[Qgis-psc] Call for transparency - Generative AI plugins
Régis Haubourg
regis at qgis.org
Wed Jun 17 07:08:07 PDT 2026
Hi Rosa, thanks a lot for raising this issue.
I agree that such plugins can be an issue with data privacy and probably
security.
I had a look at how Mozilla handles extensions [0] and I agree that we
should aim toward more explicit consent and authorization model.
Generally speaking, I think we should embrass privacy statements for our
plugin repository. All data collection should be opt-in, so
qgis-geo-knowledge-ai would then be not conformed with its default
permissions.
Ideally a permission system should block a plugin sending data without
explicit permissions.
Any other thoughts?
[0]
https://extensionworkshop.com/documentation/publish/add-on-policies/#data-collection-and-transmission-disclosure-and-control
Best regards,
Régis Haubourg
Elected member at the Program Steering Comitee of QGIS.org.
-
On 17/06/2026 09:08, Aguilar Bolivar, Rosa (UT-ITC) via QGIS-PSC wrote:
>
> Dear PSC,
>
> First, I would like to express my appreciation for the continuous
> efforts invested in maintaining QGIS as a reliable and high-quality
> platform.
>
> I would like to draw your attention to the growing presence of
> AI-related plugins within the QGIS ecosystem.
>
> In my view, it is essential to ensure transparency for end users
> regarding which large language models (LLMs) are being utilized, as
> well as how user data may be processed, transmitted, or stored.
>
> As a specific example, I recently reviewed the Geo Knowledge AI plugin
> (https://github.com/robert6757/qgis-geo-knowledge-ai) and observed
> that no API key is required for its operation. Upon further inspection
> of the code, it appears that requests are routed to a remote server
> (as indicated in:
> https://github.com/robert6757/qgis-geo-knowledge-ai/blob/main/global_defs.py).
>
> While I am not certain of the best mechanism to address this, one
> potential approach could be the introduction of a developer
> declaration or compliance option (e.g., a checkbox or metadata field).
> This could require plugin developers to explicitly disclose key
> aspects such as the underlying AI model in use and the nature of any
> data collection, transmission, or processing. Such measures would
> enhance transparency and support users in making informed decisions.
>
> Best regards,
>
> Rosa
>
> Dr. Rosa Aguilar | Assistant Professor | University of Twente |
> Faculty of Geo-Information Science and Earth Observation|
> Campus University of Twente, Building Langezijds, room 1322, P.O. Box
> 217, 7500 AE Enschede, The Netherlands |
>
> T: +31 (0)53 487 4567 | r.aguilar at utwente.nl
> <mailto:r.aguilar at utwente.nl> | https://www.itc.nl/
> <https://www.itc.nl/>|
>
> Connect with me on LinkedIn
> <https://www.linkedin.com/in/rosamaguilar/?locale=en_US>
> https://rosaguilar.github.io <https://rosaguilar.github.io/>|
>
> /The essential is invisible to the eye. Saint-Exupéry///
>
> https://www.itc.nl/.uc/fa375379b01021d625f0083ea0d0312ee46ec8ddd8df800/UT%20ITC%20logo%20RGB.jpg
>
>
> _______________________________________________
> QGIS-PSC mailing list
> QGIS-PSC at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/qgis-psc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/qgis-psc/attachments/20260617/5f8aab5e/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 318796 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/qgis-psc/attachments/20260617/5f8aab5e/attachment-0001.jpg>
More information about the QGIS-PSC
mailing list