Mozilla: Difference between revisions

Line 13:

==Consumer-impact summary==

===Mozilla Manifesto===

Mozilla has published the community Manifesto, with 10 key principles:<ref>https://www.mozilla.org/en-US/about/manifesto/details/</ref><blockquote>

Mozilla has published the community Manifesto, with 10 key principles:<ref>https://www.mozilla.org/en-US/about/manifesto/details/ ([http://web.archive.org/web/20251223055636/https://www.mozilla.org/en-US/about/manifesto/details/ Archived])</ref><blockquote>

#The internet is an integral part of modern life—a key component in education, communication, collaboration, business, entertainment and society as a whole.

#The internet is a global public resource that must remain open and accessible.

Line 29:

===Removing the "We don't sell your data" promise (''Feb. 2025'')===

In February 2025, Mozilla started to delete references to their "We don't sell your data" promise from the source code, as first reported on [https://www.haiku-os.org/ Haiku operating system] by developer ''waddlesplash'' on the forum thread for their Firefox/Iceweasel port.<ref>https://discuss.haiku-os.org/t/iceweasel-telemetry-acceptible-for-firefox-trademarks/16106/51</ref><ref>https://github.com/mozilla/bedrock/commit/d459addab846d8144b61939b7f4310eb80c5470e</ref>

In February 2025, Mozilla started to delete references to their "We don't sell your data" promise from the source code, as first reported on [https://www.haiku-os.org/ Haiku operating system] by developer ''waddlesplash'' on the forum thread for their Firefox/Iceweasel port.<ref>https://discuss.haiku-os.org/t/iceweasel-telemetry-acceptible-for-firefox-trademarks/16106/51 ([http://web.archive.org/web/20250708193121/https://discuss.haiku-os.org/t/iceweasel-telemetry-acceptible-for-firefox-trademarks/16106/51 Archived])</ref><ref>https://github.com/mozilla/bedrock/commit/d459addab846d8144b61939b7f4310eb80c5470e ([http://web.archive.org/web/20260111124524/https://github.com/mozilla/bedrock/commit/d459addab846d8144b61939b7f4310eb80c5470e Archived])</ref>

They also switched the wording from "The best privacy" to "Always protected".

Line 38:

===Privacy-preserving attribution (''Jul. 2024'')===

'''Privacy-preserving attribution (PPA)''' is an experimental feature introduced in Firefox version 128, designed to help advertising sites measure the performance of their ads while maintaining user privacy. It is marketed as an alternative method for performing attribution without relying on online tracking of users' browsing activity, which is incompatible with privacy. The functionality is explained on the Mozilla support page as follows:<ref name=":0">https://support.mozilla.org/en-US/kb/privacy-preserving-attribution#w_how-can-i-disable-ppa</ref><blockquote>

'''Privacy-preserving attribution (PPA)''' is an experimental feature introduced in Firefox version 128, designed to help advertising sites measure the performance of their ads while maintaining user privacy. It is marketed as an alternative method for performing attribution without relying on online tracking of users' browsing activity, which is incompatible with privacy. The functionality is explained on the Mozilla support page as follows:<ref name=":0">https://support.mozilla.org/en-US/kb/privacy-preserving-attribution#w_how-can-i-disable-ppa ([http://web.archive.org/web/20251231225956/https://support.mozilla.org/en-US/kb/privacy-preserving-attribution Archived])</ref><blockquote>

#Websites that show you ads can ask Firefox to remember these ads. When this happens, Firefox stores an “impression” which contains a little bit of information about the ad, including a destination website.

#If you visit the destination website and do something that the website considers to be important enough to count (a “conversion”), that website can ask Firefox to generate a report. The destination website specifies what ads it is interested in.

#Firefox creates a report based on what the website asks, but does not give the result to the website. Instead, Firefox encrypts the report and anonymously submits it using the Distributed Aggregation Protocol (DAP) to an “aggregation service”.

#Your results are combined with many similar reports by the aggregation service. The destination website periodically receives a summary of the reports. The summary includes noise that provides differential privacy.

</blockquote>Browsing activity information is not sent to anyone, not even Mozilla. Users with PPA enabled, however, must rely solely on the company to honor principle number 4 in its Manifesto.<ref name=":0" /><blockquote>PPA does not involve sending information about your browsing activities to anyone. This includes Mozilla and our DAP partner (ISRG). Advertisers only receive aggregate information that answers basic questions about the effectiveness of their advertising.</blockquote>This feature does not allow users to make an informed decision and choose whether to opt in or not, as it is enabled by default and requires that the user actively opt out.<ref>https://cybernews.com/privacy/firefox-data-collection-feature-sparks-backlash/</ref> This goes against principle number 8 of the Manifesto.

</blockquote>Browsing activity information is not sent to anyone, not even Mozilla. Users with PPA enabled, however, must rely solely on the company to honor principle number 4 in its Manifesto.<ref name=":0" /><blockquote>PPA does not involve sending information about your browsing activities to anyone. This includes Mozilla and our DAP partner (ISRG). Advertisers only receive aggregate information that answers basic questions about the effectiveness of their advertising.</blockquote>This feature does not allow users to make an informed decision and choose whether to opt in or not, as it is enabled by default and requires that the user actively opt out.<ref>https://cybernews.com/privacy/firefox-data-collection-feature-sparks-backlash/ ([http://web.archive.org/web/20251013085546/https://cybernews.com/privacy/firefox-data-collection-feature-sparks-backlash/ Archived])</ref> This goes against principle number 8 of the Manifesto.

===Anonym acquisition (''Jun. 2024'')===

In June 2024, Mozilla became an advertiser by acquiring Anonym, a company claiming to be a privacy-preserving digital advertiser, potentially going against its mission of being a proponent of privacy.<ref>https://blog.mozilla.org/en/mozilla/mozilla-anonym-raising-the-bar-for-privacy-preserving-digital-advertising/</ref>

In June 2024, Mozilla became an advertiser by acquiring Anonym, a company claiming to be a privacy-preserving digital advertiser, potentially going against its mission of being a proponent of privacy.<ref>https://blog.mozilla.org/en/mozilla/mozilla-anonym-raising-the-bar-for-privacy-preserving-digital-advertising/ ([http://web.archive.org/web/20251231135703/https://blog.mozilla.org/en/mozilla/mozilla-anonym-raising-the-bar-for-privacy-preserving-digital-advertising/ Archived])</ref>

===Mr Robot promotional web extension (''Dec. 2017'')===

Line 53:

[https://blog.mozilla.org/en/products/firefox/retrospective-looking-glass/ https://blog.mozilla.org/en/products/firefox/retrospective-looking-gla]

[https://blog.mozilla.org/en/products/firefox/retrospective-looking-glass/ ss/]</ref> While the extension was disabled by default, many users were confused and worried to discover a unknown extension installed in their browser with a cryptic description "MY REALITY IS JUST DIFFERENT THAN YOURS".<ref>Firefox's users worried about the looking glass extension https://www.reddit.com/r/firefox/comments/7jh9rv/what_is_looking_glass/</ref> This description was later expanded to include references to Mozilla's collaboration.<ref>Locking glass extension description changed https://github.com/mozilla/addon-wr/commit/21ff53d2d5baab591d29b4ea5847d74cb6901b2c</ref>

[https://blog.mozilla.org/en/products/firefox/retrospective-looking-glass/ ss/]</ref> While the extension was disabled by default, many users were confused and worried to discover a unknown extension installed in their browser with a cryptic description "MY REALITY IS JUST DIFFERENT THAN YOURS".<ref>Firefox's users worried about the looking glass extension https://www.reddit.com/r/firefox/comments/7jh9rv/what_is_looking_glass/ ([http://web.archive.org/web/20230610080325/https://old.reddit.com/r/firefox/comments/7jh9rv/what_is_looking_glass/ Archived])</ref> This description was later expanded to include references to Mozilla's collaboration.<ref>Locking glass extension description changed https://github.com/mozilla/addon-wr/commit/21ff53d2d5baab591d29b4ea5847d74cb6901b2c ([http://web.archive.org/web/20250708193125/https://github.com/mozilla/addon-wr/commit/21ff53d2d5baab591d29b4ea5847d74cb6901b2c Archived])</ref>

When activated, the extension executes code on all websites visited by the user, searching for all words matching a list. Every match is then wrapped in HTML span tags,<ref>looking glass extension injecting HTML https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/content-script.js#L27</ref> and tooltips are injected to be displayed when the user hovers over these matches. CSS code is injected to make the words appear upside down and the tooltips work.<ref>Looking glass extension injecting CSS https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/background.js#L78</ref> Also three specific websites did have their headers changed to have a value "x-1057" injected.

When activated, the extension executes code on all websites visited by the user, searching for all words matching a list. Every match is then wrapped in HTML span tags,<ref>looking glass extension injecting HTML https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/content-script.js#L27 ([http://web.archive.org/web/20250708193135/https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/content-script.js Archived])</ref> and tooltips are injected to be displayed when the user hovers over these matches. CSS code is injected to make the words appear upside down and the tooltips work.<ref>Looking glass extension injecting CSS https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/background.js#L78 ([http://web.archive.org/web/20250708193126/https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/background.js Archived])</ref> Also three specific websites did have their headers changed to have a value "x-1057" injected.

While the extension could in rare occasion break some website with the HTML and CSS injection, it did not do anything malicious or dangerous. The extension was not collecting any personal information at all, but Mozilla admitted it had made a mistake in its response addressing the issue.<ref name=":1" />

@@ Line 13: / Line 13: @@
 ==Consumer-impact summary==
 ===Mozilla Manifesto===
-Mozilla has published the community Manifesto, with 10 key principles:<ref>https://www.mozilla.org/en-US/about/manifesto/details/</ref><blockquote>
+Mozilla has published the community Manifesto, with 10 key principles:<ref>https://www.mozilla.org/en-US/about/manifesto/details/ ([http://web.archive.org/web/20251223055636/https://www.mozilla.org/en-US/about/manifesto/details/ Archived])</ref><blockquote>
 #The internet is an integral part of modern life—a key component in education, communication, collaboration, business, entertainment and society as a whole.
 #The internet is a global public resource that must remain open and accessible.
@@ Line 29: / Line 29: @@
 ===Removing the "We don't sell your data" promise (''Feb. 2025'')===
-In February 2025, Mozilla started to delete references to their "We don't sell your data" promise from the source code, as first reported on [https://www.haiku-os.org/ Haiku operating system] by developer ''waddlesplash'' on the forum thread for their Firefox/Iceweasel port.<ref>https://discuss.haiku-os.org/t/iceweasel-telemetry-acceptible-for-firefox-trademarks/16106/51</ref><ref>https://github.com/mozilla/bedrock/commit/d459addab846d8144b61939b7f4310eb80c5470e</ref>
+In February 2025, Mozilla started to delete references to their "We don't sell your data" promise from the source code, as first reported on [https://www.haiku-os.org/ Haiku operating system] by developer ''waddlesplash'' on the forum thread for their Firefox/Iceweasel port.<ref>https://discuss.haiku-os.org/t/iceweasel-telemetry-acceptible-for-firefox-trademarks/16106/51 ([http://web.archive.org/web/20250708193121/https://discuss.haiku-os.org/t/iceweasel-telemetry-acceptible-for-firefox-trademarks/16106/51 Archived])</ref><ref>https://github.com/mozilla/bedrock/commit/d459addab846d8144b61939b7f4310eb80c5470e ([http://web.archive.org/web/20260111124524/https://github.com/mozilla/bedrock/commit/d459addab846d8144b61939b7f4310eb80c5470e Archived])</ref>
 They also switched the wording from "The best privacy" to "Always protected".
@@ Line 38: / Line 38: @@
 ===Privacy-preserving attribution (''Jul. 2024'')===
-'''Privacy-preserving attribution (PPA)''' is an experimental feature introduced in Firefox version 128, designed to help advertising sites measure the performance of their ads while maintaining user privacy. It is marketed as an alternative method for performing attribution without relying on online tracking of users' browsing activity, which is incompatible with privacy. The functionality is explained on the Mozilla support page as follows:<ref name=":0">https://support.mozilla.org/en-US/kb/privacy-preserving-attribution#w_how-can-i-disable-ppa</ref><blockquote>
+'''Privacy-preserving attribution (PPA)''' is an experimental feature introduced in Firefox version 128, designed to help advertising sites measure the performance of their ads while maintaining user privacy. It is marketed as an alternative method for performing attribution without relying on online tracking of users' browsing activity, which is incompatible with privacy. The functionality is explained on the Mozilla support page as follows:<ref name=":0">https://support.mozilla.org/en-US/kb/privacy-preserving-attribution#w_how-can-i-disable-ppa ([http://web.archive.org/web/20251231225956/https://support.mozilla.org/en-US/kb/privacy-preserving-attribution Archived])</ref><blockquote>
 #Websites that show you ads can ask Firefox to remember these ads. When this happens, Firefox stores an “impression” which contains a little bit of information about the ad, including a destination website.
 #If you visit the destination website and do something that the website considers to be important enough to count (a “conversion”), that website can ask Firefox to generate a report. The destination website specifies what ads it is interested in.
 #Firefox creates a report based on what the website asks, but does not give the result to the website. Instead, Firefox encrypts the report and anonymously submits it using the Distributed Aggregation Protocol (DAP) to an “aggregation service”.
 #Your results are combined with many similar reports by the aggregation service. The destination website periodically receives a summary of the reports. The summary includes noise that provides differential privacy.
-</blockquote>Browsing activity information is not sent to anyone, not even Mozilla. Users with PPA enabled, however, must rely solely on the company to honor principle number 4 in its Manifesto.<ref name=":0" /><blockquote>PPA does not involve sending information about your browsing activities to anyone. This includes Mozilla and our DAP partner (ISRG). Advertisers only receive aggregate information that answers basic questions about the effectiveness of their advertising.</blockquote>This feature does not allow users to make an informed decision and choose whether to opt in or not, as it is enabled by default and requires that the user actively opt out.<ref>https://cybernews.com/privacy/firefox-data-collection-feature-sparks-backlash/</ref> This goes against principle number 8 of the Manifesto.
+</blockquote>Browsing activity information is not sent to anyone, not even Mozilla. Users with PPA enabled, however, must rely solely on the company to honor principle number 4 in its Manifesto.<ref name=":0" /><blockquote>PPA does not involve sending information about your browsing activities to anyone. This includes Mozilla and our DAP partner (ISRG). Advertisers only receive aggregate information that answers basic questions about the effectiveness of their advertising.</blockquote>This feature does not allow users to make an informed decision and choose whether to opt in or not, as it is enabled by default and requires that the user actively opt out.<ref>https://cybernews.com/privacy/firefox-data-collection-feature-sparks-backlash/ ([http://web.archive.org/web/20251013085546/https://cybernews.com/privacy/firefox-data-collection-feature-sparks-backlash/ Archived])</ref> This goes against principle number 8 of the Manifesto.
 ===Anonym acquisition (''Jun. 2024'')===
-In June 2024, Mozilla became an advertiser by acquiring Anonym, a company claiming to be a privacy-preserving digital advertiser, potentially going against its mission of being a proponent of privacy.<ref>https://blog.mozilla.org/en/mozilla/mozilla-anonym-raising-the-bar-for-privacy-preserving-digital-advertising/</ref>
+In June 2024, Mozilla became an advertiser by acquiring Anonym, a company claiming to be a privacy-preserving digital advertiser, potentially going against its mission of being a proponent of privacy.<ref>https://blog.mozilla.org/en/mozilla/mozilla-anonym-raising-the-bar-for-privacy-preserving-digital-advertising/ ([http://web.archive.org/web/20251231135703/https://blog.mozilla.org/en/mozilla/mozilla-anonym-raising-the-bar-for-privacy-preserving-digital-advertising/ Archived])</ref>
 ===Mr Robot promotional web extension (''Dec. 2017'')===
@@ Line 53: / Line 53: @@
 [https://blog.mozilla.org/en/products/firefox/retrospective-looking-glass/ https://blog.mozilla.org/en/products/firefox/retrospective-looking-gla]
-[https://blog.mozilla.org/en/products/firefox/retrospective-looking-glass/ ss/]</ref> While the extension was disabled by default, many users were confused and worried to discover a unknown extension installed in their browser with a cryptic description "MY REALITY IS JUST DIFFERENT THAN YOURS".<ref>Firefox's users worried about the looking glass extension  https://www.reddit.com/r/firefox/comments/7jh9rv/what_is_looking_glass/</ref> This description was later expanded to include references to Mozilla's collaboration.<ref>Locking glass extension description changed https://github.com/mozilla/addon-wr/commit/21ff53d2d5baab591d29b4ea5847d74cb6901b2c</ref>
+[https://blog.mozilla.org/en/products/firefox/retrospective-looking-glass/ ss/]</ref> While the extension was disabled by default, many users were confused and worried to discover a unknown extension installed in their browser with a cryptic description "MY REALITY IS JUST DIFFERENT THAN YOURS".<ref>Firefox's users worried about the looking glass extension  https://www.reddit.com/r/firefox/comments/7jh9rv/what_is_looking_glass/ ([http://web.archive.org/web/20230610080325/https://old.reddit.com/r/firefox/comments/7jh9rv/what_is_looking_glass/ Archived])</ref> This description was later expanded to include references to Mozilla's collaboration.<ref>Locking glass extension description changed https://github.com/mozilla/addon-wr/commit/21ff53d2d5baab591d29b4ea5847d74cb6901b2c ([http://web.archive.org/web/20250708193125/https://github.com/mozilla/addon-wr/commit/21ff53d2d5baab591d29b4ea5847d74cb6901b2c Archived])</ref>
-When activated, the extension executes code on all websites visited by the user, searching for all words matching a list. Every match is then wrapped in HTML span tags,<ref>looking glass extension injecting HTML https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/content-script.js#L27</ref> and tooltips are injected to be displayed when the user hovers over these matches. CSS code is injected to make the words appear upside down and the tooltips work.<ref>Looking glass extension injecting CSS https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/background.js#L78</ref> Also three specific websites did have their headers changed to have a value "x-1057"  injected.
+When activated, the extension executes code on all websites visited by the user, searching for all words matching a list. Every match is then wrapped in HTML span tags,<ref>looking glass extension injecting HTML https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/content-script.js#L27 ([http://web.archive.org/web/20250708193135/https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/content-script.js Archived])</ref> and tooltips are injected to be displayed when the user hovers over these matches. CSS code is injected to make the words appear upside down and the tooltips work.<ref>Looking glass extension injecting CSS https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/background.js#L78 ([http://web.archive.org/web/20250708193126/https://github.com/mozilla/addon-wr/blob/da464ac8f1c3b089405ca96fc68b999d2b624ef4/addon/webextension/background.js Archived])</ref> Also three specific websites did have their headers changed to have a value "x-1057"  injected.
 While the extension could in rare occasion break some website with the HTML and CSS injection, it did not do anything malicious or dangerous. The extension was not collecting any personal information at all, but Mozilla admitted it had made a mistake in its response addressing the issue.<ref name=":1" />