Over at the Emacs subreddit, Tb12s46 asks if Emacs is privacy friendly. By that he means does Emacs collect telemetry or otherwise spy on its users. On its face, the question has an easy answer. Of course Emacs doesn’t do any of that. The project leader won’t even use a cell phone because of privacy worries and Emacs development is open to all so any nonsense would be discovered immediately. In any event, Emacs is “owned” by its users not some corporation with an interest in collecting and selling users’ data.
But it’s worth considering Tb12s46’s query as a second order question. Is there something about the Emacs architecture that makes it susceptible to privacy abuses? Apple certainly thinks so. They won’t allow it on iOS. Of course, that’s because of its programmability, which Apple prohibits in all apps.
Still, one could argue that the programmability is a weak spot. Even Emacs recognizes this and strives to prevent executing any file that hasn’t been explicitly authorized. On the other hand, Emacs is open source in a way that most other applications aren’t: everything is delivered as source code so it’s much harder to sneak in exploits. Sure, some people just load binaries of core Emacs but many of us compile from source so there can be no hidden “features” not visible in the (public) source. The bigger worry is third party packages but the news is even better in that sphere. There are no binaries there. Everything is delivered as source.
All-in-all, I feel pretty comfortable that Emacs is one of the safest applications that I use. The only realistic exploit is getting me to execute some random file but that’s not something I’d do and even then, Emacs does its best to protect me.
So yes, Emacs is privacy friendly. It doesn’t spy out of the box and it’s not easy to add code that will do the spying.