Libreoffice is breaking GDPR law by enabling telemetry and updater by default and not asking consent!!

I am amazed how much your software is bloated. The following was ENABLED by default (I checked this after CLEAN installation of LibreOfficePortable_24.8.2_MultilingualStandard.paf.exe)

1. General \ Help Improve LO: Send crash report is CHECKED

2. The sneaky updater tried to connect to your server, which miserly failed:

Update Check Time: (TIME)
Update check: https://update-mar.libreoffice.org/update/check/1/LibreOffice/(IDENTIFIABLE HASH)/(OS TYPE)/LOOnlineUpdater
warning: error by the updaterdownload did not succeed

YOU SHOULD ASK FOR CONFIRMATION WHETHER THE USER WANT TO CONNECT TO YOUR SERVER OR NOT. BY NOT DOING THIS YOU ARE BREAKING EU GDPR LAW.

1. “Send crash report”, when enabled (which is by default), will always ask you before sending. The enabled option does not mean it will send anything without your consent - it only means it will do the job of watching the crashes, and creating the needed data locally in your profile in case of a crash, so that it has something to ask you about (if it didn’t prepare the data, it can’t ask to send, because there’s nothing to send). This is explained in the Privacy Policy clause I.XI.
2. Updater has nothing to do with sending personal data. “Identifieable hash” is just the build id of the LibreOffice, as shown in Help → About, i.e. a property of the LibreOffice software, not of you or your system.
3. You should ask questions before claiming others do wrong.
4. You can shout as much as you like here, but you should realize that you say “your software” to other users of this user-to-user “how do I?” Ask site, who own this software to the same extent as you do.

FTR: this is the code of the update checker.

In addition to @mikekaganski’s comments, please note that the message says “Update check” which means that after installing the “frozen” version in *LOPortable….paf.exe", the installer checked if a more recent version exists in order to give you the latest bug-fix release.

This is in no way a break of GDPR rules but a courtesy move to provide you the best user experience with the suite.

I’d rather question why the query did not succeed. Are you sure you got the installer from a reliable secure source?

@ajlittoz I’d guess, that @gdpruser is security-concerned, and has some firewall enabled, which would filter the communications. That’s normal that that would prevent the updater.

I’d rather question why they would consider it “sneaky”, when it provides all the information to the user… would anyone wanting to conceal something communicate it to the user at all?

The »help-text« about that option (…common Misc … CrashReport …) in the expert-config states: »»enable crash reports to the Document foundation«« … IMHO this is misleading an should be like: »»enable creating crash reports«« ?

Please note how I already tried to improve the information about it (and @fpy implemented the improvement): tdf#155459. Please file your improvement suggestions.

tdf#155459 is about the Dialog coming up after crash, not about the popup meanwhile hoovering over the mentioned node in the expertconfig… should I open a new bug ?

Of course. Add tdf#155459 to See Also. And indeed, I didn’t claim I suggested the same as you - otherwise I’d not ask you to file your suggestions. I only shown that improvements are possible and being done.

Done: tdf#163396

Thinking about it, I believe the existing wording is correct. Wording as you suggest would be misleading. The option allows the whole sending feature, including the creation of the report locally; but what would “enable creating report” mean by itself? There is no feature to simply create reports, without the goal of sending them.

The “enable sending” is different from “send (automatically)”. Of course, there may be a better wording, still.