What do I do now...
this post was submitted on 26 Feb 2025
385 points (97.1% liked)
Privacy
1023 readers
1107 users here now
Protect your privacy in the digital world
Welcome! This is a community for all those who are interested in protecting their privacy.
Rules
PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!
- Be nice, civil and no bigotry/prejudice.
- No tankies/alt-right fascists. The former can be tolerated but the latter are banned.
- Stay on topic.
- Don't promote proprietary software.
- No crypto, blockchain, etc.
- No Xitter links. (only allowed when can't fact check any other way, use xcancel)
- If in doubt, read rule 1
Related communities:
founded 3 months ago
MODERATORS
Fork
Time to start blocking all FF domains and IP addresses. Just like Facebook.
Sigh.
Is it so hard to just be an ethical company? Must every product and service become enshittified?
Couldn't they have just made these "features" an add-on that the user can choose to install (and agree to a separate ToS to use), rather than have it baked into the browser code?
There was a time when you could use the same piece of software or service for decades without worry. Now, I feel like I'm replacing software every few months because of enshittification.
Is it so hard to just be an ethical company?
Well, assuming by company you mean a for-profit entity, then yes.
I mean company*
*organisation, non-profit, for-profit, family-owned, corporation, etc.
Why is it so difficult to be ethical? Why the hell is being unethical rewarded by our society? We have everything so ass backwards.
There are lots of ethical non profits and organizations, with a big asterisk that of course ethics are relative.
Because in order to create a society that rewards ethical behavior, you have to get rid of the all the unethical people in positions of power and privilege, and they are the ones with the power to actually change society, because society rewards unethical behavior?
load more comments
(1 replies)
load more comments
(2 replies)
Before everyone freaks out over "terms of use = Firefox bad now" (I'm citing the actual Terms of Use and Privacy Notice)
I'll add emphasis as needed.
You give Mozilla all rights necessary to operate Firefox, including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate the internet. When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox.
This doesn't mean you're giving them a license to do whatever they want with your data, it means you're giving them the ability to use that data explicitly as you choose to navigate the web. (e.g. you use Firefox to make a post, they have to process those keystrokes through Firefox to send it to the server, and thus could require permission to do that in the form of having a license)
They explicitly have the license only to use the information in line "with your use of Firefox," and to "navigate, experience, and interact with online content." not to do whatever they want. They should have worded this better, but this isn't one of those "we own everything you ever put in your browser" kind of clauses.
If you give Mozilla any ideas, suggestions, or feedback about the Services, you give Mozilla permission to use them for free and without any additional obligations.
This is standard on basically every site, and kind of obvious. You shouldn't be able to say "you should do this thing," have them do it, and then say "actually I own the license to this and you have to pay me"
These Terms apply until either you or Mozilla decide to end them. You can choose to end them at any time for any reason by stopping your use of Firefox. Mozilla can suspend or end anyone’s access to Firefox at any time for any reason, including if Mozilla decides not to offer Firefox anymore. If we decide to suspend or end your access, we will try to notify you at the email address associated with your account or the next time you attempt to access your account.
Nothing requires you to stay in this contract after you stop using the services, and this is just reaffirming the fact that, yes, they can stop offering Firefox in the future if they simply can't sustain it, without somehow breaking contract. More legalese just to protect them from frivolous lawsuits.
Your use of Firefox must follow Mozilla’s Acceptable Use Policy, and you agree that you will not use Firefox to infringe anyone’s rights or violate any applicable laws or regulations.
You agree to indemnify and hold Mozilla and its affiliates harmless for any liability or claim from your use of Firefox, to the extent permitted by applicable law.
This basically just means "don't do crimes using our browser." Again, standard clause that basically everything has to make sure that nobody can claim in court that Firefox/Mozilla is liable for something a user did with their software.
To the extent permitted by applicable law, you agree that Mozilla will not be liable in any way for any inability to use Firefox or for any limitations of Firefox. Mozilla specifically disclaims the following: Indirect, special, incidental, consequential, or exemplary damages, direct or indirect damages for loss of goodwill, business interruption, lost profits, loss of data, or computer malfunction. Any liability for Mozilla under this agreement is limited to $500.
Standard liability clause, basically everything also has this.
And that's it. That's the terms of use. Nothing here is out of the ordinary, uncalled for, or unreasonable for them to have.
Now let's move on to the new Privacy Notice.
You have the option to use a third-party AI chatbot of your choice to help you with things like summarizing what you’re reading, writing and brainstorming ideas, subject to that provider’s terms of use and privacy notice.
If you choose to enable a chatbot in the sidebar and/or through a shortcut, Mozilla does not have access to your conversations or the underlying content you input into the selected chatbot. We do collect technical and interaction data on how this feature is used to help improve Firefox, such as how often each third-party chatbot provider is chosen, how often suggested prompts are used, and the length of selected text.
This just states that if you use the chatbots, you're subject to their policies, and also Mozilla will collect very light amounts of data to understand how often and to what degree the feature is used. The first part is functionally no different from saying "If you go to OpenAI's website and use ChatGPT, you'll be bound by their ToS." Yeah, of course you will, that's obvious.
Review Checker is a Firefox feature that helps you determine whether reviews are reliable when you shop online with sites like Amazon.com, BestBuy.com and Walmart.com. If you opt in to using Review Checker, Mozilla will process information about the website and the product identifier of the products you view using our privacy preserving technology called OHTTP. OHTTP combines encryption and a third party intermediary server, helping prevent Mozilla from linking you or your device to the products you have viewed. We also collect technical and interaction data on how this feature is used to help improve Firefox.
By opting in to using Review Checker you also agree to be shown product recommendations and sponsored content. If you do not want to receive product recommendations and sponsored content, you can opt out of this feature under Review Checker settings at any time.
Another optional feature that, if you choose to turn on and use yourself, will obviously have to collect data that is required for such a thing to work. It can't check reviews if it can't see the reviews on the website. As for the product recommendations and sponsored content, that's not desirable, but they do very clearly mention that you can just turn it off in settings.
You can install add-ons from addons.mozilla.org (“AMO”) or from the Firefox Add-ons Manager, which is accessible from the Firefox menu button in the toolbar. We process your search queries in the Add-ons Manager to be able to provide you with suggested add-ons. If you choose to install any add-ons, Firefox will process technical, location and settings data, and periodically connect with Mozilla’s servers to install and apply the correct updates to your add-ons. We also collect technical and interaction data on usage of add-ons, to help improve Firefox.
If you search on their site for extensions, they have to process your search, and if you need to install addons, they'll have to connect to Mozilla's servers and collect the relevant data to make sure the extensions are available where you are. Shocking. /s
Mozilla runs studies within Firefox and makes certain experimental features available through Firefox Labs to test different features and ideas before they’re made available to all Firefox users or become part of the core Firefox offering — this allows us to make more informed decisions about what our users want and need. This research uses technical, system performance, location, settings and interaction data.
We also need to process data to keep Firefox operational, improve features and performance, and identify, troubleshoot and diagnose issues. For this we use technical, location and settings data, as well as interaction and system performance data (such as number of tabs open, memory usage or the outcome of automated processes like updates). In the rare situations where the information needed also includes limited browsing data (e.g., Top Level Domain annotations for page-load performance monitoring), it will be transmitted using OHTTP; this helps prevent Mozilla from linking you or your device to the data collected for this purpose.
This has been around for a while already. If you choose to use beta features, then yeah, they'll collect some diagnostics. That's why it's in beta: to get data on if it's working properly.
Because maintaining the latest version of Firefox helps keep you safe against vulnerabilities, desktop versions of Firefox regularly connect to Mozilla’s servers (or another service that you used to install Firefox) to check for software updates; updates for Android and iOS versions of Firefox are managed by Google’s Play Store and Apple’s App Store, respectively.
We also process technical data and settings data to protect against malicious add-ons. In addition to these standard processes, we use Google’s Safe Browsing Service to protect you from malicious downloads and phishing attacks, and validate web page and technical data with Certificate Authorities. As part of our work to improve privacy and security for all internet users, we collect technical data via OHTTP, to better understand, prevent and defend against fingerprinting.
Checking for updates and providing malicious site blocking requires connecting to servers to download the updates and having a list to block bad sites. Again, very shocking. /s
And that's basically it for that.
I seriously don't understand the reactionary attitude so many people have towards things like this. Read the policies yourself, and you'll see that their explicit purpose is either:
- Legally clarifying things to protect Mozilla from legal liability they shouldn't have, and frivolous lawsuits.
- Making sure it's clear that to do certain things, they have to, y'know, process the data for that thing.
- Explaining where different features might rely on parties outside Mozilla.
None of this is abnormal.
For me the problem is the use of the phrase "to help you..." because I think that means something different, something more, than what you're saying it means. That's not a phrasing that evokes, to me, the deterministic nature of the way a web browser operates (or used to operate). Traditionally, I give a web browser a command and it executes it, such as "go to this web address" or "print this page" or "save this as a bookmark". Helping me, on the other hand, would involve some processing of data to attempt to understand my desires. I don't want Mozilla or Firefox to be doing that at all.
Maybe it's just "readable" language that is read much more narrowly legally to mean just what you're saying. But maybe it opens the door for Mozilla to use it to help me experience online content by learning my habits and demographics in order to lead me to places I indicated I would be interested in by my use of the browser.
load more comments
(3 replies)
Great analysis you did there of the terms of use and the privacy notice! Just as soon as I read the title of the post I knew people would have a knee-jerk reaction to it. We can blame them for not actually going to read exactly what it is about, but I can't blame them for the pessimistic point of view, although it seems to be very prevalent around Lemmy where you are supposed to hate everything and everyone that does something against their opinion. I wish people would try to put more attention into not being manipulated on their opinions by every sentence they read, specially when it aligns with their beliefs.
Again, thank you for putting the effort of sharing your opinion and checking the ToU.
I feel like everyone would have the knee jerk reaction. It's how you think about it and actually respond that's important.
But that initial stomach drop feeling is pretty natural. On its own without context, that's scary af
load more comments
(1 replies)
Thank you, this is a great take and exactly how I'm reading all this as well. People need to stop reacting to headlines and actually read what they're arguing about.
Yeah this is a crazy amount of backlash for what the policy actually is.
Personally, I've never seen a Terms of Service about granting any software a license to do things on my own device before.
- I have a monitor, I don't think I signed a Terms of Service that says I gave it a worldwide license to function by piping video from an HDMI cable onto its panel.
- I don't think I signed a Terms of Service for my keyboard to send royalty-free keystroke signals to a USB port.
- I don't think I signed a non-exclusive license for my mouse to transfer motion detection into USB signal output either.
Is this normal? Have I just not been looking in the right places?
I'm not an expert, so take what I say with a grain of salt, but here's what I feel has been more and more the case... It's interesting that the examples you set are all hardware communicating with other hardware. That is a key point because any company selling you those devices can easily defend themselves legally if you decide to sue them for using your data just by saying "how else would we get the device working? It is fundamental to read your data to make the device do what is advertised for" and the case would be dropped faster than my dog comes when I open his food. Now imagine the keyboard company is caught sending the key strokes to their servers... Without a good terms of use contract they would lose immediately against legal action. And even a terms of use contract might be considered null if it is proven to be abusive or something.
When it comes to a software company things get a lot blurrier. It's harder to define the needs for some actions and how things could work vs how they work. So I think it's not uncommon to have this kind of clauses in such cases, specially for getting user data for maintenance and so on. It was less common in the past but as there are more practical cases and experience of where the law draws lines and limits this kind of additions and edits of user contracts are becoming pretty normal.
You make a fair point, and I think I did stumble into a bit of an apples and oranges comparison here.
As far as I know, though, even software with expansive functionality – including other web browsers, and whole operating systems like Linux itself – don't have these types of TOSes either. And if we look at Linux in particular, several flavors of it are maintained by some pretty big companies. Red Hat and Ubuntu are heavyweights in the server industry; they're not as big as Microsoft, perhaps, but I imagine they have their own legal teams.
load more comments
(1 replies)
You're correct that this isn't exactly common practice, but it does generally make sense from the stance of legal protectionism. Mozilla just wants to make sure that no maliciously inclined user can try and argue that Mozilla didn't have a right to use the content they put in the browser, when the browser could only do what that user wanted by putting that data in.
It's not exactly necessary based on existing precedent, but to me at least, it seems like they're preparing for situations where cases are brought and try to argue based on things that don't have existing precedent. For instance, if you look at how new a lot of the arguments and defenses of AI are in court, if a user tried to argue that Mozilla didn't have permission to send their data to an AI company if they highlighted some text and sent it to the AI sidebar, there's a chance the court wouldn't go based on existing precedent, and instead try to argue based on if Mozilla had a right to send that data, which this clause would then clearly, very objectively cover.
TLDR; I personally don't think they really needed to do it, but it doesn't functionally change anything about what they're capable of doing compared to before.
People aren't reading the actual EULA, just a headline and maybe, if you're extra lucky, the article where a third party tells them what to think about it.
If its all normal shit that is totally needed to operate then why didn't they need an agreement before now?
Most of what I put in my comment was there beforehand. (most of it was the Privacy Notice, not the brand-new Terms of Use)
I simply wanted to cover as much as possible since I figured most people hadn't read the whole document. Apologies if it seemed like everything I was covering was brand new.
To be fair though, not all of it is necessary, but it does provide a benefit such that most companies will use it because it keeps things from getting too ambiguous, legally speaking. Most of the changes Mozilla made seem to just be clarifying existing things that should generally be obvious, to ensure that any frivolous legal argument against them is very clearly able to be dismissed.
load more comments
(13 replies)
What in the everloving fuck?