns with the
> unity shopping lens. To be more precise, here are the main problems
> to be fixed according to EFF:
>
> - Disable "Include online search results" by default.
>
> - Explain in detail what Canonical does with search queries and IP
> addresses, how long it stores them, and in what circumstances it gives
> them to third parties.
>
> - Make the Search Results tab of the Privacy settings let users toggle
> on and off specific online search results, as some users might want
> Amazon products in their search results, but never anything from
> Facebook.
>
> Here is another related bug:
>
> #1055952 Direct data leaking to Amazon:
> https://bugs.launchpad.net/ubuntu/+source/unity-lens-
> shopping/+bug/1055952
>
> ProblemType: Bug
> DistroReleas...

See this: Ubuntu Shopping Lens (Scopes) Declared Legal in the UK and Most Likely in the European Union

http://m.softpedia.com/ubuntu-shopping-lens-scopes-declared-legal-in-uk-and-most-likely-in-european-union-453843.html

http://attheedgeoftime.blogspot.ro/2014/08/ubuntu-shopping-lens-deemed-legal-by-uk.html

It seems that the core of the reasonning of the UK Information Commissioner's Office (IOC) reads this way:

"In particular, we consider the (first time displayed, and later ‘iconised’) legal notice added by Canonical Ltd to the bottom right corner of the Dash, when Amazon searches were introduced, to have reasonably ensured compliance with the DPA for the introduction of those searches.

We also consider Canonical Ltd to have made reasonably available to Ubuntu users suitable information to assist people in limiting searches undertaken, or in removing the feature involved from their installation. "

White all due respect, this reasonning seems pretty weak to me, for these 2 reasons:

1) The "magical" legal notice is no longer in the dash (since 13.10) and is now hidden (and still untranslated) in the obscure "Diagnostics" tab, in the "Security and Privacy" panel;

2) I may have missed something but I really don't see where/how "Canonical Ltd to have made reasonably available to Ubuntu users suitable information to assist people in limiting searches undertaken (but I aknowledge that they did the right thing to allow users to remove/switch off the feature involved from their installation).

That said, IMHO as a really great FLOSS project, Ubuntu (and its sponsor, Canonical), shoud do more than look for minimal compliance with privacy laws/regulations in some contries/regions. It should try to be up to higher standards and target EFF recommandations compliance.

Ubuntu "Online smart scopes" are identified as a privacy concern in this UK Government Security Guidance report (currently advertised on ubuntu.com front page!): https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/412828/End_User_Devices_Guidance_-_Ubuntu_14_04_LTS.pdf

Here is the excerpt (p. 10)

By default Ubuntu has some features enabled which can be a privacy concern. To disable these
features take the following steps:
[...]
2. To prevent what is typed into the Dash from triggering online searches, go to System Settings,
Privacy, Search, and set Include online results in Dash to disabled. Alternatively, online
scopes can be disabled by executing..."

So, again, the solution is simple, i.e. online smart scopes should be Off by default.

Online search results are now disabled by default, starting in 16.04 LTS.

i am so very very pleased with this result, thank you all for your persistence.