Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla Testing an Opt-Out System For Firefox Telemetry Collection (bleepingcomputer.com)

Posted by BeauHD on from the data-choices dept.

An anonymous reader writes: "Mozilla engineers are discussing plans to change the way Firefox collects usage data (telemetry), and the organization is currently preparing to test an opt-out clause so they could collect more data relevant to the browser's usage," reports Bleeping Computer. "In a Google Groups discussion that's been taking place since Monday, Mozilla engineers cite the lack of usable data the Foundation is currently receiving via its data collection program. The problem is that Firefox collects data from a very small fraction of its userbase, and this data may not be representative of the browser's real usage." Mozilla would like to fix this by flipping everyone's telemetry setting to enabled and adding an opt-out clause. Engineers also plan to embed Google's RAPPAR project [1, 2] for anonymous data collection.

15 of 227 comments (clear)

  1. In Other Words... by Anonymous Coward · · Score: 5, Insightful

    Not enough people were choosing to compromise their privacy, so we're going to do it for them.

    1. Re:In Other Words... by thereitis · · Score: 3, Insightful
      And yet Mozilla criticizes other organizations for their privacy. I guess Mozilla is just behind the curve and finally realizing the "goodies" that can be had simply by compromising their values like everyone else.

      Soon Mozilla will not have anything to differentiate them from everybody else.

      I guess you can tell a company's true character by their actions when hard times come.

  2. Trust comes on foot but leaves on horseback by Errol+backfiring · · Score: 4, Informative

    Yet another reason to switch to Pale Moon if you haven't already done so.

    --
    Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
    1. Re:Trust comes on foot but leaves on horseback by QuietLagoon · · Score: 3

      ...They is a good rational for doing this...

      No, there isn't.

    2. Re:Trust comes on foot but leaves on horseback by 0123456 · · Score: 3, Interesting

      You develop trust by not spying on your users.

      I still use Firefox because NoScript, but I can't see myself still using it a year from now, the way things are going.

  3. Re:Fork, here we come by ArhcAngel · · Score: 4, Interesting

    Jumped to Waterfox several years ago. At the time it was the only 64 bit version of FF code but it has matured and while it still follows FF core it didn't disable plug-ins and it strips out tracking.

    --
    "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
  4. Re:User data to valuable to opt out by courteaudotbiz · · Score: 4

    If at least there is an actual option to opt out, that's still good news. Cause the only remaining users of MozFF are techies, so at least we can check or uncheck the necessary checkboxes.

    Ever tried to opt out of anything using Chrome?

  5. How did companies survive before extensive spying? by QuietLagoon · · Score: 4, Insightful

    It is amazing that we have developed as a civilization in the days before all this privacy-busting data collection.

  6. Oxymoron alert! by QuietLagoon · · Score: 5, Funny

    ...Engineers also plan to embed Google's RAPPAR project [1, 2] for anonymous data collection....

    Using the word "google" with the phrase "anonymous data collection" may invoke laughter. And disbelief.

  7. Odd PR move in the wake of what's coming by bjdevil66 · · Score: 5, Interesting

    My first response: They're about to kill its best, remaining feature in the minds of many, and now they say, "Let me spy on you."

    But I ultimately get what they're trying to do. After all this online complaining, they may finally be having to accept that they really need to know more about how people use their product. Considering how many people here have complained about how the Mozilla devs "don't know what we really want!! Why are they doing X??", this should be something they should consider doing.

    Sounds like they're damned if they do, damned if they don't. Maybe us complainers should look in the mirror and realize we may be one of the toughest crowd of browser users in the world to please. "No, you can't collect my data!.... Wait - Why are you removing X? I USE THAT FEATURE! Don't you know that about your users?

    Maybe that's why Google Chrome has outstripped Firefox over the last several years when it comes to user base size. They KNOW what most people want, even if we don't like to admit to everything we want?

    I'm a loyal Firefox user - and I'll probably still opt-out while I grumble about losing most of my add-ons. But I won't honestly be able to say that Firefox's eventual demise will be on the Mozilla Foundation alone.

    1. Re:Odd PR move in the wake of what's coming by sinij · · Score: 3, Funny

      The next day after telemetry collection goes live:

      Firefox now renders porn 1000% faster using 50% less memory and supports up to 999 tabs. Every other feature was removed.

  8. What telemetry would be acceptable? by pr0nbot · · Score: 3, Interesting

    The knee-jerk reaction is that all telemetry is a privacy nightmare.

    As a thought experiment, what kind of telemetry might be acceptable?

    For example, suppose it were 2 integers collected weekly:
    * number of HTTPS sites visited
    * number of HTTP sites visited

    Unavoidably, there would be metadata: IP address and date/time of data collection. So as well as the intended analytics ("what proportion of the sites users are visiting are HTTPS sites?") it would be possible to build a per-IP profile of number of sites visited over time.

    Is this level of telemetry unacceptable?

    If it is acceptable, then we've established that it is not telemetry per se that is bad but rather the data being collected.

    Ongoing telemetry would require trust ("when I consented you were collecting two integers, but now you're collecting all sorts of other things") unless totally transparent, but perhaps even with total transparency the burden of verification that then falls on the user is too onerous.

    I wonder if there could be a role for someone like the EFF to be the guardian of telemetry info, i.e. Firefox sends telemetry data to the EFF and they then decide whether it's ok or not, or anonymize it (e.g. strip out IP addresses in the above example), before sending it on to Mozilla. Of course, they'd want to be paid for this service, and since users reject the notion of paying for a browser the obvious payer would be Mozilla, but that creates moral hazard. Given that it'd be a public good, the government could run and/or fund it, but I suspect there's a large overlap between the set of people who have a problem with telemetry and the set of people who distrust their government.

  9. Re:User data to valuable to opt out by courteaudotbiz · · Score: 3

    even if it takes a bit of work

    Key point here. On Mozilla's side, they say they will let you opt out easily.

    Still, there are a number of alternatives (Waterfox that is FF based with telemetry stripped from the source and Palemoon) that do not collect data at all.

  10. Firefox's privacy policy scares the heck out of me by Anonymous Coward · · Score: 5, Informative

    Anybody who claims that Firefox protects their privacy probably hasn't actually looked at Firefox's privacy policy.

    Below are some excerpts from the Firefox privacy policy that is dated July 31, 2017.

    Be sure to notice the type of information being collected and possibly even transmitted to third parties (including Google, some "Leanplum" company, a "mobile analytics vendor", and "certain developers"). We see terms like:

    • - "IP address"
    • - "browser version"
    • - "operating system"
    • - "locale"
    • - "language preference"
    • - "list of add-ons you have installed"
    • - "phone number"
    • - "email address"
    • - "URLs associated with the downloaded file"
    • - "hardware configuration"
    • - "commonly visited domains"
    • - "location"
    • - "the active URL"
    • - "Google advertising ID"
    • - "personal information"
    • - "key word searches"
    • - "Wi-Fi networks"
    • - "cell phone towers"

    Here are the excerpts:

    Once per day, Firefox sends the following info to Mozilla when it checks for browser updates: your Firefox version information, language preference, operating system, and version.

    Firefox contacts Mozilla once per day to check for add-on information to check for malicious add-ons. This includes, for example: browser version, OS and version, locale, total number of requests, time of last request, time of day, IP address, and the list of add-ons you have installed.

    About once per day, Firefox connects to Mozilla and provides you with new snippets, if available. Mozilla may collect how often snippets are clicked, snippet name, browser locale, and which version of Firefox you're using.

    Firefox sends Mozilla a monthly request to look up your location at a country level using your IP address.

    Some Mozilla sponsored snippets are interactive and allow you to optionally share your phone number or email address.

    This data includes, for example: device hardware, operating system, Firefox version, add-ons (count and type), timing of browser events, rendering, session restores, length of session, interaction with search access points and use of Firefox search partner codes, how old a profile is, basic information about errors and crashes, and count of pages.

    Firefox sends to this third-party information identifying the site's certificate.

    About twice per hour, Firefox downloads Google's SafeBrowsing lists to help block access to sites and downloads that are malicious or forged (Google's privacy policy is at https://www.google.com/policies/privacy/).

    Firefox may send metadata, including URLs associated with the downloaded file, to the SafeBrowsing service.

    Usage statistics or "Telemetry" is a feature in Firefox that sends Mozilla usage, performance, and responsiveness statistics about user interface features, memory, and hardware configuration. Your IP address is also collected as a part of a standard web log.

    Firefox sends to Mozilla data relating to the tiles such as number of clicks, impressions, your IP address, locale information, and tile specific data (e.g., position and size of grid).

    In Firefox Beta, certain short-term Telemetry experiments (see above) for Tiles may collect information about commonly visited domains.

    Firefox sends Mozilla a request once to look up your location at a country level using your IP address.

    Firefox may send the terms you type in the Awesome Bar or Search Bar to your

  11. Mozilla has a fundamental problem... by QuietLagoon · · Score: 4, Interesting
    The Firefox developers apparently have a very different vision for Firefox than the Firefox users do. This is evidenced by the declining market share and the bloating of Firefox with unwanted "features" that do little to enhance or make more efficient the browsing experience.

    .
    Privacy-busting data collection is not going to fix that problem, as the data will more than likely be interpreted by the developers to confirm their misdirected vision.

    Instead of data collection (something that is done because it is easy, not necessarily the proper solution), the Firefox developers need to take a step back and look at their vision for Firefox. That is the conversation that needs to take place with the Firefox users.

    Offhand, I'd say that priority #1 is that the Firefox users don't want Firefox to continue on the goal of turning into a Chrome clone. With the addition of data collection, that goal is almost met.

    I could go on, but I doubt if anyone is reading, they're probably drooling over all the data they will be collecting soon.