AI Summary:
Overview:
- Mozilla is updating its new Terms of Use for Firefox due to criticism over unclear language about user data.
- Original terms seemed to give Mozilla broad ownership of user data, causing concern.
- Updated terms emphasize limited scope of data interaction, stating Mozilla only needs rights necessary to operate Firefox.
- Mozilla acknowledges confusion and aims to clarify their intent to make Firefox work without owning user content.
- Company explains they don’t make blanket claims of “never selling data” due to evolving legal definitions and obligations.
- Mozilla collects and shares some data with partners to keep Firefox commercially viable, but ensures data is anonymized or shared in aggregate.
Too late. That wasn’t a typo, Terms are going downhill from here. I’m gone.
Mozilla collects and shares some data with partners to keep Firefox commercially viable
How hard is it to be specific? People are concerned about this, can they not tell us the exact data they share and with whom, or is doing so going to make people more concerned so they are avoiding telling us?
I didn’t sell your shit, I collected it and shared it to keep myself comercially viable.
A FOSS browser has and never will require collecting user data.
This should not happen at all.
What do you think a browser does?
The browser manufacturer doesn’t need a license to my inputs to process them and give them to the server it’s supposed to give them to. If you type a text in Libre office, does it ask you for a license to the text in order to save it?
No, but that’s a local program processing and saving data entirely on your system. It’s a world of difference from what a web browser does, which is oversee a whole suite of protocols connecting you to remote servers and transmitting data back and forth in requests that build on and reference each other. With the complexity of modern web interactions, there’s a ton of reasons why a browser might need to store your data and share it with others, even ignoring profit-seeking motives.
And let’s remember that the last thing Mozilla got heat for was the introduction of a method to anonymize bulk user data for sharing & selling purposes, as opposed to the granular, extremely invasive tracking that 99% of websites are doing these days.
I see a company that needs to make a decent amount of money in a crazy competitive environment, that’s trying their best to do so in the way least destructive to user privacy and choice.
Not even the lemmy instance you’re on needs a license to your content, and it is stored there and displayed for the world to see. Why is that? Because storing and displaying your posts is the very thing you want it to do. That is the service it is providing for you, and you declare that you want it to do that by clicking “send”. They would need a license if they wanted to do anything else with your stuff, which doesn’t directly have to do with displaying your posts in the fediverse.
The browser is supposed to take my requests and inputs, carry them to the server that I’m talking to and bring back the answer. The mail doesn’t need a license to my letters. That only changes if they want to open them and do something I originally had not intended.
But you know who claims a license to your content? Meta. Because you’re the product there, not the costumer.
And let’s remember that the last thing Mozilla got heat for was the introduction of a method to anonymize bulk user data for sharing & selling purposes,
as opposedin addition to the granular, extremely invasive tracking that 99% of websites are doing these days.Ftfy. It’s never going to replace more invasive tracking and just constitutes yet another party collecting my data.
I see a company that needs to make a decent amount of money
Mozilla already makes enough money from passive investment income. They don’t need to make any money from Firefox at all (but they do, it’s from google). They also don’t need to pay their CEO 6 Million a year.
Edit: Typo
That’s good and I’m genuinely glad they’re trying to clarify it, but it proves yet again that their top management is out of touch with reality and their users: somebody (most likely more than one person actually) had to sign off on these changes and the message they sent out - this whole thing could have been avoided if they understood their users better (and/or if they actually cared nore about what users think).
Mozilla says that “there are a number of places where we collect and share some data with our partners” so that Firefox can be “commercially viable,” but it adds that it spells those out in its privacy notice and works to strip data of potentially identifying information or share it in aggregate.
Sounds like they’ve already been selling (or trading) data and this whole debacle is a way to retroactively cover their asses.
Yeah. And their privacy notice is basically a mix-match of ten or so sections that have no place in a web browser privacy policy, that allows them to do the things people reproach them for doing.
It’s like saying “we’re not doing that, because we’re limited by that document that allows us to do just that”. And now they’re tripling down on it.
“I am doing things that are not selling your data which some people consider to be selling your data”
Why is he so cryptic? Neil, why don’t you tell me what those things are and let me be the judge?
Louis Rossmann had a good video about this. Basically, California passed a law that changed what “selling your data” means, and it goes way beyond what I consider “selling your data.” There’s an argument here than Mozilla is largely just trying to comply with the law. Whether that’s accurate remains to be seen though.
Then how about putting that in the language? “We don’t sell your data, except if you’re in California, because they consider x, y and z things we might actually do as selling data.”
Exactly!
Hetzner kind of does this, where there’s a separate EULA for US customers that lays out precisely how they’re screwing you in that jurisdiction (e.g. forced arbitration). I’m not happy about that, but I appreciate having a separate, region-specific TOS.
If some wording only applies in California, state that. Or if it’s due to similar laws elsewhere, then state that. And then detail which features collect data, why, what control you have, and how you can opt-out. Maybe have a separate mini-TOS/EULA for each major component that gets into details.
But just saying “you give us a license to everything you do on Firefox” may appease their legal counsel, but it doesn’t appease many of their users, especially since they largely appeal to people who care about privacy.
At this point I care about ownership of what I do on my browser, Chrome under these guidelines is a better alternative (and that’s a low bar)
How is chrome better? It’s literally run by an ad company, and there’s no way they have a better TOS.
It’s not it’s just slightly less bad than Firefox on the perspective of ownership,
E.g.: under the new guidelines by Mozilla you’re not allowed to bookmark pornhub
This is thanks to Mozilla’s focus on “privacy respecting “ advertisement and ai, go to any open source conference and you’ll see a list of ai talks by them.
——
Don’t get me wrong I implore anyone to move to any browser that isn’t; Chrome, Edge, Firefox, Opera
Some jurisdictions classify “sale” as broadly as “transfer of data to any other company, for a ‘benefit’ of any kind” Benefit could even be non-monetary in terms of money being transferred for the data, it could be something as broadly as “the browser generally improving using that data and thus being more likely to generate revenue.”
To avoid frivolous lawsuits, Mozilla had to update their terms to clarify this in order to keep up with newer laws.
I think this is a reasonable explanation.
But I also believe a large part of the firefox user base does not want any data about them collected by their browser, no matter if it is for commercial purposes or simply analytics / telemetry. Which is why the original statement “we will never sell any of your data” was just good enough for them, and anything mozilla is now saying is basically not good enough, no matter how much they clarify it to mean “not selling in the colloquial sense”
Which is a ridiculous thing to want for most users and exposes how little so much of the self-identified “techie” crowd actually understands about how this stuff works.
The first 6 years of Firefox were done without telemetry and after it was implemented it was opt-in for a while.
While I see the use of telemetry for development purposes, I would not call it aridiculous thing to not want
I more meant that the average user actually wants a significant amount of data collection and telemetry, as part of their normal web usage. There are some true privacy geeks who are actually maintaining near-anonymity on the modern internet, but there’s a lot of people who get riled up about things like this while using Android phones, or signing up for loyalty programs, using corporate social media, etc.
I mean…if they pay for the service of external analization of data in exchange of money, how is that a sale of goods/data?
Ask the lawmakers who wrote the laws with vague language, because according to them, that kind of activity could be considered a sale.
As a more specific example that is more one-sided, but still not technically a “sale,” Mozilla has sponsored links on the New Tab page. (they can be disabled of course)
These links are provided by a third-party, relatively privacy protecting ad marketplace. Your browser downloads a list of links from them if you have sponsored links turned on, and no data is actually sent to their service about you. If you click a sponsored link, a request is sent using a protocol that anonymizes your identity, that tells them the link was clicked. That’s it, no other data about your identity, browser, etc.
This generates revenue for Mozilla that isn’t reliant on Google’s subsidies, that doesn’t actually sell user data. Under these laws, that would be classified as a sale of user data, since Mozilla technically transferred data from your device (that you clicked the sponsored link) for a benefit. (financial compensation)
However, I doubt anyone would call that feature “selling user data.” But, because the law could do so, they have to clarify that in their terms, otherwise someone could sue them saying “you sold my data” when all they did was send a small packet to a server saying that some user, somewhere clicked the sponsored link.
I would definitely call that selling my data. The recipient can now add that to my profile as an interest.
Ruh roh. Too late though.
Friendship ended with Firefox,❎ Librewolf is my new best friend. ✅
