this post was submitted on 28 Feb 2025
1275 points (98.3% liked)

Technology

63547 readers
2406 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
1275
Firefox deletes promise to never sell personal data, asks users not to panic | Mozilla says it deleted promise because "sale of data" is defined broadly (arstechnica.com)
submitted 2 days ago* (last edited 2 days ago) by [email protected] to c/[email protected]
323 comments fedilink hide all child comments
 

Firefox maker Mozilla deleted a promise to never sell its users' personal data and is trying to assure worried users that its approach to privacy hasn't fundamentally changed. Until recently, a Firefox FAQ promised that the browser maker never has and never will sell its users' personal data. An archived version from January 30 says:

Does Firefox sell your personal data?

Nope. Never have, never will. And we protect you from many of the advertisers who do. Firefox products are designed to protect your privacy. That's a promise.

That promise is removed from the current version. There's also a notable change in a data privacy FAQ that used to say, "Mozilla doesn't sell data about you, and we don't buy data about you."

The data privacy FAQ now explains that Mozilla is no longer making blanket promises about not selling data because some legal jurisdictions define "sale" in a very broad way:

Mozilla doesn't sell data about you (in the way that most people think about "selling data"), and we don't buy data about you. Since we strive for transparency, and the LEGAL definition of "sale of data" is extremely broad in some places, we've had to step back from making the definitive statements you know and love. We still put a lot of work into making sure that the data that we share with our partners (which we need to do to make Firefox commercially viable) is stripped of any identifying information, or shared only in the aggregate, or is put through our privacy preserving technologies (like OHTTP).

Mozilla didn't say which legal jurisdictions have these broad definitions.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 19 points 1 day ago (1 children)

Glad they clarified. To me the "selling data being defined broadly" argument made sense in the context of Google paying them to be included as a search provider. Because there is an argument that Google paying Firefox, and then the user entering a search and that being sent to Google's servers could be legally seen as Mozilla selling data to Google.

[–] [email protected] 3 points 17 hours ago (1 children)

They should clarify that then. Explain any and all situations that could be considered "selling user data" and explain what data that consists of. Then explain how to avoid it.

That shouldn't be hard.

[–] [email protected] 1 points 8 hours ago (2 children)

Across every country they operate in, and if anyone in those countries disagrees they might sue?

Not saying Im supporting FF here but it's not as easy as you might think if their stated reason is honest

[–] [email protected] 1 points 7 hours ago

They wouldn't have to do every country. A single example would be helpful, for context and clarity.

[–] [email protected] -1 points 6 hours ago

If so much of what they do could be considered "selling user data," then are they really committed to protecting your data?

This sounds like FUD to me. If they were fine with the old language for years, why change it now? Were there lawsuits or actual risks of lawsuits? Or are they inching closer to what countries consider "selling user data"?

It feels like they're hiding something. It's not hard to have changes specific to a region (e.g. my VPS host, Hetzner, has additional EULA terms for the US), so they could have a separate TOS for regions they haven't vetted.