Is it though? Microsoft .NET has telemetry that you always have to opt out always. Dark patterns like this setting not sticking but being overridden after an update, and of course the shell command that you kinda have to google each time, where you set a parameter to "1" and get no verification that you have indeed successfully disabled telemetry come with the territory (of software vendors not respecting the user much)

I’m curious, how does that apply to open source projects? Who would they go after for redress in large distributed communities like Manjaro?

I'd guess that they'd target the system that collects the data as usually that isn't distributed (I'd be more concerned if telemetry was collected and then available for anyone to peruse rather than just the Manjaro organisation itself).