Proposal: Disabling FLoC in Jenkins and the Jenkins websites

[Oleg Nenashev]

Hi all,

As you may have heard, Google is rolling out its FLoC (Federated Learning of Cohorts) tracking system, for advertisement needs. This system is enabled in Google Chrome by default, and it is a corporate standard for many of the Jenkins users. They cannot easily opt out. Yesterday GitHub set a good precedent by disabling FLoC by default. I think we should do the same.

We can explicitly disable FLoC on Jenkins resources by setting the Permissions-Policy: interest-cohort=() header in Jenkins distributions by default and on our websites: jenkins.io, plugins.jenkins.io, javadoc, update center, etc., etc..

Jenkins distributions. For the Jenkins core, it is a small patch adding additional headers (e.g. here). Probably we should introduce the new "Privacy" category in the "Manage Security" screen for better UX, but this particular control should be also manageable by system properties so that the settings always apply.

Jenkins Infa.  For our infra, It should be easy to do for resources we host in the main infra Kubernetes cluster. Although in some cases it may prevent Jenkins-friendly (or not) advertisements from popping up for users, I think we should rather put privacy first and disable FLoC on our resources. Google Analytics might also be a subject for removal, but I suggest to have a separate thread about it

What do you think?

References:

• https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea
  
• https://github.blog/changelog/2021-04-27-github-pages-permissions-policy-interest-cohort-header-added-to-all-pages-sites/
  

Best regards,

Oleg Nenashev

[raihaan...@gmail.com]

Hey Oleg,

I think this is a great suggestion.

The privacy category idea is also interesting is there any other interesting settings we could offer users there?

Cheers,

Raihaan

[Oleg Nenashev]

Hi Raihaan,

> The privacy category idea is also interesting is there any other interesting settings we could offer users there?

• Managing Jenkins usage stats. It is currently managed by flags only
• Managing Jenkins telemetry (JEP-214)
• Extension point for plugins so that they can configure their telemetry , if any?
• // anything else?

Best regards,

Oleg

[Daniel Beck]

On Wed, Apr 28, 2021 at 11:58 AM Oleg Nenashev <o.v.ne...@gmail.com> wrote:

• Managing Jenkins usage stats. It is currently managed by flags only

There's both a UI option and a command line flag, either is enough to disable.

• Managing Jenkins telemetry (JEP-214)

Shared with usage stats because they're similar. 

• Extension point for plugins so that they can configure their telemetry , if any?

This is the same thing?

[Mark Waite]

+1 that we should disable FLoC

[Damien Duportal]

+1 on disabling Floc.

If it introduces a problem with any of our analytics tools, it means that we should rethink these tools to ensure a proper privacy of the community and users, but I assume it's opt-out by default, and opt-in at user request's?

[Daniel Beck]

On Wed, Apr 28, 2021 at 10:59 AM Oleg Nenashev <o.v.ne...@gmail.com> wrote:

Yesterday GitHub set a good precedent by disabling FLoC by default. I think we should do the same.

Could you explain in what way this header does anything for us, in particular in Jenkins?

IIUC, it globally limits what elements on a page are allowed to do, similar to Content-Security-Policy. In this case, it makes the JS call document.interestCohort() not do track-y things.

This makes sense for GitHub pages, as they let folks host their own content there.

But if jenkins.io or Jenkins load content that does this, we should just put an end to that.

What am I missing?