Firefox deletes promise to never sell personal data, asks users not to panic
arstechnica.com
Mozilla says it deleted promise because “sale of data” is defined broadly.

Firefox maker Mozilla deleted a promise to never sell its users’ personal data and is trying to assure worried users that its approach to privacy hasn’t fundamentally changed. Until recently, a Firefox FAQ promised that the browser maker never has and never will sell its users’ personal data. An archived version from January 30 says:

Does Firefox sell your personal data?

Nope. Never have, never will. And we protect you from many of the advertisers who do. Firefox products are designed to protect your privacy. That’s a promise.

That promise is removed from the current version. There’s also a notable change in a data privacy FAQ that used to say, “Mozilla doesn’t sell data about you, and we don’t buy data about you.”

The data privacy FAQ now explains that Mozilla is no longer making blanket promises about not selling data because some legal jurisdictions define “sale” in a very broad way:

Mozilla doesn’t sell data about you (in the way that most people think about “selling data”), and we don’t buy data about you. Since we strive for transparency, and the LEGAL definition of “sale of data” is extremely broad in some places, we’ve had to step back from making the definitive statements you know and love. We still put a lot of work into making sure that the data that we share with our partners (which we need to do to make Firefox commercially viable) is stripped of any identifying information, or shared only in the aggregate, or is put through our privacy preserving technologies (like OHTTP).

Mozilla didn’t say which legal jurisdictions have these broad definitions.

  • Zink@programming.devEnglish
    0·
    2 months ago

    I wonder how much this affects things if you’ve already gone through Firefox’s settings to max out privacy and turn off all telemetry.

    I resisted switching to Librewolf because Firefox works great (including M365 in Linux at work) and seemed to have the options you’d want for privacy and security.

    This doesn’t feel like an emergency, especially in a chrome/edge dominated world. But it’s back on the list of things to investigate transitioning away from.

    • rocky1138@sh.itjust.worksEnglish
      0·
      2 months ago

      Yep. It stinks. We’ll see if it was just a fart and it’ll go away or if they crapped and we’ll have to jump ship.

      • Zink@programming.devEnglish
        0·
        2 months ago

        Maybe we should all throw some kind of support behind https://ladybird.org/ with an eye to the future.

        That project isn’t problematic for some reason I haven’t heard about, is it?

        (Problematic other than web browsers being gigantic pieces of software, and ladybrid itself not even being in alpha yet)

  • parmesan@lemmy.worldEnglish
    0·
    2 months ago

    Am I the only one here who’s pretty much okay with this? I do wish they’d clarify exactly what they mean by “Mozilla doesn’t sell data about you (in the way that most people think about ‘selling data’),” but having my anonymized data sold so that Mozilla can continue to operate (combined with Firefox being the best browser I’ve used in terms of both performance and flexibility - ability to install add-ons from sources outside of the Mozilla store, for example) - seems like a worthy tradeoff to me.

    They also have an option to opt-out of data collection, which I do wish was opt-in instead, but with the way every other mainstream browser operates I’m just happy the option is there at all. Let me know if there’s something I’m missing here though.

      • parmesan@lemmy.worldEnglish
        0·
        2 months ago

        I’m not trying to unilaterally defend the decision, it’s just not going to make me personally switch browsers. From what I’m hearing a lot of the viable alternatives are forks of Firefox anyway.

    • pulsewidth@lemmy.worldEnglish
      0·
      2 months ago

      To generalise, just as Reddit is the neolib centrist hivemind and Facebook is the conservative boomer hivemind, Lemmy is some overlap of privacy/techy/ultrapolitical groups - so whenever you get this kind of news that is ultimately pretty mild and uncontroversial to most you get lots of Lemmings buttons pushed and what seems like an oversized reaction in the comments.

      Is Firefox perfect? No. Is it still the best available mainstream browser option? Yes. And if the small groups that presently use it walk away and its tiny market share (~5%) declines to a point where Firefox becomes insolvent - well then browsers will be just a two-horse race between Google (Chromium) and Apple (WebKit). Every web spec and page will be beholden to the desires of those companies - I’m sure the same Lemmings will be complaining about that too, and by then it will be too late to realize what they’ve lost.

      • Ledericas@lemm.eeEnglish
        0·
        2 months ago

        It was a neolib site, but it’s starting to lean right wing, and soon will.be with the ranks of Facebook soon enough. The reason, they have been aggressively banning accounts as of late, and alot of its based around trump posts. They allow heavy astroturfing from the right, either from troll farms or conservative comments, you report them you will get banned. Many people criticized the site for pushing so many trump sanewashing posts in the front page, the conservative sub have been consistently in the front page for a while, before you almost never hear a peep from them, unless it’s being talked about in other subs

    • sem@lemmy.blahaj.zoneEnglish
      0·
      2 months ago

      The problem I have with this is that “anonymized” data in the past has often been trivial to de-anonymize. And if they can remove some promises now, they’re going to keep going in that direction. Just like Microsoft telemetry used to be less but is getting worse and worse.

    • ayyy@sh.itjust.worksEnglish
      0·
      2 months ago

      You’re a good friend

      Edit: also the style shows through, not everyone can get a watercolor vibe without the water

      • Lost_My_Mind@lemmy.worldEnglish
        0·
        2 months ago

        Would you like to see my tattoo of Tom from MySpace I got on my left testicle? Hey man, in 2005 it seemed like MySpace Tom would be in our lives forever. Why WOULDN’T you get his profile picture inked into your body with needles on the most painful part of your body? It made sense in 2005!

        But noooooooooo! Facebook had to be a dick. And now whenever I pull my pants down in front of some hot 20 year old with daddy issues, she’s like “Is that your uncle or something?”

        Meanwhile Tom sold my MySpace for hundreds of millions of dollars, and now does photography of bikini models on his yacht! While I have to explain who Tom is to Gen Z…

        sigh

        • outdated2139@lemmynsfw.comEnglish
          0·
          2 months ago

          For a second I thought Tom did photography and bikini models on his yacht. We’ll he probably does, but I just read your comment wrong.

          • Lost_My_Mind@lemmy.worldEnglish
            0·
            2 months ago

            I mean, he’s worth hundreds of millions, on a yacht that he owns with hotties in bikinis hoping to get discovered as their own ticket to fame from the photos being taken of their oiled up sexy bodies.

            The sex was implied.

        • Rai@lemmy.dbzer0.comEnglish
          0·
          2 months ago

          Honestly at this point, I wouldn’t be embarrassed having a tattoo of Tom from MySpace.

    • neclimdul@lemmy.worldEnglish
      0·
      2 months ago

      Between the fact I’ve been using a date picker for ages in Firefox, the fact dates and times are hard, and the title of the issue that’s clearly a zombie issue. I’m surprised they were able to close it at all.

  • gamer@lemm.eeEnglish
    0·
    2 months ago

    Anyone still using Firefox after this probably hasn’t been keeping up with Mozilla’s many controversies. If this is your first time here, I can see why you’d decide to overlook it. I did for a long time, but this is the final straw for me. Luckily, instead of building anything useful over the past decades, Mozilla leadership has been instead focused on enriching themselves. That means deleting my Mozilla account right now was easy.

    I’ve now moved to LibreWolf, because I don’t want to support Chromium’s dominance, but if that project dies out I’ll jump ship. It’ll be a real shame if the world gets stuck with Chromium as the only viable browser, but it won’t be my fault. It will be Mozilla leadership’s fault.

    • Melatonin@lemmy.dbzer0.comEnglish
      0·
      2 months ago

      Jump ship to what? It seems like going to Tor browser full time might be the answer?

      I’m just not sure what the steps are from Librewolf to More private.

    • katy ✨@lemmy.blahaj.zoneEnglish
      0·
      2 months ago

      It makes me sad because I’m a donator and supporter to Mozilla - and have been for years. I truly believe the web should be open, free, and not for profit and there are great people at Mozilla which is why I hate seeing the leadership do things like this. I wish there was an active group that shared the same ideals, were ethical, and not full of transphobes and cryptobros that could take up the mantle and fund another fork like Librewolf.

      Preferably would love that any group be a collective not a corporation.

  • Die Martin Die@sh.itjust.worksEnglish
    0·
    2 months ago

    I’m using Fennec (based on Firefox, sans telemetry). Is there a good, reliable, and trustable way to export my bookmarks so I don’t have to depend on Firefox Sync?

    Edit: forgot to say: on Android.

  • wall_panel_96@lemmy.worldEnglish
    0·
    2 months ago

    I use brave and librewolf, anybody know if those are still safe from this dort of thing? (Probably not I guess, so what browsers are left?)

      • gamer@lemm.eeEnglish
        0·
        2 months ago

        I don’t get your point, are you saying that using LibreWolf will still send your personal data to Mozilla? A privacy hardened config should be enough to disable all data collection, unless there’s some kind of hidden telemetry in Firefox. That’d be hard to hide considering the open source nature of Firefox.

        Also, looking at the source repo, it seems like LibreWolf is not just a config file, it’s also a bunch of patches to the source code, plus they do build from source and publish their own binaries. So if Mozilla does try to sneak telemetry in, the LibreWolf maintainers are well positioned to patch it out.

    • Ibaudia@lemmy.worldEnglish
      0·
      2 months ago

      Librewolf is privacy-hardened so it’s probably the best option. Brave is Chromium-based. Realistically though, all web browsers come with compromises, and internet anonymity is virtually impossible without unrealistic amounts of effort.

    • vinay_clubsall@lemmy.worldEnglish
      0·
      2 months ago

      Someone earlier said that brave was based on chrome and when google blocked ublock origin on Chrome, it would stop working on brave too.

      • PullPantsUnsworn@lemmy.mlEnglish
        0·
        2 months ago

        There are no alternative browsers out there. Our situation has came down to choose one of the least evil out there.

          • gamermanh@lemmy.dbzer0.comEnglish
            0·
            2 months ago

            God, I love what people manage to create

            I also love that any time someone asks if (tool) exists in non-evil form and someone says “no, not really” that you can almost guarantee someone will show up with a CLI solution that nobody wants to use because it’s a CLI solution

    • MrMcGasion@lemmy.worldEnglish
      0·
      2 months ago

      Glad they clarified. To me the “selling data being defined broadly” argument made sense in the context of Google paying them to be included as a search provider. Because there is an argument that Google paying Firefox, and then the user entering a search and that being sent to Google’s servers could be legally seen as Mozilla selling data to Google.

      • sugar_in_your_tea@sh.itjust.worksEnglish
        0·
        2 months ago

        They should clarify that then. Explain any and all situations that could be considered “selling user data” and explain what data that consists of. Then explain how to avoid it.

        That shouldn’t be hard.

        • gamermanh@lemmy.dbzer0.comEnglish
          0·
          2 months ago

          Across every country they operate in, and if anyone in those countries disagrees they might sue?

          Not saying Im supporting FF here but it’s not as easy as you might think if their stated reason is honest

          • sugar_in_your_tea@sh.itjust.worksEnglish
            0·
            2 months ago

            If so much of what they do could be considered “selling user data,” then are they really committed to protecting your data?

            This sounds like FUD to me. If they were fine with the old language for years, why change it now? Were there lawsuits or actual risks of lawsuits? Or are they inching closer to what countries consider “selling user data”?

            It feels like they’re hiding something. It’s not hard to have changes specific to a region (e.g. my VPS host, Hetzner, has additional EULA terms for the US), so they could have a separate TOS for regions they haven’t vetted.