@mak ping! This is the issue ticket about unattended upgrades

I agree with Matthias here - having updates on by default brings security fixes quickly and is something that many folks now have come to expect. Much better to request that users opt out of secure default settings. This comports with Todd's stated policy of "smart defaults".

It appears that one *cannot* shut off updates with GNOME Software despite the settings that would imply that this is possible. What needs to be address is apt-daily-upgrade.timer. systemctl status apt-daily-upgrade.timer says;

● apt-daily-upgrade.timer - Daily apt upgrade and clean activities
     Loaded: loaded (/lib/systemd/system/apt-daily-upgrade.timer; enabled; vendor preset: enabled)
     Active: active (waiting) since Fri 2020-12-11 10:07:48 EST; 2 weeks 5 days ago
    Trigger: Thu 2020-12-31 06:28:21 EST; 10h left
   Triggers: ● apt-daily-upgrade.service

This can be disabled which ought to turn off automatic updates. Stop the timer and disable this way;

sudo systemctl stop apt-daily-upgrade.timer
sudo systemctl disable apt-daily-upgrade.timer

No, disabling the timers is completely the wrong approach. The service belonging to the timer unit has built-in logic to do only what it was configured to do + some cleanup work that we always want to have done.
All you need to do to disable upgrades is to disable them in GNOME Software as well as in software-sources-gtk which is available in GNOME Software's burger-menu as well.
See the attached picture:

That will do the job. We could probably fold some of this setting into PackageKit, but then users who don't want to use PackageKit will complain, or users who don't know that PackageKit is there but edit all settings manually will complain the PK is changing settings. I actually wanted to consolidate things more in the past, but there was some resistance and I didn't consider this a fight that was worth it.
Simon McVittie explained this in a bit more detail in a somewhat related bug report recently: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977158#30

But, tl;dr: Don't mess with the timers, change settings in GNOME Software and software properties, *or* run sudo dpkg-reconfigure unattended-upgrades and change selections, *or* alternatively edit /etc/apt/apt.conf.d/20auto-upgrades manually and tweak things to whatever works for the user.

The user writes back saying that they disabled GNOME Software and was unable to stop automatic upgrades. There is no effect of the GNOME Software settings observed. I think the next step on my side is to run strace on GNOME Software and settings to see what is happening (or not happening).

User writes;

the issue is the "Software & Updates > Updates > Automatically check for updates: Never" configuration is not preventing the system from automatically checking for updates every day.

The Original Poster is stating that their use case is customers at sea who have expensive connection charges which require they disable unnecessary network communication.

the issue is the "Software & Updates > Updates > Automatically check for updates: Never" configuration is not preventing the system from automatically checking for updates every day.

they have to do that *and* disable updates in GNOME: "GNOME Software" > "Burger Menu" > "Update Preferences" > Toggle Automatic Updates
(as shown in the image I posted above)

In T978#17857, @mak wrote:

the issue is the "Software & Updates > Updates > Automatically check for updates: Never" configuration is not preventing the system from automatically checking for updates every day.

they have to do that *and* disable updates in GNOME: "GNOME Software" > "Burger Menu" > "Update Preferences" > Toggle Automatic Updates
(as shown in the image I posted above)

User claims this is in fact how they have done it;

Then this should have worked - they should verify that /etc/apt/apt.conf.d/20auto-upgrades exists and has the correct values.