Ubuntu, a widely used and influential GNU/Linux distribution, has installed surveillance code. When the user searches her own local files for a string using the Ubuntu desktop, Ubuntu sends that string to one of Canonical's servers. (Canonical is the company that develops Ubuntu.)
Here is how you turn it off - Do it!
One of the major advantages of free software is that the community protects users from malicious software. Now Ubuntu GNU/Linux has become a counterexample. What should we do?
Proprietary software is associated with malicious treatment of the user: surveillance code, digital handcuffs (DRM or Digital Restrictions Management) to restrict users, and back doors that can do nasty things under remote control. Programs that do any of these things are malware and should be treated as such. Widely used examples include Windows, the iThings, and the Amazon "Kindle" product for virtual book burning, which do all three; Macintosh and the Playstation III which impose DRM; most portable phones, which do spying and have back doors; Adobe Flash Player, which does spying and enforces DRM; and plenty of apps for iThings and Android, which are guilty of one or more of these nasty practices.
So we can still say: "Linux does not spy on you - unless it is Ubuntu"