We need to get behind Mozilla and Firefox for the simple reason it is the last bastion on the path to omni-chrome
Those who care very deeply about very tight privacy have enough niche options.
But I want there to be browser that has enough privacy to be sustainable so there’s a reliable option for me to recommend to family members etc which is holds enough market share for websites to test against.
If Firefox’s market share dips any lower website makers won’t support it - testing only against the homogeneity of chrome/edge/safari and then it will become a death spiral and humanity will have taken a step backwards.
If we need to do anything, it's get behind Ladybird, and put up with a Firefox fork for the next 12-24 months as a 'daily driver'.
Mozilla has little enthusiasm for developing its actual web browser, and doesn't seem to like its users very much.
For the past decade, Mozilla has made one bad choice after another, and every time it blows up in their faces, their takeaway is that they failed to properly 'educate the customer'.
Mozilla should just get out of the way. If Google Legal didn't need them, they already would be out of the way.
I've been optimistic on ladybird after watching the speed of progress with tests in their monthly youtube updates, they are quite well presented.
Ladybird is also not ideologically captured by anti freedom extremists with self contradictory beliefs. Mozilla refuses to allow anyone to donate to firefox development because they demand the right to redirect funds you give them towards discriminating against people they don't like.
> Ladybird is also not ideologically captured by anti freedom extremists with self contradictory beliefs. Mozilla refuses to allow anyone to donate to firefox development because they demand the right to redirect funds you give them towards discriminating against people they don't like.
Can you expand on this? This feels wildly editorialized.
So there are 2 Mozillas: There's the Mozilla Foundation, and the Mozilla Corporation. The corporation develops Firefox. The foundation takes donations. For reasons I don't claim to understand (IANAL, and I gather there's tax law stuff involved), the foundation apparently can't give the corporation money to work on the browser. This leads to a regular point of confusion and a complaint because people would very much like to financially support the browser, but there is literally no way to donate to it. Now I believe (again, IANAL) that there are ways they could arrange things so that people could give money to the corporation for the browser, but they have not done those things. A person could plausibly argue that that's because Mozilla Foundation wants people to donate to the foundation and not the browser, though I'm not sure if they've ever publicly said anything explicitly. (If they have, I would very much appreciate links.)
Mozilla's self stated mission as a self proclaimed "global crew of activists" [1] is to "more than deplatform" [2] people they disagree with. Deplatforming just means censorship in this context and they want people they don't like more than censored, they want them off the internet completely. Pretty dangerous for a company making a browser to list infringing on people's human rights as a goal, but they've convinced themselves they're the good guys.
The makers of other browser had either worse incentives, or were bad at getting attention, or couldn't execute, or offered just a reskinned Chrome/Firefox, or included too many avant-garde features that nobody asked for, or existed back when Firefox was liked enough to make them irrelevant.
> Those who care very deeply about very tight privacy
> that has enough privacy to be sustainable
These are the key phrases. Mozilla has hitched its wagon to advertising. Behind all the bluster over last week, the underlying direction is clear. They bought Anonym [0] and Ajit Varma, the new VP of Product for Firefox and source of the updates, is ex-Meta. It's reasonable to assume that he's there, in part, because of advertising expertise.
Some will see Anonym's "privacy-powered advertising" as "enough privacy" and the only viable way to sustain Firefox without Google's annual cash injection.
Others won't buy that, believing that a browser can be built without relying on advertising. Ladybird is taking this approach - so we'll find out.
> If Firefox’s market share dips any lower website makers won’t support it
This is the risk the exec team must know they've taken. Specifically: what proportion of the current Firefox user base exists because of the historic pro-privacy stance, and what percentage of that will leave because of the advertising-based future?
I'm with you, I really am. I've been on Firefox for nearly two decades, even the shitty years. But I still think this was a foreseeable issue and even the claim that "there was confusion" only shows a disconnect.
If you make a move like this you need to announce it in advance. You announce it loudly! You need you recognize that users concerned with privacy are looking for canaries. So when you have to put a canary down you fucking tell people before and don't just wait for them to find a dead canary. Of course people are going to freak out, that's what canaries are for.
No we need to get rid of Mozilla (the org and the company), transform/fork Firefox and Thunderbird to a community project with (maybe?) a Foundation behind like FreeBSD or Blender.
Mozilla's CEO's and Manifesto writers did nothing to support Firefox but fill their own pockets and hype the AI train, I really wonder how much money goes directly into the development of Firefox, if we compare it to the Linux Foundation supporting Linux (the Kernel) it's about 3%, it's probably even less for Mozilla.
if that were truly (sustainably) possible, I'd support it, but imo that'd just be signing ff's death warrant
side note, thunderbird is already independent and democratically-managed by the community (as of a few years ago). the way I understand it is that they effectively just use mozilla's resources for legal, logistical stuff
Neither of these represent the cost and support footprint to maintain and develop a fully featured browser because as it stands neither of them are fully featured, complete browsers.
>cost and support footprint to maintain and develop a fully featured browser
True because the real cost to support a "a fully featured browser" is at least a 1/4 billion dollars....because OpenSource needs to make money, not for the Dev's but the MBA's ;)
For the share issue we are already there, with Firefox+Linux so many websites started to just block, usually with chrome at least a captcha is still offered.
With the current board and directors and focus I don't see any ways Firefox will gain share in the future (or not any that I really care about), and I certainly have no interest to support the current goals ...
For the privacy part Mozilla has been sitting on features like containers for years with no improvements. At this point I believe Mozilla ending might be better since it would shake things up ...
That's some bizarre upside-down-world Stockholm Syndrome thinking on display here. That or you are a paid PR influencer working on behalf of Mozilla. Just absolutely astonishingly weird psychological behavior.
Mozilla is violating user privacy. They are the bad guy. You don't ask the bad guy for help. You punch them in the face. These guys are making it worse, not better, and helping them will only make privacy worse, not better.
There are already multiple forks for Firefox and destroying Mozilla as an organization would greatly help one or more of them take off and carry the banner of true enabling privacy for the user, which Mozilla is not doing.
ALMOST EVERYONE is voilating user privacy to some extent. That's the price to pay for free software. It sucks, but how do we climb out of that reality?
Punch the bad guy in the face if you like, YOU have options, but once FF is sunk, the the only provider most people can turn to for the stuff they need is Chrome.
If Mozilla/FF is the bad guy in your analogy then Chrome must be an atroticy-committing omni-cidal megalomaniac, which correct me if i'm wrong, is not better.
If you understand the privacy landscape and don't want to get involved you don't have to. I'm on a multi-container, multi-privacy extension, private-search setup because I roughly understand the environment. But I'm certainly not recommending that setup to my parents.
In my view MZ/FF is the least worst of the VIABLE alternatives and has the best chance of success.
Sinking Mozilla's firefox in favour of ladybird or brave but none of these will ever have the marketing collaterall that mozilla has/had to be anything other than niche, until they are bought by Meta or Amazon or (you get me)
Most banking websites that most people need to use don't give a fuck about niche browsers and actively agent-sniff to reduce their support and security footprint. Whining down the phone to megacorp's customer support that "you don't want to use Chrome on privacy grounds" and "they really should support ladybird" will not be the mighty hammer of resistance you think it is.
I don't have a better suggestion and so I'm willing make a deal with a bad guy it means I don't have to install Chrome on my mother's PC.
Pretty much all of those forks are small volunteer projects that rely on upstream work by Mozilla, who are already struggling to keep up with MS, Google, and Apple. We were already at a point where Mozilla was laying off technical staff a few years ago. We're now seeing sites just outright block Firefox because it's not worth the effort when most users are reaching for something built atop Cr. How would any of these forks survive?
The worst that would happen is that the forks don't stay updated. They won't stop working. It's pretty easy to evade the blocks on sites that are poorly designed/managed enough that they feel it's necessary to block certain browsers.
>The worst that would happen is that the forks don't stay updated.
Which is hardly trivial, there are hundreds of open issues on Bugzilla for XUL alone. Some of the gaps include accessibility issues, which is down more to Cr better supporting APIs provided by vendors like NVDA. This is first of all, not something that is 'easy to evade' for the affected demographic, and secondly something Mozilla was an industry leader in for a long time. Obviously, Google didn't invest in this out of any sense of altruism, but it speaks to the sustainability of browser development, and what approaches thereof actually work.
They have changed literally nothing except the FAQ. The "selling" is describing behaviour they already do and have been doing for years. They set the default search engine to Google, this is now considered selling user data.
> There are already multiple forks for Firefox and destroying Mozilla as an organization would greatly help one or more of them take off and carry the banner of true enabling privacy for the user, which Mozilla is not doing.
You do realize that if Mozilla dies then every single one of these forks dies with it? Surely?
None of the teams working on these forks actually do any core browser engine work. Without Mozilla you are an ECMAScript update or a new web standard away from your fork of choice becoming a brick.
I have yet to see where Mozilla confirmed that is the only thing they are doing with data. The ToS gives them more power than that. They could limit that by updating the ToS. But they are not doing that.
Huh? You do understand that Firefox is just a single executive decision away from becoming a chromium skin? In order to forward-think, proper-size and upward-achieve , so that limited funds can be utilized with most impact etc.?
> [Given that the definition of "selling" in legal terms can be slippery, we must be aware of not falling in cases like the following:] In order to make Firefox commercially viable, there are a number of places where we collect and share some data with our partners, including our optional ads on New Tab and providing sponsored suggestions in the search bar. We set all of this out in our Privacy Notice. Whenever we share data with our partners, we put a lot of work into making sure that the data that we share is stripped of potentially identifying information, or shared only in the aggregate, or is put through our privacy preserving technologies (like OHTTP)
> in some places, the LEGAL definition of “sale of data” is broad and evolving. As an example, the California Consumer Privacy Act (CCPA) defines “sale” as...
And then they go on to describe what a common-sense definition of a sale is. There's nothing broad or slippery about the example, so yes, they basically say "we're going to sell your data"
This leaves out the important part, nothing has actually changed. This is entirely a rewording for what they're currently doing and have been doing for years.
If it's such an outrage worthy subject why did no one explode about this when they added the sponsored links years ago?
The nothing has actually changed cannot be known. There is no transparency here. This is just what you think based off of their weirdly worded statements. Many people were outraged over the sponsored links here on this very site.
We can tell that nothing materially has changed because people are linking git diffs of the FAQ and no one is linking to any changes in the source code, which is equally as available.
From that perspective it's super transparent, if you bother to look.
They released the source code for their server infrastructure where the data they collect is sent so we can verify that? Oh let me check... nope. If only they didnt collect the data there would be no trust issues.
You appear to be going off the rails -- this entire debacle is about Firefox, which runs locally on your machine, you can see if they're collecting different data (they aren't) or sending it somewhere else (they aren't).
There's no evidence they're doing anything with any data and there never was. All of this outrage is purely centered on a ToS update which they've since refactored in response.
Sir, they are 100% taking data from your machine and sending it else where. There are literally forks of the browser made solely to prevent it. You are either incapable of having a discussion in good faith or actively have your fingers in your ears. You continue to post untruths throughout this comment section.
>>This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox.
So now we can use your photo of your birthday party that you sent via webmail... but don't worry, we don't own it, you just gave us a "non-exclusive, royalty-free, worldwide license".
> So now we can use your photo of your birthday party that you sent via webmail
Please read the second half of the text you quoted, where it says "for the purpose of doing as you request with the content you input in Firefox."
I cannot find a nicer way to say this, but a lot of people in these threads are essentially winding themselves up and then producing rubbish like this to fuel their own anger.
Mozilla have been clumsy sure, but this collective tantrum as a response makes zero sense especially now with given context it's clear they're not doing anything they haven't been doing for years.
> This includes processing your data as we describe in the Firefox Privacy Notice.
The Privacy Notice says they can use your data in anyway they sit fit to make the business a success. They should close that loophole if they want to gain trust.
It gives them the right to use your data, for the purpose you indicate by using Firefox. Additionally, from the very next line which you and GP conveniently chopped out:
> This does not give Mozilla any ownership in that content.
They've since removed the reference to the privacy policy since as they said, users are clearly confused by it.
That comment is constituted from two quotes, one of them entirely fabricated, and then a hypothetical provided with no basis. If Mozilla don't own the data and their license only allows Firefox to do what you're requesting it do, then I don't see what points are being made except fearmongering.
Yes, it was. If you want to argue that Mozilla won't/can't use data except for serving user requests, then by all means argue that, but pointing out that they don't own the data is moving the goalposts because you're doing so under a comment that talks about ownership being more or less irrelevant.
> You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox. This does not give Mozilla any ownership in that content.
The next line does not alter the first, hence why I did not include it. I also didnt include the rest of the ToS that has no bearing on my point.
You said the text was removed. I gave you irrefutable evidence it wasn't. Your reading comprehension issues in both this conversation and the blind interpretation of their documents lead me to believe that you are not ready to have a conversation on this topic.
>>for the purpose of doing as you request with the content you input in Firefox.
So you "Mozilla" license my data, but i am still allowed todo anything with my data..but so are you (Mozilla) right?
What are you trying to explain here?
Why do you think open source software, or any software for that matter, should have the right to put a license on MY data? You (the software) are the processor, not the creator, they want to change that by feeding a processor to create an AI creator based on wetware creations...for free.
Imagine a Mill, Lathe or 3D-Printer would do that.
> they want to change that by feeding a processor to create an AI creator based on wetware creations...for free.
This is actually more of what I was talking about, making stuff up to make yourself angrier.
Where are they doing anything AI related with your data? Where's the proof?
There's none, because they're not, it's something you've come up with just now out of literal thin air.
Let's examine the actual wording in excruciating detail because apparently that's needed
> It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox.
Non-exclusive: The right they claim doesn't stop you or anyone else from claiming the same or similar rights.
Royalty free: They won't pay you for it.
Worldwide: It doesn't matter which jurisdiction you're in.
"Doing as you request in Firefox": Carrying out operations which might mean moving your data from your local machine to a remote one, such as making web requests with requests bodies formed from data you've input.
In total: This means they have the non-exclusive right, without need for payment from you and no matter where you are in the world, for Firefox to do what you've asked it to do with your data. When you posted this comment, that was you telling Firefox to move some data to the internet for you. That is what this legal text and the right they claim provides to you.
In the old internet they didn't need to write any legalese for this, their legal team think they might need to now because the landscape has changed. That's it.
> Imagine a Mill, Lathe or 3D-Printer would do that.
If your mill, lathe or 3d printer could publish your data to the internet I guarantee you with 100% certainty they would include licensing text accomplishing roughly the same thing.
So you googled "mozilla ai" and clicked the first link, which does literally nothing to support the claim you made up.
Let me make a wild guess, you don't actually know what the Mozilla AI project does.
>>without need for payment from you and
> No need to pay YOU, you are twisting things around.
I notice you ignored the rest of the entire comment to yet again make something up and get mad. Why would anyone need to pay you for the data you're sending voluntarily? Should HN be paying us for these comments?
> Have fun, i stop here arguing.
Yeah I bet, have a good one. Hope at some point all of this clicks for you, because I think you fully do not understand what's going on.
Over a decade ago there was a minor uproar with Facebook when someone spotted a similar phrase in their TOS. They had only included it to cover their bases legally and be allowed have image galleries, but regular people didn't understand and thought Facebook was doing something like selling your pictures for profit.
There's no chance I would be able to recommend some Waterfox or Iceweasel to family or friends. Current status is Chrome or Firefox, and there's a long long way ahead for anything else to become relevant. Death of Firefox would mean immediate death of all the forks too.
Browser is such a critical piece of software that it has to be established, with a large and accomplished dev team. Which practically means a budget in the millions at least.
Anything smaller I could use myself, but would absolutely never recommend to others. As I said, current mainstream enough options are only Firefox or Chrome.
This is even more confusing. I understand that the browser needs to know my primary language and will send that as part of the HTTP requests (e.g. as part of the Accept-Language header) in order to operate ("To provide you with the Firefox browser"). I don't know why Mozilla needs a license for this.
They are not clear where/how the data is being used. For example, why are "Unique identifiers" and "Interaction data" part of "To provide you with the Firefox browser"?
From "Interaction data": "This is data about how you engage with our services, such as how many tabs you have open or what you’ve clicked on." -- Why is it necessary to track how many tabs I have open in order to provide the browser to me? -- That isn't something they need to send via HTTP to make websites function. If it is for telemetry and improving the browser, that should be a separate section.
> You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license *for the purpose of doing as you request* with the content you input in Firefox. This does not give Mozilla any ownership in that content.
They are saying that you give a license to Firefox to do as you request. That's all. The language is explicit and explain the relationship between you and the product when you use it. The product behaves as your agent, and would need permissions to do so. Every browser implies this, Firefox just was explicit with it.
It still doesn't make sense unless that info is going via mozilla's servers. Software running on your PC doesn't need permission to process and send data that you are giving it, to send it to the places you intend.
Mozilla legal apparently think otherwise. They have been spooked by the recent California legal movements which can apply the label "sell" to behaviours we wouldn't normally consider selling user data, like setting the default search engine.
Where has Mozilla legal clarified that in its entirety? They could limit the data to that very need inside the ToS if that is how they felt and wanted to be transparent.
I'm looking at the https://www.mozilla.org/en-US/privacy/firefox/#lawful-bases section of the new privacy document which goes into more detail on what is collected and why, along with the "Types of Data Defined" section above it that describes the different data.
It doesn't differentiate when that data is stored locally, when it is sent to (and collected by) Mozilla, and when it is sent/accessed by the website you are on/using.
Likewise, because "Interaction data" covers both "how many tabs you have open" and "what you’ve clicked on" (as well as ad related information in the next paragraph) it can cover things like handling anchor ping attributes (what you've clicked on) which are nec1essary for Firefox to work w.r.t. that feature vs. collecting ad related information ("Click counts, impression data, attribution data, how many searches performed, time on page, ad and sponsored tile clicks.") which is not.
With those broad information categories they are combining different use cases from using the browser, telemetry, and collecting data useful for advertising.
Another example: in the "To adapt Firefox to your needs" section they explicitly call out sending location data to websites like Google Maps but the data collected is listed is "Any data type" not "Location".
I know there are other cases, but the specific wording is vague and unclear. For example that section mentions being able to "clear your browsing history". As a developer I can infer that that is related to JavaScript APIs being able to access your browsing history, but that isn't called out in this section so it is unclear that this is what they are referring to.
They use that telemetry to understand how users in aggregate use the product so they can prioritize maintenance and improvements. Like any other software.
Anyway, you can disable that telemetry in the prefs UI with a single click.
Why does Mozilla keep falling into the trap of bringing these crappy MBAs into their leadership? Promote real ambassadors of privacy and open software instead of people like the current interim CEO, who is ex-McKinsey. If they can't manage that then maybe it's finally time to let Mozilla go. Andreas Kling's browser project sounds like it's coming along well.
They're essentially owned by Google through a contract both cannot refuse, because it keeps the "Google isn't a monopoly" narrative while allowing Mozilla to stay afloat, therefore I wouldn't expect them to do anything that could harm the agreement with Google, like real competition.
Why? Mozilla has been circling the drain for a while with their poor decisions, and questionable privacy practices all while proclaiming to be all about user privacy. Now they have flushed any goodwill they had right down the toilet.
As leaders, they need to be held accountable for their poor decisions. Which means they need to fuck off, and let new people come in and rebuild trust.
yes, this was a big screw-up all things considered, but crucifying people for a (relatively straightforward, imo) comms issue just seems...borderline violent?
> For instance, Mozilla said it may have removed blanket claims that it never sells user data because the legal definition of “sale of data” is now “broad and evolving,” Mozilla’s blog post stated.
> The company pointed to the California Consumer Privacy Act (CCPA) as an example of why the language was changed, noting that the CCPA defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”
mind you, I sincerely doubt this ever even came across the desks of leadership—if it's legalese compliance bullshit, why would it?
You read it as a comms issue. I don't. I read it they have been selling a form of my data.
In one, my argument is an overreaction. In the other it is reasonable, given they have been misleading consumers. A strategy which clearly would be oversighted by senior management.
in my case i've been using firefox for more than 20 years, through the crashes, the memory leaks, the incompatible sites... and i disengaged, (uninstalled and deleted my account). i am not particularly gung-ho on privacy, all and all a pretty run-of-the-mill middle of the road guy. i wouldn't be surprised if they lost a high 1-digit or low 2-digit percentage of their user base with that debacle...
with the drop in image i fear they lost a lot of potential new users too... that might be the hardest hit. this might accelerate their slow descent into irrelevancy...
it sounds like you and I have completely different understandings of the world, so I'm genuinely not sure I can convince you otherwise, but let me give it a shot
to oversimplify into a couple points:
* people make mistakes, especially in communication—it happens! I misspeak (or often don't fully consider how people with different POVs will interpret what I say differently) all the time, personally
* nearly mozilla's entire remaining userbase has stuck around because of mozilla's independence and focus on privacy. everyone with a brain knows full well that selling all user data entered into the browser is the single biggest possible violation of that. therefore, how would mozilla continue to exist as a company in any capacity if that were actually the case? they would have zero users
finally, I'll leave you with hanlon's razor: "never attribute to malice that which is adequately explained by stupidity"
I'm not saying they're selling all data put into the browser, I'm saying they're selling user data, and they were doing so when they were claiming they never sold user data. They (charitably) seem to have convinced themselves that what they were doing was not 'selling' (in a similar way to google 'not selling your data' because they don't just make it available wholesale, they only sell the processed results indirectly through their ad business), but California's new privacy laws makes it obvious they should be calling it 'selling'. They've obvious cocked up the communication of this fact, partly with an overly broad update to their ToS, but even with this walking back they should apologise for misinforming people on this page before.
It seems like what is happening is not Firefox now making a pivot to the privacy unfriendly side, but Firefox has already been selling data, but in a manner that---for whatever strange reason---they didn't consider to qualify as "selling data", and hence the original Terms of Use included the promise of "We never sell your data". Then lawyers came along and told them that this just wouldn't fly legally, and they have to change their terms now.
Even now, Firefox still doesn't consider what they do "selling data", and they are forced to change the wording only because the laws are weird.
Frankly, I just don't see how sharing data to partners to make yourself commercially viable can be construed as not selling data. In their own words, what Firefox does is:
> In order to make Firefox commercially viable, there are a number of places where we collect and share some data with our partners, including our optional ads on New Tab and providing sponsored suggestions in the search bar.
We could argue about whether the laws are slippery or over-reaching, or how responsible or not Firefox has been handling user data. We could argue about how much anonymization and aggregation of data reduce privacy concerns.
But to argue that the above action is not "selling data" is in my view not a reasonable position.
Despite all the justified doubts and concerns, it's also worth noting that Mozilla runs one of the few independent browser engines left, with limited ways to actually fund it.
When they're not here anymore, there aren't many parties left to argue about web standards in favor of a free web.
So I'd keep watching them as always, without painting them as evil just because of some misstep...
"The Firefox Browser is the only major browser backed by a not-for-profit that doesn’t sell your personal data to advertisers while helping you protect your personal information."
Now just says.
"The Firefox Browser, the only major browser backed by a not-for-profit, helps you protect your personal information."
This is not some misstep, it is the breaking of a promise.
If I remember correctly, more than 50% of their revenue came from Google Search in the past.
They are now at 2.6% market-share, I can imagine that revenue-stream is making it hard to keep the lights on.
It's sad that it came to this, but somewhat understandable as they don't really have these other lucrative side-businesses of Google, Apple, Microsoft.
FWIW, the change is that the new wording allows them to build a revenue-stream based on telemetry data, while the original wording prohibits them from such a financing model at all.
Outside of Europe this might be significant, but in European legal context the difference is that they could now ASK you if you allow them to use your telemetry to create revenue, and only do it IF YOU AGREE (small nudge to push for privacy-friendly laws).
I would say they are changing the promise, not breaking it. Breaking it would have been if they sold data with the old description (which is not the case, is it?).
Since they claim that they are not changing the promise, only being more clear about it, the implication is that they did sell data under the old description.
The definition of the word "sell" has a different meaning in a post-AI world and in specific California have a new bill adding some other contexts to it, so despite not actually doing anything differently (go and look at the Firefox source tree if you don't believe me) they have to change their wording.
ETA: Setting Google as their default search engine in exchange for funding from Google has been cited as an example of "selling user data to Google", if you'd like a concrete example of what I'm talking about.
> The California Consumer Privacy Act (CCPA) defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”
I have. That is and has been an accurate description of selling data. Feel free to explain what you feel the change is definition is and maybe this community can help you see how there is no difference at all.
Does it matter if they weren't arguing in favor of a free web to begin with? Quite the opposite in fact; their stated stance is they want to remove people they disagree with from the web.
> The company pointed to the California Consumer Privacy Act (CCPA) as an example of why the language was changed, noting that the CCPA defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”
It's insane to think Firefox would ever have gone this route? How disconnected is management? The move would be suicide! A major reason people use Firefox is because of privacy. The other major reason is because a user's privacy conscious child or grandchild installed it for them. That's your whole fucking userbase!
It's a shame too because they had the opportunity to double down on privacy. What with Apple caving to governments.
I was a fanboy who's been with you for nearly two decades
You can check my comment history. I defended you through tough times, I've donated, and for what? A slap in the face.
You had it going with the rust rewrite and just floundered on every opportunity. You made Thunderbird pretty good and gave many hope, then floundered. You have some great devs, let them make great software
So where do we go now? What browser that isn't just a different color of chrome? Safari? No. Ladybird? Sea Monkey?
They sold out, Mozilla in name only. My plan is to switch my family to librewolf on Desktop and Brave on Mobile until better options appear. I'm a bit bitter about it. I've often been the only person in my org that insisted on Firefox.
_Exactly_ as you say, like a virus, whenever I visit family I will be switching out their browsers from Firefox to the next best thing.
> For instance, Mozilla said it may have removed blanket claims that it never sells user data because the legal definition of “sale of data” is now “broad and evolving,” Mozilla’s blog post stated.
> The company pointed to the California Consumer Privacy Act (CCPA) as an example of why the language was changed, noting that the CCPA defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”
Wow, I'm actually stunned that Mozilla straight-up admits that they're selling user data here and that's why they removed that language.
Good for them for being honest. Bad on them for selling user data.
I honestly don't understand the insane levels of hate that Mozilla gets on HN and certain other corners of the internet. More than the most evil corporations on earth. I can only assume some of it is politically driven.
Firefox and Thunderbird are two of the last bastions of functional, accessible FOSS software in their respective spaces. The software landscape would be a lot more bleak without them.
It's important to hold Mozilla to account given their role (and this TOS roll-out was clearly a screw-up whatever way you look at it) but the amount of people jumping in saying that they are irredeemable now, that we must now stop using their software even if they backtrack on this, is counterproductive. And honestly I suspect a lot of the people saying that have also been saying it for years before any of this happened.
Mozilla's move synergizes with the surveillance security state that the previous admins were trying to fortify here. I understand Mozilla Corporation has to sell out to continue receiving funding, I just choose not to participate. Everything dies.
I've been deeply studying "trust" for the past year, as part of a
project around "Zero Trust". It's a core pillar in cybersecurity.
Trust is very complex. Extremely hard won, easy to lose, practically
impossible to rebuild.
Mozilla have blown it and there's no going back for that company.
This is what happens when you let morally defective people take the
reigns. My advice would be, dissolve it and use whatever money is left
to start new projects for free-software browsers.
Mozilla's core major malfunction is that they are deceptive, as an
organisational culture. No amount of hard work, careful words, money
spent on PR will hide that odour, and whatever goodwill they show now
will naturally be undone as they return to business as usual.
What complicates things is that large companies have incentive and resources to try to dissuade users from using completely free and open source browsers.
This makes it harder to trust messages about not trusting ie. Firefox.
There are certainly many enemies of Mozilla who've used disinformation
and exaggeration to agitate against them.
From where I stand, Mozilla have done little to deflect that,
everything to encourage it and generally been been their own worst
enemy.
Taking on an operation like running Mozilla is not just running some
random tech company that makes a browser. Standing up for software
freedom is an ideological stance (in the best possible sense) and
requires more capable people who are prepared to dig deeper, work
harder, take risk, and stand up for what is right.
I do not see those people at Mozilla. Correct me if I'm wrong (and
let's have their email) so I can apologise and invite them to discuss
why Firefox is no longer a browser that I can trust.
The whole thing confuses me is that why would Firefox as an browser (user agent) need that legal jargon to work. Hopefully Legal Eagle or similar channels would cover this, but they are too busy with politics at the moment?
Well, no, see that's a great example of why this is a problem. If Intel sells you a CPU, it doesn't need a license to your data, because you give your data to your CPU in your computer. It would, in fact, be a huge red flag if Intel suddenly wanted a license to process your data, because they only need that if they're sending your data to them for processing.
(IANAL, corrections welcome if you can actually point to a law that says otherwise)
I would love that detractors explain what data is being sold, exactly. Because it's the same data that you have willingly given them by using their _services_. The only change with the product is "for the purpose of doing as you request", which is the definition of an User Agent.
Sounds like the blog post shows that they are explicitly selling user data. Specifically data relating to the ads they show in the browser. They claim it's carefully anonymised and aggregated, but they are selling it nonetheless. The blog post is a nonsequitar with the claims in the updated 'TOS', which make no sense because they don't need a license for an executable on your PC to process and send data to the website's your visiting in line with what's expected of a web browser, only a license if they are also sending it to themselves or on behalf of themselves, which is not "what you intend" if you visit a web page or just open up a new tab.
> because they don't need a license for an executable on your PC to process and send data to the website's your visiting in line with what's expected of a web browser
You actually do. It's implied that by using the software you give it to the software to act to your agent, but you actually do have it. In court you would have to establish this behavior using context. Mozilla avoids all of that by making it explicit.
> only a license if they are also sending it to themselves or on behalf of themselves
>In court you would have to establish this behavior using context.
Under what law? As far as I know neither copyright nor the various privacy laws care about what an executable on the user's machine is doing, as far as the liability of the company goes. They only care about what the company sees.
>Which again, the license still doesn't allow.
Which is why it doesn't make sense, especially when their privacy policy does spell out that they are selling data collected from the browser (not very much, but there certainly is some)
We need to get behind Mozilla and Firefox for the simple reason it is the last bastion on the path to omni-chrome
Those who care very deeply about very tight privacy have enough niche options.
But I want there to be browser that has enough privacy to be sustainable so there’s a reliable option for me to recommend to family members etc which is holds enough market share for websites to test against.
If Firefox’s market share dips any lower website makers won’t support it - testing only against the homogeneity of chrome/edge/safari and then it will become a death spiral and humanity will have taken a step backwards.
It’s a case of use it lose it.
If we need to do anything, it's get behind Ladybird, and put up with a Firefox fork for the next 12-24 months as a 'daily driver'.
Mozilla has little enthusiasm for developing its actual web browser, and doesn't seem to like its users very much.
For the past decade, Mozilla has made one bad choice after another, and every time it blows up in their faces, their takeaway is that they failed to properly 'educate the customer'.
Mozilla should just get out of the way. If Google Legal didn't need them, they already would be out of the way.
Why is Ladybird going to be more successful than all the other failed browsers?
I've been optimistic on ladybird after watching the speed of progress with tests in their monthly youtube updates, they are quite well presented.
Ladybird is also not ideologically captured by anti freedom extremists with self contradictory beliefs. Mozilla refuses to allow anyone to donate to firefox development because they demand the right to redirect funds you give them towards discriminating against people they don't like.
> Ladybird is also not ideologically captured by anti freedom extremists with self contradictory beliefs. Mozilla refuses to allow anyone to donate to firefox development because they demand the right to redirect funds you give them towards discriminating against people they don't like.
Can you expand on this? This feels wildly editorialized.
So there are 2 Mozillas: There's the Mozilla Foundation, and the Mozilla Corporation. The corporation develops Firefox. The foundation takes donations. For reasons I don't claim to understand (IANAL, and I gather there's tax law stuff involved), the foundation apparently can't give the corporation money to work on the browser. This leads to a regular point of confusion and a complaint because people would very much like to financially support the browser, but there is literally no way to donate to it. Now I believe (again, IANAL) that there are ways they could arrange things so that people could give money to the corporation for the browser, but they have not done those things. A person could plausibly argue that that's because Mozilla Foundation wants people to donate to the foundation and not the browser, though I'm not sure if they've ever publicly said anything explicitly. (If they have, I would very much appreciate links.)
Where does this come into play?
>they demand the right to redirect funds you give them towards discriminating against people they don't like.
It sounds _incredibly_ suspect, frankly.
Mozilla's self stated mission as a self proclaimed "global crew of activists" [1] is to "more than deplatform" [2] people they disagree with. Deplatforming just means censorship in this context and they want people they don't like more than censored, they want them off the internet completely. Pretty dangerous for a company making a browser to list infringing on people's human rights as a goal, but they've convinced themselves they're the good guys.
[1] https://blog.mozilla.org/en/mozilla/mozilla-brand-next-era-o...
[2] https://blog.mozilla.org/blogarchive/blog/2021/01/08/we-need...
lmao
The makers of other browser had either worse incentives, or were bad at getting attention, or couldn't execute, or offered just a reskinned Chrome/Firefox, or included too many avant-garde features that nobody asked for, or existed back when Firefox was liked enough to make them irrelevant.
> If we need to do anything, it's get behind Ladybird
and servo please ...
> Those who care very deeply about very tight privacy
> that has enough privacy to be sustainable
These are the key phrases. Mozilla has hitched its wagon to advertising. Behind all the bluster over last week, the underlying direction is clear. They bought Anonym [0] and Ajit Varma, the new VP of Product for Firefox and source of the updates, is ex-Meta. It's reasonable to assume that he's there, in part, because of advertising expertise.
Some will see Anonym's "privacy-powered advertising" as "enough privacy" and the only viable way to sustain Firefox without Google's annual cash injection.
Others won't buy that, believing that a browser can be built without relying on advertising. Ladybird is taking this approach - so we'll find out.
> If Firefox’s market share dips any lower website makers won’t support it
This is the risk the exec team must know they've taken. Specifically: what proportion of the current Firefox user base exists because of the historic pro-privacy stance, and what percentage of that will leave because of the advertising-based future?
[0] https://www.anonymco.com/
--
EDIT: addedd missing reference
> Others won't buy that, believing that a browser can be built without relying on advertising. Ladybird is taking this approach - so we'll find out.
I'm afraid that we'll find out indeed and end up with no Ladybird and no Firefox either.
I'm with you, I really am. I've been on Firefox for nearly two decades, even the shitty years. But I still think this was a foreseeable issue and even the claim that "there was confusion" only shows a disconnect.
If you make a move like this you need to announce it in advance. You announce it loudly! You need you recognize that users concerned with privacy are looking for canaries. So when you have to put a canary down you fucking tell people before and don't just wait for them to find a dead canary. Of course people are going to freak out, that's what canaries are for.
I agree completely that something needs to change procedurally—this can't be allowed to happen again
>We need to get behind Mozilla and Firefox
No we need to get rid of Mozilla (the org and the company), transform/fork Firefox and Thunderbird to a community project with (maybe?) a Foundation behind like FreeBSD or Blender.
Mozilla's CEO's and Manifesto writers did nothing to support Firefox but fill their own pockets and hype the AI train, I really wonder how much money goes directly into the development of Firefox, if we compare it to the Linux Foundation supporting Linux (the Kernel) it's about 3%, it's probably even less for Mozilla.
if that were truly (sustainably) possible, I'd support it, but imo that'd just be signing ff's death warrant
side note, thunderbird is already independent and democratically-managed by the community (as of a few years ago). the way I understand it is that they effectively just use mozilla's resources for legal, logistical stuff
>if that were truly (sustainably) possible, I'd support it, but imo that'd just be signing ff's death warrant
I really don't think so, have a look at the ladybird browser:
https://ladybird.org/#sponsors
Or even Servo:
https://servo.org/
Neither of these represent the cost and support footprint to maintain and develop a fully featured browser because as it stands neither of them are fully featured, complete browsers.
>cost and support footprint to maintain and develop a fully featured browser
True because the real cost to support a "a fully featured browser" is at least a 1/4 billion dollars....because OpenSource needs to make money, not for the Dev's but the MBA's ;)
I just wish I could get enthusiastically behind Mozilla, right now I stand behind them in spite of their leadership.
For the share issue we are already there, with Firefox+Linux so many websites started to just block, usually with chrome at least a captcha is still offered.
With the current board and directors and focus I don't see any ways Firefox will gain share in the future (or not any that I really care about), and I certainly have no interest to support the current goals ...
For the privacy part Mozilla has been sitting on features like containers for years with no improvements. At this point I believe Mozilla ending might be better since it would shake things up ...
> We need to get behind Mozilla and Firefox
That's some bizarre upside-down-world Stockholm Syndrome thinking on display here. That or you are a paid PR influencer working on behalf of Mozilla. Just absolutely astonishingly weird psychological behavior.
Mozilla is violating user privacy. They are the bad guy. You don't ask the bad guy for help. You punch them in the face. These guys are making it worse, not better, and helping them will only make privacy worse, not better.
There are already multiple forks for Firefox and destroying Mozilla as an organization would greatly help one or more of them take off and carry the banner of true enabling privacy for the user, which Mozilla is not doing.
No it's realism.
ALMOST EVERYONE is voilating user privacy to some extent. That's the price to pay for free software. It sucks, but how do we climb out of that reality?
Punch the bad guy in the face if you like, YOU have options, but once FF is sunk, the the only provider most people can turn to for the stuff they need is Chrome.
If Mozilla/FF is the bad guy in your analogy then Chrome must be an atroticy-committing omni-cidal megalomaniac, which correct me if i'm wrong, is not better.
If you understand the privacy landscape and don't want to get involved you don't have to. I'm on a multi-container, multi-privacy extension, private-search setup because I roughly understand the environment. But I'm certainly not recommending that setup to my parents.
In my view MZ/FF is the least worst of the VIABLE alternatives and has the best chance of success. Sinking Mozilla's firefox in favour of ladybird or brave but none of these will ever have the marketing collaterall that mozilla has/had to be anything other than niche, until they are bought by Meta or Amazon or (you get me)
Most banking websites that most people need to use don't give a fuck about niche browsers and actively agent-sniff to reduce their support and security footprint. Whining down the phone to megacorp's customer support that "you don't want to use Chrome on privacy grounds" and "they really should support ladybird" will not be the mighty hammer of resistance you think it is.
I don't have a better suggestion and so I'm willing make a deal with a bad guy it means I don't have to install Chrome on my mother's PC.
> once FF is sunk, the the only provider most people can turn to for the stuff they need is Chrome.
There are a number of FF forks available as well.
Pretty much all of those forks are small volunteer projects that rely on upstream work by Mozilla, who are already struggling to keep up with MS, Google, and Apple. We were already at a point where Mozilla was laying off technical staff a few years ago. We're now seeing sites just outright block Firefox because it's not worth the effort when most users are reaching for something built atop Cr. How would any of these forks survive?
The worst that would happen is that the forks don't stay updated. They won't stop working. It's pretty easy to evade the blocks on sites that are poorly designed/managed enough that they feel it's necessary to block certain browsers.
>The worst that would happen is that the forks don't stay updated.
Which is hardly trivial, there are hundreds of open issues on Bugzilla for XUL alone. Some of the gaps include accessibility issues, which is down more to Cr better supporting APIs provided by vendors like NVDA. This is first of all, not something that is 'easy to evade' for the affected demographic, and secondly something Mozilla was an industry leader in for a long time. Obviously, Google didn't invest in this out of any sense of altruism, but it speaks to the sustainability of browser development, and what approaches thereof actually work.
So your advice to my parents is...
(a) Ignore browser security updates
and
(b) Install some extensions to fettle with user-agent strings to match popular browsers.
Streuth.
> Mozilla is violating user privacy.
They have changed literally nothing except the FAQ. The "selling" is describing behaviour they already do and have been doing for years. They set the default search engine to Google, this is now considered selling user data.
> There are already multiple forks for Firefox and destroying Mozilla as an organization would greatly help one or more of them take off and carry the banner of true enabling privacy for the user, which Mozilla is not doing.
You do realize that if Mozilla dies then every single one of these forks dies with it? Surely?
None of the teams working on these forks actually do any core browser engine work. Without Mozilla you are an ECMAScript update or a new web standard away from your fork of choice becoming a brick.
I have yet to see where Mozilla confirmed that is the only thing they are doing with data. The ToS gives them more power than that. They could limit that by updating the ToS. But they are not doing that.
Huh? You do understand that Firefox is just a single executive decision away from becoming a chromium skin? In order to forward-think, proper-size and upward-achieve , so that limited funds can be utilized with most impact etc.?
Please, directly skip to the real announcement:
https://blog.mozilla.org/en/products/firefox/update-on-terms...
The actual content:
> [Given that the definition of "selling" in legal terms can be slippery, we must be aware of not falling in cases like the following:] In order to make Firefox commercially viable, there are a number of places where we collect and share some data with our partners, including our optional ads on New Tab and providing sponsored suggestions in the search bar. We set all of this out in our Privacy Notice. Whenever we share data with our partners, we put a lot of work into making sure that the data that we share is stripped of potentially identifying information, or shared only in the aggregate, or is put through our privacy preserving technologies (like OHTTP)
This was discussed before on HN.:
> in some places, the LEGAL definition of “sale of data” is broad and evolving. As an example, the California Consumer Privacy Act (CCPA) defines “sale” as...
And then they go on to describe what a common-sense definition of a sale is. There's nothing broad or slippery about the example, so yes, they basically say "we're going to sell your data"
This leaves out the important part, nothing has actually changed. This is entirely a rewording for what they're currently doing and have been doing for years.
If it's such an outrage worthy subject why did no one explode about this when they added the sponsored links years ago?
> why did no one explode about this when they added the sponsored links years ago?
There was a lot of discussion and consternation about this as well.
The nothing has actually changed cannot be known. There is no transparency here. This is just what you think based off of their weirdly worded statements. Many people were outraged over the sponsored links here on this very site.
We can tell that nothing materially has changed because people are linking git diffs of the FAQ and no one is linking to any changes in the source code, which is equally as available.
From that perspective it's super transparent, if you bother to look.
They released the source code for their server infrastructure where the data they collect is sent so we can verify that? Oh let me check... nope. If only they didnt collect the data there would be no trust issues.
You appear to be going off the rails -- this entire debacle is about Firefox, which runs locally on your machine, you can see if they're collecting different data (they aren't) or sending it somewhere else (they aren't).
There's no evidence they're doing anything with any data and there never was. All of this outrage is purely centered on a ToS update which they've since refactored in response.
Sir, they are 100% taking data from your machine and sending it else where. There are literally forks of the browser made solely to prevent it. You are either incapable of having a discussion in good faith or actively have your fingers in your ears. You continue to post untruths throughout this comment section.
>"we're going to sell your data"
And:
>>This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox.
So now we can use your photo of your birthday party that you sent via webmail... but don't worry, we don't own it, you just gave us a "non-exclusive, royalty-free, worldwide license".
> So now we can use your photo of your birthday party that you sent via webmail
Please read the second half of the text you quoted, where it says "for the purpose of doing as you request with the content you input in Firefox."
I cannot find a nicer way to say this, but a lot of people in these threads are essentially winding themselves up and then producing rubbish like this to fuel their own anger.
Mozilla have been clumsy sure, but this collective tantrum as a response makes zero sense especially now with given context it's clear they're not doing anything they haven't been doing for years.
> This includes processing your data as we describe in the Firefox Privacy Notice.
The Privacy Notice says they can use your data in anyway they sit fit to make the business a success. They should close that loophole if they want to gain trust.
It gives them the right to use your data, for the purpose you indicate by using Firefox. Additionally, from the very next line which you and GP conveniently chopped out:
> This does not give Mozilla any ownership in that content.
They've since removed the reference to the privacy policy since as they said, users are clearly confused by it.
? https://news.ycombinator.com/item?id=43252629 was entirely about "ownership" not being relevant
Was it?
That comment is constituted from two quotes, one of them entirely fabricated, and then a hypothetical provided with no basis. If Mozilla don't own the data and their license only allows Firefox to do what you're requesting it do, then I don't see what points are being made except fearmongering.
Yes, it was. If you want to argue that Mozilla won't/can't use data except for serving user requests, then by all means argue that, but pointing out that they don't own the data is moving the goalposts because you're doing so under a comment that talks about ownership being more or less irrelevant.
This is a lie. It is not removed. You either didn't check the facts of your point of you are willfully trying to deceive others.
https://www.mozilla.org/en-US/about/legal/terms/firefox/
> You Give Mozilla Certain Rights and Permissions
> You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox. This does not give Mozilla any ownership in that content.
The next line does not alter the first, hence why I did not include it. I also didnt include the rest of the ToS that has no bearing on my point.
> This is a lie. It is not removed.
https://blog.mozilla.org/en/products/firefox/update-on-terms...
Read the italicised text.
You said the text was removed. I gave you irrefutable evidence it wasn't. Your reading comprehension issues in both this conversation and the blind interpretation of their documents lead me to believe that you are not ready to have a conversation on this topic.
>>for the purpose of doing as you request with the content you input in Firefox.
So you "Mozilla" license my data, but i am still allowed todo anything with my data..but so are you (Mozilla) right?
What are you trying to explain here?
Why do you think open source software, or any software for that matter, should have the right to put a license on MY data? You (the software) are the processor, not the creator, they want to change that by feeding a processor to create an AI creator based on wetware creations...for free.
Imagine a Mill, Lathe or 3D-Printer would do that.
> they want to change that by feeding a processor to create an AI creator based on wetware creations...for free.
This is actually more of what I was talking about, making stuff up to make yourself angrier.
Where are they doing anything AI related with your data? Where's the proof?
There's none, because they're not, it's something you've come up with just now out of literal thin air.
Let's examine the actual wording in excruciating detail because apparently that's needed
> It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox.
Non-exclusive: The right they claim doesn't stop you or anyone else from claiming the same or similar rights.
Royalty free: They won't pay you for it.
Worldwide: It doesn't matter which jurisdiction you're in.
"Doing as you request in Firefox": Carrying out operations which might mean moving your data from your local machine to a remote one, such as making web requests with requests bodies formed from data you've input.
In total: This means they have the non-exclusive right, without need for payment from you and no matter where you are in the world, for Firefox to do what you've asked it to do with your data. When you posted this comment, that was you telling Firefox to move some data to the internet for you. That is what this legal text and the right they claim provides to you.
In the old internet they didn't need to write any legalese for this, their legal team think they might need to now because the landscape has changed. That's it.
> Imagine a Mill, Lathe or 3D-Printer would do that.
If your mill, lathe or 3d printer could publish your data to the internet I guarantee you with 100% certainty they would include licensing text accomplishing roughly the same thing.
>>Where are they doing anything AI related with your data? Where's the proof?
https://www.mozilla.ai/
>without need for payment from you and
No need to pay YOU, you are twisting things around.
Have fun, i stop here arguing.
>> https://www.mozilla.ai/
So you googled "mozilla ai" and clicked the first link, which does literally nothing to support the claim you made up.
Let me make a wild guess, you don't actually know what the Mozilla AI project does.
>>without need for payment from you and
> No need to pay YOU, you are twisting things around.
I notice you ignored the rest of the entire comment to yet again make something up and get mad. Why would anyone need to pay you for the data you're sending voluntarily? Should HN be paying us for these comments?
> Have fun, i stop here arguing.
Yeah I bet, have a good one. Hope at some point all of this clicks for you, because I think you fully do not understand what's going on.
Over a decade ago there was a minor uproar with Facebook when someone spotted a similar phrase in their TOS. They had only included it to cover their bases legally and be allowed have image galleries, but regular people didn't understand and thought Facebook was doing something like selling your pictures for profit.
No thank you. Fork.
There's no chance I would be able to recommend some Waterfox or Iceweasel to family or friends. Current status is Chrome or Firefox, and there's a long long way ahead for anything else to become relevant. Death of Firefox would mean immediate death of all the forks too.
Zen is perfectly usable by your family.
Browser is such a critical piece of software that it has to be established, with a large and accomplished dev team. Which practically means a budget in the millions at least.
Anything smaller I could use myself, but would absolutely never recommend to others. As I said, current mainstream enough options are only Firefox or Chrome.
You're forking the FAQ? Because that's the only thing that's actually changed here.
This is even more confusing. I understand that the browser needs to know my primary language and will send that as part of the HTTP requests (e.g. as part of the Accept-Language header) in order to operate ("To provide you with the Firefox browser"). I don't know why Mozilla needs a license for this.
They are not clear where/how the data is being used. For example, why are "Unique identifiers" and "Interaction data" part of "To provide you with the Firefox browser"?
From "Interaction data": "This is data about how you engage with our services, such as how many tabs you have open or what you’ve clicked on." -- Why is it necessary to track how many tabs I have open in order to provide the browser to me? -- That isn't something they need to send via HTTP to make websites function. If it is for telemetry and improving the browser, that should be a separate section.
> You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license *for the purpose of doing as you request* with the content you input in Firefox. This does not give Mozilla any ownership in that content.
They are saying that you give a license to Firefox to do as you request. That's all. The language is explicit and explain the relationship between you and the product when you use it. The product behaves as your agent, and would need permissions to do so. Every browser implies this, Firefox just was explicit with it.
It still doesn't make sense unless that info is going via mozilla's servers. Software running on your PC doesn't need permission to process and send data that you are giving it, to send it to the places you intend.
Mozilla legal apparently think otherwise. They have been spooked by the recent California legal movements which can apply the label "sell" to behaviours we wouldn't normally consider selling user data, like setting the default search engine.
Where has Mozilla legal clarified that in its entirety? They could limit the data to that very need inside the ToS if that is how they felt and wanted to be transparent.
I'm looking at the https://www.mozilla.org/en-US/privacy/firefox/#lawful-bases section of the new privacy document which goes into more detail on what is collected and why, along with the "Types of Data Defined" section above it that describes the different data.
It doesn't differentiate when that data is stored locally, when it is sent to (and collected by) Mozilla, and when it is sent/accessed by the website you are on/using.
Likewise, because "Interaction data" covers both "how many tabs you have open" and "what you’ve clicked on" (as well as ad related information in the next paragraph) it can cover things like handling anchor ping attributes (what you've clicked on) which are nec1essary for Firefox to work w.r.t. that feature vs. collecting ad related information ("Click counts, impression data, attribution data, how many searches performed, time on page, ad and sponsored tile clicks.") which is not.
With those broad information categories they are combining different use cases from using the browser, telemetry, and collecting data useful for advertising.
Another example: in the "To adapt Firefox to your needs" section they explicitly call out sending location data to websites like Google Maps but the data collected is listed is "Any data type" not "Location".
I know there are other cases, but the specific wording is vague and unclear. For example that section mentions being able to "clear your browsing history". As a developer I can infer that that is related to JavaScript APIs being able to access your browsing history, but that isn't called out in this section so it is unclear that this is what they are referring to.
They use that telemetry to understand how users in aggregate use the product so they can prioritize maintenance and improvements. Like any other software.
Anyway, you can disable that telemetry in the prefs UI with a single click.
Why does Mozilla keep falling into the trap of bringing these crappy MBAs into their leadership? Promote real ambassadors of privacy and open software instead of people like the current interim CEO, who is ex-McKinsey. If they can't manage that then maybe it's finally time to let Mozilla go. Andreas Kling's browser project sounds like it's coming along well.
They're essentially owned by Google through a contract both cannot refuse, because it keeps the "Google isn't a monopoly" narrative while allowing Mozilla to stay afloat, therefore I wouldn't expect them to do anything that could harm the agreement with Google, like real competition.
How about the directors and Management who let this happen, resign. We need another phoenix to rise from the ashes of Firefox.
They are currently with an interim CEO and searching for a new one https://blog.mozilla.org/en/mozilla/a-new-chapter-for-mozill...
Let's fork it and call it Firebird...oh no wait ;)
I am old enough to get that.
that seems wildly excessive
Why? Mozilla has been circling the drain for a while with their poor decisions, and questionable privacy practices all while proclaiming to be all about user privacy. Now they have flushed any goodwill they had right down the toilet.
As leaders, they need to be held accountable for their poor decisions. Which means they need to fuck off, and let new people come in and rebuild trust.
and no, a decent manager shouldn't have to literally review every little thing every single one of their employees does
obviously something needs to change here procedurally, but micromanagement across the entire board is not the answer
and therefore firing management for this is not really solving anything other than satiating the bloodlust of the mob
yes, this was a big screw-up all things considered, but crucifying people for a (relatively straightforward, imo) comms issue just seems...borderline violent?
> For instance, Mozilla said it may have removed blanket claims that it never sells user data because the legal definition of “sale of data” is now “broad and evolving,” Mozilla’s blog post stated.
> The company pointed to the California Consumer Privacy Act (CCPA) as an example of why the language was changed, noting that the CCPA defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”
mind you, I sincerely doubt this ever even came across the desks of leadership—if it's legalese compliance bullshit, why would it?
You read it as a comms issue. I don't. I read it they have been selling a form of my data.
In one, my argument is an overreaction. In the other it is reasonable, given they have been misleading consumers. A strategy which clearly would be oversighted by senior management.
well, yeah...if mozilla's been selling all our data, then screw firing leadership—they as an organization are rotten to the core and should burn
but I honestly think that's a totally unreasonable conclusion to draw based on this kerfuffle alone
this is simply a tipping point.
the important question is, how many people left?
in my case i've been using firefox for more than 20 years, through the crashes, the memory leaks, the incompatible sites... and i disengaged, (uninstalled and deleted my account). i am not particularly gung-ho on privacy, all and all a pretty run-of-the-mill middle of the road guy. i wouldn't be surprised if they lost a high 1-digit or low 2-digit percentage of their user base with that debacle...
with the drop in image i fear they lost a lot of potential new users too... that might be the hardest hit. this might accelerate their slow descent into irrelevancy...
definitely
It sounds a bit more like they were lying before, frankly, and they were forced to come clean by this act.
it sounds like you and I have completely different understandings of the world, so I'm genuinely not sure I can convince you otherwise, but let me give it a shot
to oversimplify into a couple points:
* people make mistakes, especially in communication—it happens! I misspeak (or often don't fully consider how people with different POVs will interpret what I say differently) all the time, personally
* nearly mozilla's entire remaining userbase has stuck around because of mozilla's independence and focus on privacy. everyone with a brain knows full well that selling all user data entered into the browser is the single biggest possible violation of that. therefore, how would mozilla continue to exist as a company in any capacity if that were actually the case? they would have zero users
finally, I'll leave you with hanlon's razor: "never attribute to malice that which is adequately explained by stupidity"
I'm not saying they're selling all data put into the browser, I'm saying they're selling user data, and they were doing so when they were claiming they never sold user data. They (charitably) seem to have convinced themselves that what they were doing was not 'selling' (in a similar way to google 'not selling your data' because they don't just make it available wholesale, they only sell the processed results indirectly through their ad business), but California's new privacy laws makes it obvious they should be calling it 'selling'. They've obvious cocked up the communication of this fact, partly with an overly broad update to their ToS, but even with this walking back they should apologise for misinforming people on this page before.
Mozilla doesn't need any of that data from me, whether it is sold or not.
It seems like what is happening is not Firefox now making a pivot to the privacy unfriendly side, but Firefox has already been selling data, but in a manner that---for whatever strange reason---they didn't consider to qualify as "selling data", and hence the original Terms of Use included the promise of "We never sell your data". Then lawyers came along and told them that this just wouldn't fly legally, and they have to change their terms now.
Even now, Firefox still doesn't consider what they do "selling data", and they are forced to change the wording only because the laws are weird.
Frankly, I just don't see how sharing data to partners to make yourself commercially viable can be construed as not selling data. In their own words, what Firefox does is:
> In order to make Firefox commercially viable, there are a number of places where we collect and share some data with our partners, including our optional ads on New Tab and providing sponsored suggestions in the search bar.
We could argue about whether the laws are slippery or over-reaching, or how responsible or not Firefox has been handling user data. We could argue about how much anonymization and aggregation of data reduce privacy concerns.
But to argue that the above action is not "selling data" is in my view not a reasonable position.
Wow, quite black and white views here.
Despite all the justified doubts and concerns, it's also worth noting that Mozilla runs one of the few independent browser engines left, with limited ways to actually fund it.
When they're not here anymore, there aren't many parties left to argue about web standards in favor of a free web.
So I'd keep watching them as always, without painting them as evil just because of some misstep...
Original
"The Firefox Browser is the only major browser backed by a not-for-profit that doesn’t sell your personal data to advertisers while helping you protect your personal information."
Now just says.
"The Firefox Browser, the only major browser backed by a not-for-profit, helps you protect your personal information."
This is not some misstep, it is the breaking of a promise.
If I remember correctly, more than 50% of their revenue came from Google Search in the past.
They are now at 2.6% market-share, I can imagine that revenue-stream is making it hard to keep the lights on.
It's sad that it came to this, but somewhat understandable as they don't really have these other lucrative side-businesses of Google, Apple, Microsoft.
FWIW, the change is that the new wording allows them to build a revenue-stream based on telemetry data, while the original wording prohibits them from such a financing model at all.
Outside of Europe this might be significant, but in European legal context the difference is that they could now ASK you if you allow them to use your telemetry to create revenue, and only do it IF YOU AGREE (small nudge to push for privacy-friendly laws).
I would say they are changing the promise, not breaking it. Breaking it would have been if they sold data with the old description (which is not the case, is it?).
Since they claim that they are not changing the promise, only being more clear about it, the implication is that they did sell data under the old description.
The definition of the word "sell" has a different meaning in a post-AI world and in specific California have a new bill adding some other contexts to it, so despite not actually doing anything differently (go and look at the Firefox source tree if you don't believe me) they have to change their wording.
ETA: Setting Google as their default search engine in exchange for funding from Google has been cited as an example of "selling user data to Google", if you'd like a concrete example of what I'm talking about.
> The definition of the word "sell" has a different meaning in a post-AI world
No it doesn't.
> The California Consumer Privacy Act (CCPA) defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”
Please read.
I have. That is and has been an accurate description of selling data. Feel free to explain what you feel the change is definition is and maybe this community can help you see how there is no difference at all.
Does it matter if they weren't arguing in favor of a free web to begin with? Quite the opposite in fact; their stated stance is they want to remove people they disagree with from the web.
> The company pointed to the California Consumer Privacy Act (CCPA) as an example of why the language was changed, noting that the CCPA defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”
...yeah? That's pretty straightforward.
Dupe? I didn’t see anything from this article that wasn’t already in the previously posted Mozilla blog posts which have already been submitted here.
Optics. Mozilla bungled the optics, then in their reaction, bungled it some more! They do not look good here. We respond to looks.
In objective reality it's a bit of much ado about nothing, but in today's world it's optics and perception that rules. It's subjective.
As another comment says it takes forever to gain trust and a moment to lose it all. Trust is subjective.
People need to resign
It's insane to think Firefox would ever have gone this route? How disconnected is management? The move would be suicide! A major reason people use Firefox is because of privacy. The other major reason is because a user's privacy conscious child or grandchild installed it for them. That's your whole fucking userbase!
It's a shame too because they had the opportunity to double down on privacy. What with Apple caving to governments.
I was a fanboy who's been with you for nearly two decades You can check my comment history. I defended you through tough times, I've donated, and for what? A slap in the face.
You had it going with the rust rewrite and just floundered on every opportunity. You made Thunderbird pretty good and gave many hope, then floundered. You have some great devs, let them make great software
So where do we go now? What browser that isn't just a different color of chrome? Safari? No. Ladybird? Sea Monkey?
They sold out, Mozilla in name only. My plan is to switch my family to librewolf on Desktop and Brave on Mobile until better options appear. I'm a bit bitter about it. I've often been the only person in my org that insisted on Firefox.
_Exactly_ as you say, like a virus, whenever I visit family I will be switching out their browsers from Firefox to the next best thing.
> For instance, Mozilla said it may have removed blanket claims that it never sells user data because the legal definition of “sale of data” is now “broad and evolving,” Mozilla’s blog post stated.
> The company pointed to the California Consumer Privacy Act (CCPA) as an example of why the language was changed, noting that the CCPA defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”
Wow, I'm actually stunned that Mozilla straight-up admits that they're selling user data here and that's why they removed that language.
Good for them for being honest. Bad on them for selling user data.
So isn't this a good thing? The comments on here are more overwrought than rational and disinterested...
I honestly don't understand the insane levels of hate that Mozilla gets on HN and certain other corners of the internet. More than the most evil corporations on earth. I can only assume some of it is politically driven.
Firefox and Thunderbird are two of the last bastions of functional, accessible FOSS software in their respective spaces. The software landscape would be a lot more bleak without them.
It's important to hold Mozilla to account given their role (and this TOS roll-out was clearly a screw-up whatever way you look at it) but the amount of people jumping in saying that they are irredeemable now, that we must now stop using their software even if they backtrack on this, is counterproductive. And honestly I suspect a lot of the people saying that have also been saying it for years before any of this happened.
Mozilla's move synergizes with the surveillance security state that the previous admins were trying to fortify here. I understand Mozilla Corporation has to sell out to continue receiving funding, I just choose not to participate. Everything dies.
Too little too late.
I've been deeply studying "trust" for the past year, as part of a project around "Zero Trust". It's a core pillar in cybersecurity. Trust is very complex. Extremely hard won, easy to lose, practically impossible to rebuild.
Mozilla have blown it and there's no going back for that company. This is what happens when you let morally defective people take the reigns. My advice would be, dissolve it and use whatever money is left to start new projects for free-software browsers.
Mozilla's core major malfunction is that they are deceptive, as an organisational culture. No amount of hard work, careful words, money spent on PR will hide that odour, and whatever goodwill they show now will naturally be undone as they return to business as usual.
What complicates things is that large companies have incentive and resources to try to dissuade users from using completely free and open source browsers.
This makes it harder to trust messages about not trusting ie. Firefox.
There are certainly many enemies of Mozilla who've used disinformation and exaggeration to agitate against them.
From where I stand, Mozilla have done little to deflect that, everything to encourage it and generally been been their own worst enemy.
Taking on an operation like running Mozilla is not just running some random tech company that makes a browser. Standing up for software freedom is an ideological stance (in the best possible sense) and requires more capable people who are prepared to dig deeper, work harder, take risk, and stand up for what is right.
I do not see those people at Mozilla. Correct me if I'm wrong (and let's have their email) so I can apologise and invite them to discuss why Firefox is no longer a browser that I can trust.
You mean bundling the browser with the OS?
The whole thing confuses me is that why would Firefox as an browser (user agent) need that legal jargon to work. Hopefully Legal Eagle or similar channels would cover this, but they are too busy with politics at the moment?
Time to sue Intel for releasing chips that process our inputs as we request.
Well, no, see that's a great example of why this is a problem. If Intel sells you a CPU, it doesn't need a license to your data, because you give your data to your CPU in your computer. It would, in fact, be a huge red flag if Intel suddenly wanted a license to process your data, because they only need that if they're sending your data to them for processing.
(IANAL, corrections welcome if you can actually point to a law that says otherwise)
Sorry, I meant my comment to be taken sarcastically. I agree with everything you said.
Another TechCrunch [dupe] https://news.ycombinator.com/item?id=43213612
The guys at Chromium must be having a huge party right now with how well this coincides with the deprecation of Manifest V3 hitting the average user.
[dead]
> Mozilla rewrites Firefox's Terms of Use after user backlash
This looks like a deja-vu of Apple CSAM scanning.
"We didn't mean it".
They didn't actually change anything, they just tried to clarify what had made people panic about things they never intended to do.
At least, that's how I read it. IANAL.
Or Unity
I would love that detractors explain what data is being sold, exactly. Because it's the same data that you have willingly given them by using their _services_. The only change with the product is "for the purpose of doing as you request", which is the definition of an User Agent.
Sounds like the blog post shows that they are explicitly selling user data. Specifically data relating to the ads they show in the browser. They claim it's carefully anonymised and aggregated, but they are selling it nonetheless. The blog post is a nonsequitar with the claims in the updated 'TOS', which make no sense because they don't need a license for an executable on your PC to process and send data to the website's your visiting in line with what's expected of a web browser, only a license if they are also sending it to themselves or on behalf of themselves, which is not "what you intend" if you visit a web page or just open up a new tab.
> because they don't need a license for an executable on your PC to process and send data to the website's your visiting in line with what's expected of a web browser
You actually do. It's implied that by using the software you give it to the software to act to your agent, but you actually do have it. In court you would have to establish this behavior using context. Mozilla avoids all of that by making it explicit.
> only a license if they are also sending it to themselves or on behalf of themselves
Which again, the license still doesn't allow.
>In court you would have to establish this behavior using context.
Under what law? As far as I know neither copyright nor the various privacy laws care about what an executable on the user's machine is doing, as far as the liability of the company goes. They only care about what the company sees.
>Which again, the license still doesn't allow.
Which is why it doesn't make sense, especially when their privacy policy does spell out that they are selling data collected from the browser (not very much, but there certainly is some)
Someone better tell curl.
Damage is done. Their intention is clear. Mozilla name is toxic to common-sense privacy now.
If they acquired Tailscale, I'd stop using it.
If they endorsed ChaCha20, I'd question if it is backdoored.