AI Summary:
Overview:
- Mozilla is updating its new Terms of Use for Firefox due to criticism over unclear language about user data.
- Original terms seemed to give Mozilla broad ownership of user data, causing concern.
- Updated terms emphasize limited scope of data interaction, stating Mozilla only needs rights necessary to operate Firefox.
- Mozilla acknowledges confusion and aims to clarify their intent to make Firefox work without owning user content.
- Company explains they don’t make blanket claims of “never selling data” due to evolving legal definitions and obligations.
- Mozilla collects and shares some data with partners to keep Firefox commercially viable, but ensures data is anonymized or shared in aggregate.
Mozilla collects and shares some data with partners to keep Firefox commercially viable
How hard is it to be specific? People are concerned about this, can they not tell us the exact data they share and with whom, or is doing so going to make people more concerned so they are avoiding telling us?
They can’t be specific in the legal note because that would close their options and prevent them from auctioning off every month to the new highest bidder.
They certainly could keep a page of what they’re currently selling to whom, but even if it was innocuous (doubtful) that would again put them in the news every time they changed it.
Tried and true
legalPR strategy: say nothing and hope the attention goes away
Anyone have a decent Android alternative? Updated my phone last night and this morning got a notification that Firefox had full permissions for accessing my location data. I’d like to move away from Firefox before enshitification is in full swing.
they were effectively owning everything you fo in firefox, how is that nothing
Already uninstalled everywhere. Better luck next time, Mozilla.
this is them rolling it back cause of the outcry, they don’t want to admit it worked
The terms were never actually bad. This is them responding to the backlash, yes, but that’s just because everyone freaked out over nothing. They’re not “rolling back” anything, and this comment is just more disinformation.
The proof that even techies can confuse « rollback » and « fix ».
A FOSS browser has and never will require collecting user data.
This should not happen at all.
What do you think a browser does?
The browser manufacturer doesn’t need a license to my inputs to process them and give them to the server it’s supposed to give them to. If you type a text in Libre office, does it ask you for a license to the text in order to save it?
Certain features certainly could be considered as doing that, such as:
- Firefox sync
- crash reporting
- add-on store
I certainly want those. And then there are others that I don’t want:
- telemetry
- studies
- AI
My understanding is that this change is primarily motivated by a recent law change in California that has a pretty broad definition of “selling user data” and this is less likely to be a fundamental change in how Mozilla operates. However, let’s see what they come back with.
That second list should also include
- Ads
Because ads in the search bar results are one of the things Mozilla cited as precipitating the need for ToS.
What’s the alternative for Android? Fuck Chrome I want to move off this shit onto something that actually gives half a shit about me.
Boy have i got a treat for you, Ironfox! the continuation of Mull
Will check it out, thanks.
Fennec on F-Droid, which is Firefox fork
IronFox
Tor. Anything short is freely giving your data away. If you’re looking for something that isn’t based on Gecko or Chromium there is the DuckDuckGo browser, which is WebKit. I can’t attest to how good their privacy policy is though as I have no idea.
Tor Browser doesn’t include uBo (on Android at least) and their ad blocking is abysmal. Its great that no one can trace your IP but completely useless since it doesn’t do anything to block trackers.
Anything short is freely giving your data away.
Misinformation.
Too late, I switched to Floorp.
Because of privacy stuff? No. Because of repeated drama? Yes.
I don’t have time for this stuff. I don’t have time to track every minute twist of the knife that Google’s funding drives Mozilla to embark on.
I’m bored of using software and watching it go through “death by a thousand minor dramas”
So now I use a web browser that has a name so stupid I don’t even recommend it to other people. Brilliant.
Try zen browser. It’s just like floorp but has that Arc browser aesthetic.
I was a floorp user until I tried zen browser. You should give it a try too.
Never heard of this one before. too bad it doesn’t have a mobile version as well.
The drama isn’t exactly their fault. There are a lot of rich organizations that want them to cease to exist. Most 9f which want track you online and/or shove ads down your throat.
A fair amount of drama is exactly their fault. Mozilla chose to increase management pay and fire people, Mozilla chose to flirt with ai, Mozilla bought an ad firm, and so on. It’s not like someone was holding a knife to their throat.
Truly an outstanding move
Floorp isn’t recommended for its privacy features anyway, it’s recommended by users for the amount of customization you can do. It’s got some features that Firefox has that I don’t want to do without.
Even if the name sounds stupid, you should still recommend it to other people :D
Have been doing so for a few months and haven’t had any negative feedback.
Floorp is a new Firefox based browser from Japan with excellent privacy & flexibility.
💀
The magic of forking!
✨
I didn’t sell your shit, I collected it and shared it to keep myself comercially viable.
Surprise Mechanics 🤗
“I am doing things that are not selling your data which some people consider to be selling your data”
Why is he so cryptic? Neil, why don’t you tell me what those things are and let me be the judge?
I’m pretty sure this person is making a joke using a fake exaggerated “answer” from a corporation to highlight the absurdity of their double speak. I doubt something this insane would come from an actual spokesperson.
I’m getting that now too. I don’t know the players in Mozilla. The quote without context made me think this was one of those Mozilla execs.
Louis Rossmann had a good video about this. Basically, California passed a law that changed what “selling your data” means, and it goes way beyond what I consider “selling your data.” There’s an argument here than Mozilla is largely just trying to comply with the law. Whether that’s accurate remains to be seen though.
Then how about putting that in the language? “We don’t sell your data, except if you’re in California, because they consider x, y and z things we might actually do as selling data.”
Some jurisdictions classify “sale” as broadly as “transfer of data to any other company, for a ‘benefit’ of any kind” Benefit could even be non-monetary in terms of money being transferred for the data, it could be something as broadly as “the browser generally improving using that data and thus being more likely to generate revenue.”
To avoid frivolous lawsuits, Mozilla had to update their terms to clarify this in order to keep up with newer laws.
I agree, I don’t want my browser provider to collect any data on me at all, but if they absolutely must gather the absolute minimum system analytics stats or such they should NEVER pass it to a third party for ANY reason.
You make a desktop browser application, that’s your job, to provide a portal to the world wide web, nothing more. Stay within your bounds and we’ll never have any problem.
I think this is a reasonable explanation.
But I also believe a large part of the firefox user base does not want any data about them collected by their browser, no matter if it is for commercial purposes or simply analytics / telemetry. Which is why the original statement “we will never sell any of your data” was just good enough for them, and anything mozilla is now saying is basically not good enough, no matter how much they clarify it to mean “not selling in the colloquial sense”
Which is a ridiculous thing to want for most users and exposes how little so much of the self-identified “techie” crowd actually understands about how this stuff works.
I mean…if they pay for the service of external analization of data in exchange of money, how is that a sale of goods/data?
Ask the lawmakers who wrote the laws with vague language, because according to them, that kind of activity could be considered a sale.
As a more specific example that is more one-sided, but still not technically a “sale,” Mozilla has sponsored links on the New Tab page. (they can be disabled of course)
These links are provided by a third-party, relatively privacy protecting ad marketplace. Your browser downloads a list of links from them if you have sponsored links turned on, and no data is actually sent to their service about you. If you click a sponsored link, a request is sent using a protocol that anonymizes your identity, that tells them the link was clicked. That’s it, no other data about your identity, browser, etc.
This generates revenue for Mozilla that isn’t reliant on Google’s subsidies, that doesn’t actually sell user data. Under these laws, that would be classified as a sale of user data, since Mozilla technically transferred data from your device (that you clicked the sponsored link) for a benefit. (financial compensation)
However, I doubt anyone would call that feature “selling user data.” But, because the law could do so, they have to clarify that in their terms, otherwise someone could sue them saying “you sold my data” when all they did was send a small packet to a server saying that some user, somewhere clicked the sponsored link.
I would definitely call that selling my data. The recipient can now add that to my profile as an interest.
The recipient doesn’t get any identifying data about you, because the data that shows the link was clicked does not identify you as an individual, since it’s passed through privacy-preserving protocols.
To further clarify the exact data available to any party:
- The ad marketplace only knows that someone, somewhere clicked the link.
- Mozilla knows that roughly x users have clicked sponsored links overall.
- The company you went to from that sponsored link knows that your IP/browser visited at X time, and you clicked through a sponsored link from the ad marketplace
There isn’t much of a technical difference between this, and someone seeing an ad in-person where they type in a link, from a practical privacy perspective.
Their implementation is completely different from traditional profile/tracking-based methods of advertising.
“ChatGPT, I need your help. Please pretend to be a lawyer that recently suffered a severe concussion and write me something I can post online that will male this situation slightly weirder.”
Neil doesn’t need a chatbot with sparkles for that, he’s plenty capable to take absolute piss himself. 😁
some people consider indirect, cryptic answers to be complete
Oh, it’s perfectly clear. We got the message. Mozilla are not to be trusted with our data.
Really? I would think most would consider them for what they are: evasive and probably deceptive
vague to be exact, keeping it vague, so its up for interpretation on thier part, and they can use the vagueness as an excuse.
all sorts of people are super satisfied with answers that don’t answer the question….
people tell me that all the time….
Reread it, double negative.
Edit: oops, sorry. Removed this myself for being wrong.
That’s good and I’m genuinely glad they’re trying to clarify it, but it proves yet again that their top management is out of touch with reality and their users: somebody (most likely more than one person actually) had to sign off on these changes and the message they sent out - this whole thing could have been avoided if they understood their users better (and/or if they actually cared nore about what users think).
Google funding allows them to be big and inefficient, which means a lot of tops paid well and thinking themselves fashionable FOSS leader people or something.
They can live without it. They’ll have to cut most of the organization and return to being an open project developing a web browser.
That doesn’t sound cool for people not doing useful work. Like me, I’ll get to my shit instead of typing comments.
Mozilla says that “there are a number of places where we collect and share some data with our partners” so that Firefox can be “commercially viable,” but it adds that it spells those out in its privacy notice and works to strip data of potentially identifying information or share it in aggregate.
Sounds like they’ve already been selling (or trading) data and this whole debacle is a way to retroactively cover their asses.
Yeah. And their privacy notice is basically a mix-match of ten or so sections that have no place in a web browser privacy policy, that allows them to do the things people reproach them for doing.
It’s like saying “we’re not doing that, because we’re limited by that document that allows us to do just that”. And now they’re tripling down on it.
google is probably thier number one customer for the data.
Ruh roh. Too late though.
Friendship ended with Firefox,❎ Librewolf is my new best friend. ✅
I need a gif where Scooby Doo removes the Librewolf logo and there’s a Firefox logo underneath.
You must recognize that there is no Librewolf without Firefox, right? In fact, Librewolf even says in their privacy policy that you should also refer to the Firefox Privacy Policy because they can’t be certain that their browser won’t ever try to send data to Mozilla.
I’m not saying this to deter you from using Librewolf. If it works for you then that’s awesome. It just made me chuckle when you said that you ended your friendship with Firefox and ran into the warm embrace of… Firefox with different default settings.
In any case, all I’m trying to communicate is that Firefox and all of its many forks are fundamentally reliant on Mozilla and its ability to continue updating Firefox. That means Mozilla needs a sustainable business model, and that we can’t all simply abandon our relationship with Mozilla for a tool that is dependent on the work that Mozilla does.
Friendship ended with Firefox,❎ Librewolf is my new best friend. ✅
A big problem with such forks (same with packages made by Linux distributors) is that there is a delay between official FF release and the release of the corresponding update of the fork. 99% of the time this doesn’t matter much but when there is a severe security issue, the patch needs to be available ASAP.
Past enshittifications of Firefox could be disabled by users. Users who know what to disable don’t need such forks then.
I’m not yet clear what Mozilla even intends. Is it just an adjustment of language of things that are already in FF and can be disabled easily? If so, I just keep the following shit disabled and benefit from earlier update releases.
A big problem with such forks (same with packages made by Linux distributors) is that there is a delay between official FF release and the release of the corresponding update of the fork.
That’s called a patched downstream, not a fork.
LibreOffice was a fork of OpenOffice. OpenBSD was a fork of NetBSD.
I have not dug too deep into it for now (especially if I end up changing browser), but even with everything in the preferences disabled, examining the content of about:config gives a lot of telemetry.whatever.enabled left to true, sometimes with names that do not seem to match any option given to the user. That’s not a good look either.
And you cannot change those in the default mobile Firefox since about:config is disabled (by their claim that it may break stuff in the ui)
The issue is that Mozilla is actively hiding these settings. There’s one (I forgot which one) that you can’t find by searching for the title in the FF settings, you have to scroll to it yourself.
The issue is that Mozilla is actively hiding these settings.
They are under “Privacy”, just as I expected where they would.
There’s one (I forgot which one) that you can’t find by searching for the title in the FF settings, you have to scroll to it yourself.
🤷
Yes, you can disable the settings that are exposed to you with a checkbox. How about all the other that have no checkboxes and you can find by snooping around in either the code or about:config ?
How about all the other that have no checkboxes and you can find by snooping around in either the code or about:config ?
Which are? Genuine question. I’m not aware of those either.
I’m not going to enumerate them, mostly because I did not keep track of which one was on and which one was off before messing all of them up. If you’re curious, open “about:config” and search for “survey*.enabled”, “collect*.enabled”. Even with all settings disabled, some of them remains on, and they do cause traffic to the (documented) endpoints.
Dude, I’m not talking about the specific settings you’ve shown. There’s more settings you should set regarding privacy, and (at least a couple of months ago) one of them wasn’t appearing when searching for it.
There’s more settings you should set regarding privacy
Please be more specific.
I’ve already moved most of my stuff to forks or different software altogether.
Firefox -> LibreWolf and Waterfox
Thunderbird -> Evolution
I’m still trying to decide if I want to move off k9mail on mobile to something else. I probably will but I’m not sure what at this point.
I thought Thunderbird was a separate entitiy from Mozilla these days? And K-9 isn’t owned by Thunderbird either? Am I mistaken?
My understanding is that they are all under Mozilla and they’re all in danger of the same business decisions.
If that’s not the case I’d be more than happy if someone could prove me wrong.
Technically Firefox is operated by the Mozilla Foundation, and thunderbird by its subsidiary, MZLA Technologies Corp. This subsidiary also took over K-9 a while ago iirc.
deleted by creator
They have no business collecting any data in the first place. If I wanted my data collected I’d be using Chrome like everyone else. I’m not choosing to use their buggy ass inferior and slower browser for any of Mozilla’s services, I’m choosing it because I want to support non-Chromium browsers and regain my privacy.
There’s no point whatsoever to using Firefox if it’s just a worse Chrome.
Even if Firefox is selling your data, its still 10x better than chrome since they allow uBlock Origin. Fuck chrome and fuck ads
Telemetry benefits everyone, knowing which features are getting used, knowing what parts are causing crashes… It lets developers target what to improve and fix instead of going in blind. I get that collecting data can be scary, because so far everyone has been busy selling that data. But there’s a reason why data is so valuable, if it’s properly handled and anonymized it benefits everyone using firefox.
It lets developers target what to improve and fix instead of going in blind.
I’m sure they’ll make do
I think it’d be less creepy if there was an easily accessible public dashboard displaying this telemetry. E.g. like counters showing how many people hide the bookmark bar. If you can instantly see what data your browser is sending in an easily digestible format (ie not a dump of JSON in a submenu), it’s easier to gain a quick understanding of the benefits vs minimal privacy tradeoffs.
But it really depends on trust: trust that they’re not collecting more than they claim, and trust that the data is properly anonymized. Mozilla has lost that trust.
if it’s properly handled and anonymized it benefits everyone using firefox
glub glub much?
There is no justification for opt-out telemetry data collection, and there is no proper handling of data obtained despite user pushback. Also, properly anonymizing large data sets is not as trivial as you think. Even “fully anonymized” data set, assuming everything’s possible’s been done, can lead to correlation when added with other data. Even “cohorts” can lead to the creation of an aggregate group with so few individuals that it basically boils down to individual tracking.
Why do you think people are so vocal about not letting any of this happens in the first time? It’s not for blind idealism. It’s basically because even a minimum waiver on “supposedly anonymous” data is a huge blow to your privacy. And some people care about that.
Besides, Mozilla’s been pushing for a shitton of features that are constantly blamed for Firefox becoming as bad as its competition, and constantly turned off/removed. If they cared even a tiny bit about user feedback, the last… 3, 5 years of decisions from Mozilla would have been very different. Feature usage telemetry is a joke to make people accept their bullshit; the only thing that influence feature development is management or very heavy pushback, and that happens in dev issues, not with telemetry feedback.
While they have to be careful, there can be reasonable ones to help what they do/stop doing.
Example, “x% of telemetry enabled users enable the bookmark bar”, not particularly useful for harmful purposes, but if it were 0.00%, then they know efforts accommodating the bookmark bar would be pointless. Not many users would go out of their way to say “I don’t use some feature I’m ignoring”, and telemetry is able to convey that data, so the developer is not guessing based on his preference.
That being said, the telemetry is so opaque that it’s hard to make an informed decision as to whether the telemetry in question is risky or not. Might be good to have some sort of accumulated telemetry data that you can click to review and submit, and have that data be actually human readable and to the point for salient points.
glub glub much?
That’s a nice way to start and end a discussion.
How convenient for you.
It’s exactly the level of discourse your misinformation deserved.
No, fuck that and quit bootlicking. Software makers did just fine without telemetry for decades; your supposed justification is nothing but a bullshit lazy excuse.
Software makers did just fine without telemetry for decades
They actually did not, almost every software out there is mining your information. Software developers rely on and need data, you can’t guess what people want. Whether it’s from studies, testers, surveys, or telemetry, developers need information about what users like, what they don’t, how they interact with the software… This is what makes data so valuable, and why businesses like Google can exist. Denying open source software telemetry is shooting yourself in the foot.
. Software developers rely on and need data, you can’t guess what people want.
Why would I want software developers (particularly web browser) to guess what I want? I will tell them what I want, otherwise they have no business serving it to me.
If I’m not offering that data, it means I don’t want you to have it. Simple as that.
I will tell them what I want
You might, but 99% of users will never take a step towards giving any feedback whatsoever.
Yes, which means they don’t want anything from them. Rather than seeing those people as nothing more than potential profit, just move on.
Yes, which means they don’t want anything from them.
And yet they’re using the application. Don’t you want the applications that you use to work better? This is what telemetry enables, the ability to give feedback without jumping through 10 hoops, creating an account, responding to a survey, or whatever other method you’re thinking of to give feedback.
Me looking at Mozilla like: https://pbs.twimg.com/media/GHShUPtagAANgks.jpg
