Policies/Uploading and Downloading from Eclipse Software Policy
This policy is concerned with Eclipse Foundation project code "calling home" or otherwise providing data out of user installations to Eclipse Foundation Servers.
Any call home service would have to be opt-in.
The user needs to be able to review the data before it is sent.
Raw data, which may include non-obvious potentially private information, needs to be transferred securely.
Raw data needs to be stored securely and access to the data needs to be strictly controlled.
The target for data collected by content distributed from eclipse.org must be an Eclipse Foundation server (e.g. the Eclipse packages must be configured to send data to an eclipse.org server). This can be configurable by adopters to send to an alternate server.
Cleaned and processed data needs to be publicly accessible.
Auditing and Approval
Any project implementing a call-home server must get approval from EMO(ED).
I'm also thinking that having multiple separate projects each with their own call-home mechanism that prompts the user for opt-in will make us look goofy. Some coordination of call-home services should be considered.