Privacy is the digital hot potato of today – and rightly so. What we do on our computers is, frankly, no-one else’s business.

We ‘allow’ some companies, such as Google and Facebook, to track what we do online so as to better serve us. And most of us don’t mind, seeing this intrusion as either a boon or a necessary evil.

But is Zeitgeist – the ‘relevancy engine’ used in Ubuntu to keep track of which files and apps you use most – evil?

That’s what one blogger is suggesting in post titled:

Aside from the inclusion of a loaded word (‘spying’ carries negative connotations, passively implying deceit and duplicity used to get information) it’s a question that is important to raise.

Fellow OMG! Ubuntu! writer Benjamin Kerensa also raised some valid issues relating to Zeitgeist privacy on his blog today.

So to get clarification on what the engine does, what info it collects, and where this data goes, I spoke to the creator of Zeitgeist, Seif Lotfy…

Zeitgeist: More of an Elephant Than A Fly on the Wall

Seif put me straight on the topic of spying straight away: Zeitgeist doesn’t spy on you. It logs what you do.

Whilst ‘Logging’ isn’t quite as sexy as ‘spying’ it is important distinction to be aware of, as Seif explains:

Search results need to be sorted, and to do that you need to rank them, and to rank them you need to know how many times they were used in a timeframe.

But this is different from going out of its way to log everything it can:

“Zeitgeist does not crawl around looking for history. If apps want to send it history it takes it in. The only thing Zeitgeist crawls for itself is the Gtk.RecentManager. So we dont log your online activity unless you add a plugin in Chrome or Firefox for it to do so.”

Further to this Ubuntu provides a well-stocked set of privacy option that let you choose, in some crazy specifics what ‘events’ or ‘files’ are or are not logged, and where they are used. These options were praised by the Electronic Frontier Foundation.

Storage and Security

Okay, so we now know that Zeitgeist doesn’t log everything; it can only log what we, or an app we use, tells it to. We can even switch it off completely.

But how is data that we do allow to be logged used? And by what applications?

In a fresh install of Ubuntu only one thing uses Zeitgeist: the Dash. Here it helps sort through your most recent files, newly installed or most used apps.

Although most of us will find this beneficial we can, if we want to, switch this off.

A few third-party applications available from the Software Center can hook into Zeitgeist to bring “relevancy” to their results. The most well known of these is Synapse.

What about privacy – does data collated by Zeitgeist get sent to an online server? Again Seif says no.

“All Zeitgeist data is stored locally and is not transmuted anywhere. The funny thing is these logs already exist on your system [without Zeitgeist]. You can find the Firefox history under:

~/.mozilla/firefox/*/ formhistory.sqlite

formhistory.sqlite ~/.mozilla/firefox/*/ downloads.sqlite

downloads.sqlite ~/.mozilla/firefox/*/search. sqlite

sqlite ~/.mozilla/firefox/*/places. sqlite “Google Chrome is similar, as is Telepathy (used by Empathy). And you can find gtk.recent manager history under ~/.local/share/recently- used.xbel (used by Gedit, Totem Movie Player, etc)”

“So the info is already there, [Zeitgeist] just stores them properly to make sense of them. Not only that but actually apps should stop storing their logs in their own directories and just push to Zeitgeist, because we allow real control over the logs (see privacy manager)”

But what about Ubuntu One? Surely this syncs some Zeitgeist data?

“U1 pushes only its sync history to Zeitgeist to allow you to find stuff that you did not use on your computer but on another one.

For example: I start working on a document on an U1 shared folder, then I switch computers and search in the dash it will appear high ranked since it was recently used on another computer.”

‘More Valuable Things to Steal’

Whilst I’m sure that someone, somewhere would pay a few pennies for data on what files you accessed most recently, or which artists you listen to most often, the likelihood of it happening is very, very slim.

And even if someone managed to break into your system Seif reasons there would be more valuable things to steal than logs of what file you opened last – “Like your Pidgin passwords which are stored in plain text.”

Despite this the Zeitgeist team are looking ‘into encrypting the database’ as an added precaution.

Finally

With everything neatly explained by Seif I wondered what wording would have been more apt for the headline that promoted this post.

I’d probably choose: