Skip to content

Run a privacy pass on fleet-analytics ingestion #4893

Description

@JSONbored

Problem: Fleet-wide analytics already aggregates anonymized signals from every registered self-host instance into shared statistics — intentional and not a current leak, but the ingest path already accepts every instance's data into one shared table, and this deserves a fresh privacy review before it ever needs to carry more customer-identifiable detail in a hosted model.

Area: ORB / Privacy

Proposal: Review the current anonymization approach and document explicitly what would and wouldn't be safe to add to this pipeline under a hosted, per-customer model.

Deliverables:

  • A written privacy review with a clear yes/no per category of potential future data.

AMS Cloud Readiness cross-reference (added 2026-07-12)

See also #5219 in the new AMS Cloud Readiness milestone (#28) — the AMS-side parallel to this exact problem, already citing this issue as precedent. Keep both sides in sync if either design changes.

Metadata

Metadata

Assignees

Labels

maintainer-onlyOwner-only work — yields no Gittensor points.roadmapOn the Wave-2 agent-layer roadmap board (project 9)

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions