The user doesn't conflate the two, the developers do, and that's why we turn off telemetry, because its damn close to tracking.

Knowing what (vulnerable) version of software a user is using transmitted in the clear was absolutely a part of the NSA monitoring error information from windows crash logs https://www.schneier.com/blog/archives/2017/08/nsa_collects_... - so forgive me if I do not trust the developer to know what makes me unsafe or not.

If you enable telemetry by default I will do my best to never use your product.