The scare quotes here are uncalled for: it is privacy-preserving. The approach allows measurement without disclosing who, specifically, did what with the ad.
The best objection to these proposals isn't privacy, it's that a browser vendor is lifting a finger for advertisers. I guess the fundamental question there is if we prefer to outright shut down online advertising, or give it the tools it needs to be less bad. Opinions differ, but all major browser vendors are in the latter category.
> The scare quotes here are uncalled for: it is privacy-preserving.
It is strictly less privacy-preserving than not implementing this "feature" that has zero benefit to the user running the browser. At the very least it pings yet another third party, most likely it effectively leaks much more.
> The best objection to these proposals isn't privacy, it's that a browser vendor is lifting a finger for advertisers. I guess the fundamental question there is if we prefer to outright shut down online advertising, or give it the tools it needs to be less bad. Opinions differ, but all major browser vendors are in the latter category.
That is a very very generous assumption of the browser makers' goals. Particularily when one of them IS an online advertising company and another one is almost exclusively funded by said advertising company. They do not deserve the benefit of the doubt.
Only IF it is correctly implemented. And only if you trust all relevant parties involved in this feature.
And honestly, whenever I see that something has been anonymized I assume it isn't. Mostly because the industry has a terrible track record, secondly because the incentives are almost always misaligned to begin with.
I'd trust mozilla more than most, but not enough to give them free rein and opt in things for me. I don't (yet) know enough specifics on this matter to make an informed decision, but if it weren't for hn I'd have missed this.
I doubt firefox would ask the user after install (again, incentives).
I should go through all options for every update (not just for firefox). But I can't, I don't have enough time. I need to be able to put some trust into the software I use, and things like this erode that trust.
My problem with this is that ideally, software I deign to run on my computer acts with only my interests in mind. The overarching goal of these changes is not to preserve my privacy, but rather to help advertising companies to learn something about how I interact with their ads. I don't care that Mozilla's particular implementation is not as bad for my privacy as it could be, I only care that their motivation has switched from acting in my interests to acting in the interests of advertising agencies.
> it's that a browser vendor is lifting a finger for advertisers
This is it. We're polluting the web browser with even more bullshit so that companies can squeeze a few pennies out when someone visits a page.
It was bad enough when pages are loaded with tracking cookies and JavaScript but at least you can block those. Now we get browser functionality on by default cooperating with advertising networks. Insane.
> I guess the fundamental question there is if we prefer to outright shut down online advertising, or give it the tools it needs to be less bad.
You mean online tracking, not advertising.
Advertising without tracking has existed for as long as commerce has existed. The elimination of tracking is not a threat to advertising. Historically, tracking is a very recent "innovation", an unwelcome one IMO.
> I guess the fundamental question there is if we prefer to outright shut down online advertising, or give it the tools it needs to be less bad.
We've been giving advertisers new tools for 20 years. Over that time advertisements have only gotten worse. The less bad state is a myth. There's no economic incentive to be less bad.
The scare quotes are useful, because the real story is that Firefox is enabling ad measurement by default. It’s an opt-out system being forced on users. They also claim it’s “privacy preserving,” but that’s a qualifier that deserves scrutiny, especially in an opt-out system. If it was really privacy preserving, why isn’t it opt-in?
I remember when Browsers were User-Agents and worked for the sole benefit of the user. These days they are Advertisement-Agents. And especially for Firefox to survive Mozilla should go down the road of being a user agent and a user agent only. What other use is there for firefox? It's not faster, it's soon not going to be more private and it is less secure than chromium based browsers.
Incredible that this is the #1 post on HN. The slightest amount of basic research what this functionality does is absent, combined with the obviously ignored knowledge WHY firefox still has any users at all.
Glad the whole thread was apparently flagged to death though. I'd guess 90% of firefox users already turned that off and are actively looking for the next best alternative.
> if we prefer to outright shut down online advertising
This would be my preferred outcome no doubt. And after widespread adoption of content blockers like uBlock Origin, the next step should be mass adoption of webpage mirrors (like archive.is and Wayback Machine do now, but more comprehensive), and stop giving impressions to read-only websites.
In this sense, paywalls are a blessing in disguise: I don't ever visit wsj for example and thus any articles from it must be read from archive.is. But reading from mirrors should be more widespread, even for websites not behind a paywall.
If browsers want to improve the situation regarding ads, besides bundling and automatically enabling content blockers, they should also provide integrations to mirrors like archive.is to go further than that and not even risk a page access to ad-infested sites.
> or give it the tools it needs to be less bad.
However there are more than two options. If society reach a compromise to ban targeted ads, this doesn't shut down advertising completely but sets it back to TV-era levels of analytics. This discussion should have happened after Cambridge Analytica.
> Opinions differ, but all major browser vendors are in the latter category.
I thought Chrome were in the business of making sure ads stay bad.
> if we prefer to outright shut down online advertising
Yes, please. Both online and offline. Advertising is probably the most useless, annoying and wasteful industry out there.
We could have pull-only databases of businesses, products and services instead. Ideally, with independently verified, fact-checked information and authentic reviews. Realistically though, this kind of objectivity would probably be infeasible to enforce and maintain. But even if we allow for misinformation, paid rankings and whatnot, the point stands: any such database should follow a pull-only model, users access it voluntarily to search for products and services and it's not an unsolicited broadcast to everyone everywhere all the time.
> if we prefer to outright shut down online advertising, or give it the tools it needs to be less bad
It's not like we've just invented this new advertising thing and are now struggling to make it fit the internet. We've been living with it for decades now, and over all this time that industry haven't expressed even a slightest desire to be "less bad" in any meaningful way. I think we can safely set aside the idea that they don't do it because they just didn't have any tools. No, they don't do it because they are doing just fine without it, and they have zero motivation to do it. And a lot of motivation - billions upon billions of dollars of motivation - to keep doing exactly what they are doing, or worse.
"Privacy-enhancing/preserving", mhh, it's rather "Mozilla launches new tools to help advertisers stay compliant with latest regulations".
It's not to protect privacy, because to protect privacy there is already a solution: it's to block the ad hosts and not talk to them at all (anti-fingerprinting techniques don't work).
"The approach allows measurement without disclosing who, specifically, did what with the ad."
If this is "privacy", then it appears so-called "(ad) tech" companies are attempting to redefine the term.
Question for readers: Is knowing the identity of a person a prerequisite for that person to lose (some) privacy.
Consider the dictionary definition:
Webster's: "The state of being in retirement from the company or observation of others; seclusion."
Wordnet, from the Cognitive Science Laboratory at Princeton: "the quality of being secluded from the presence or view of others [syn: {privacy}, {privateness}, {seclusion}]"
Example:
A person in a building in a large city on a busy pedestrian street draws the curtains or blinds in a window facing the street to prevent passers by from seeing in. The passers by do not know the identity of the person(s) inside.
The scare quotes around "privacy-preserving" are justified. The act of allowing measurement destroys some privacy. It is less private to let people on the street see into the building.
Allowing measurement destroys privacy. How can marketers make it easier to swallow. Using a term like "privacy-preserving" is obviously deceptive, it is sleight of hand to conceal the frog boiling. This is not Mary Poppins. You are not being given a spoon full of sugar to help the medicine go down in a delightful way. It's poison in small doses. Eventually, the frog will die.
The "frog" is the concept of your privacy. The notion of "privacy" for so-called "tech" companies is not being targeted. Even when courts ask them to share what they are doing, they evade such discovery claiming it would put them at a competitive disadvantage: they might ultimately lose money. Whereas if opening yourself up to 24/7 observation causes you to lose some advantage and ultimately to lose money, then your loss is their gain.
There are certain risky activities in life that some folks choose not to engage in. These activities can be made "safer" and even "safe enough" that many will choose to do them despite the risk. But it does not remove all the risk. There are endless examples. Skydiving, bungy jumping and so on all the way down to relatively mundane stuff. But in almost every case, there is an incentive to participate. There is a "reward" for taking the risk.
The incentives for Mozilla, "ad tech" and all those who support this nonsense "business model" based on surveillance is easily discernable. Finding an incentive for anyone using a web browser to want to participate in this "measurement" requires mental gymnastics.
And so it must be opt-out. No one would knowingly subject themselves to such needless observation.
I was looking at this when I upgraded and that setting does not need to be there. If it was off by default, no one would feel the need to locate that check box and enable it. So just turn it off, remove it from settings and yank the code.
The language is even rather vague and Mozilla seems to good a long way to avoid explaining that this is the alternative Google has designed for Chrome to replace tracking via third party cookies (Protected Audience API I believe). Now it is better than third party cookie, but having neither is best.
This is not the same as Protected Audience API which Mozilla have been very critical about [0], this is something they have worked on with Meta over the past couple of years. If you press the read more button there you go to this page [1] that explains it more.
I didn't even know that setting was there until I saw this post. Seems pretty sneaky to have a thing like that enabled by default.
In comparison, when Chrome pushed out ad privacy setting update[1], there was a popup that asked users to make a choice before moving on, so there was no surprise as to what changed.
It's better for a browser feature the user has some control over to be the implementation point for this than incentivizing site owners to come up with novel tracking strategies.
The gist of it is that Mozilla and ISRG now proxy the tracking data and give aggregated reports to advertisers. And that they handle the data in a way so that neither Mozilla nor ISRG alone can access the unaggregated data:
Our DAP deployment is jointly run by
Mozilla and ISRG. Privacy is lost if
the two organizations collude
I wonder if this is really the only way privacy can get lost. What if an advertiser uses an ad ID only once for real (specifying a specific user) and then sends 999 fake impression signals for that ID to Mozilla? When they get the aggregated data for the 1000 impressions, they would be able to deduct who did the one real impression, no?
Overall that seems decent as far as privacy is concerned, though there are 2 things I don't like about it.
1. It relies on an 'aggregation service', which you'd better hope is trustworthy because they seemingly get all info about what 'impressions' you had and what 'conversions' you caused.
2. This is the browser acting on behalf of advertisers. It's nice there's a way for people to help companies benchmark their ads, but this really shouldn't be something a user agent does without being explicitly told to.
I actually think this is a great initiative. Let's be honest, ads and ad tracking is not going anywhere, and Mozilla is trying to come up with a version of that which isn't terrible. And this sounds reasonable.
Search in settings in firefox seems to have a bug. Searching for "adver" gives no hits related to this, despite this setting being under a header labeled "Website Advertising Preferences"
I've been using Firefox for more than 20 years since the Phoenix days, even when it was cleary slower than Chrome (it still is but the diferences are minimal )
I'm not acting surprised, but I think it's more than time to start looking into a viable alternative.
It's "Chromium" (?) still a thing? Do you guys know if there is a browser based on Firefox that doesn't have any of the BS Mozilla is putting into their browser?
I'm really praying for Ladybird but of course it's still not ready for prime time.
I use Librefox [1] on desktop and Mull [2] on Android. They're both basically patch sets applied to Firefox that remove tracking, proprietary blobs, and come with better defaults for privacy.
I use Brave on all platforms (fedora, osx, android). It's essentially chromium + built in ublock style blocking, with privacy defaults turned on throughout.
This is why whenever I install firefox, I first turn off wifi. Then I go through the settings and disable the ‘studies’ and other telemetry, etc, before switching the wifi back on. That will prevent the having to wait 30 days for the data to be deleted from Mozilla servers with it’s ‘on by default’.
I use ESR with pre-baked policy[0] stored in /usr/lib/firefox/distribution/policies.json before the installation/1st run. Configures cookies, studies, disables logins, credit cards saving, asking for location, promptimg for notifications, studies, pocket, telemetry etc. During 1st run, it installs all pre-defined extensions.
For some reason, changing search engine via policy no longer works, but that can be bypassed by auto-installed extension that changes search engine.
I believe librewolf updates very quickly, to be fair, it's really stock firefox with just some privacy/performance tweaks that are probably automatically enabled and then run through CI and then released.
The truely scary part of this isn't even the default "feature", It's the utter failure of Mozilla to read the room. Knowing their users would feel betrayed and doing it anyway is what freaks me out. To me it spells trouble for them monitarily that they are willing to anger their core userbase for cash on hand.
As a loyal user, I didn't quite see this coming.
Under `Browser Privacy`, I have `Enhanced Tracking Protection` set to `Strict`.
I had studies turned off, when I go to `about:studies` it explicitly says: "No new studies will run.".
I have `Tell web sites not to sell or share my data` checked.
I have `Send web sites a “Do Not Track” request` checked.
It seems like Mozilla still thought it was okay to automatically add a "Allow web sites to perform privacy-preserving ad measurement" checkbox.
Yet with that all set, they seem okay to let it be checked by default, so they can send off my data!
They say:
"A small number of sites are going to test this and provide feedback to inform our standardization plans, and help us understand if this is likely to gain traction." - that sounds a lot like a study, and I've opted out of studies!
I did not consent, and as best I can tell, Mozilla has breached GDPR.
As best I can tell, Mozilla disregarded my preferences.
It seems they have violated these GDPR principles:
a lack of consent,
purpose limitation (unintended data use),
`Data protection by design and default` AKA `privacy by design` (by ignoring settings),
and right to object (disregarding preferences).
It is absolutely unfair to argue that it is not personal information about me.
It seems to me that they are lying, or at the very least twisting words so thin. My trust in them is vanishing.
There is no way to reliably verify their differential privacy, and even if there was, they still had no informed consent to collect the data and send it off.
To give controls to a user, and then totally ignore them, is what got Facebook in big trouble.
It really looks like Mozilla is not only not listening to explicitly stated user preferences, preferences that have been set intentionally, but it's outright ignoring them and doing the very opposite of what the users intention is!
If they thought that they had a good reason to do so, and that the ends justifies the means, they are so very wrong.
I have used Firefox for as long as it's existed.
For Mozilla, this is an almost sadistic own goal.
How did they think that this was going to be okay?
Did they think people would not find out?
There will have to be changes after this at Mozilla if they were to regain trust and I'm really sceptical they can do it.
I really want / wanted them to succeed but I don't see how.
I've supported Firefox as my daily-driver on desktop and laptop since 2016. I feel that a browser should be 100% open-source and used to feel FF also had it's USERS interest at heart. FF was what I relied on to continue to fight for internet privacy in your browser and the growing ad garbage on the web. FF + uBlock was great and made the web a joy for me. I would donate to FF if I could.
I've basically had enough of this. Commercialization has now infiltrated all browsers. There are none left (except for a few FF forks run by who knows). I put up with the many blunders FF has done over the past years like; "Mr Robot" incident, Tracking my default browser in Windows with a Scheduled Task that always comes back after updates, Studies are on-by-default, increasing tracking features added in that were Opt-Out and now THIS latest "anonymous" collection of my browsing habits sold to advertisers. This is appalling.
I'm tired of having to go through all the release notes and settings again to see what I have to disable this time on my own devices plus my clients FF installs and family I've recommended FF to. I can do that with Edge or Chrome.
I'm out FF. I uninstalled FF 128 from my PC fully today (and any others I help support) and will try out Vivaldi for a bit (they seem still pretty grounded DESPITE it not being 100% open-source). and if that doesn't meet my needs I will just use Edge. I'd try Brave but again that is an advertising company at this point that also pitches crypto.
It is a sad day for me. I really am holding out hope for Ladybird next at this point because I don't think FF ever goes back now to it's stand and to what it represented.
There is a lot fire directed at Mozilla on HN. I'm not saying I support or can make sense of all of their decisions but I'd love for someone in the criticizers camp to explain what steps they would take to make Mozilla and the continued development of Firefox a financially sustainable and independent endeavour.
> but I'd love for someone in the criticizers camp to explain what steps they would take to make Mozilla and the continued development of Firefox a financially sustainable and independent endeavour.
Let me give them money. Either straight-up take donations to fund firefox development, or sell a "Firefox Pro" that doesn't have these stupid anti-features. But don't refuse to take money from users and complain that because you don't take money from users you're "forced" to screw them over.
I have some ideas of varying quality. Others have been mentioned in the thread.
Really, though, it’s not like me or any of the commenters are being paid millions a year to fix these problems. If I were being paid $6,903,089 I feel like I might be well-equipped to fix them.
They've been pulling in half a billion dollars per year for 15 years. They should have budgeted to invest part of that money to build a development trust fund.
Could it be them disregarding users preferences over and over again or claiming to stand for privacy while siphoning your data at every opportunity. Sure will be hard finding an example of that behavior.
Pretty much yes though this one is far more privacy-minded, where FLoC was just a thinly-veiled attempt at business as usual.
I turned it off immediately nonetheless. One thing to note though is that the switch doesn't exist in mobile Firefox. And it's not clear to me whether that means the feature doesn't exist at all or that I just can't turn it off?
Anybody know if it's possible to turn this off at build time and how? This seems like a thing we ought to have a conversation about with the distro maintainers.
This might be a stupid question but who exactly gets access to that data? What's the process for getting said access? I guess it's paid but is it accessible to most ad networks or just the big players? (I can see upsides and downsides either way)
I’ve begrudgingly kept this enabled because if this works users are a lot better off, cannot be manipulated as they are currently, and it frees up the browser makers to break all the ways people are being tracked, pointing advertiser networks to this alternative.
I have a website. If I wanted to take advantage of this being on in my visitors browser (I really don't), what would I do? How do I use this? What exactly is it?
I'm curious (I know nothing about the tech): is this "privacy-preserving ad measurements" too complicated for the EU investigate and for law-makers to understand (is that the point)? Or designed to get the most data in the most GDPR-compliant way?
It would have been less alarming if the Firefox 128 release had shared more of that info. All I see is this:
> Firefox now supports the experimental Privacy Preserving Attribution API, which provides an alternative to user tracking for ad attribution. This experiment is only enabled via origin trial and can be disabled in the new Website Advertising Preferences section in the Privacy and Security settings.
Which (1) isn't clear if my installation is opted-in or out (what exactly does 'supports' mean? am I in the 'origin trial'?), (2) how to check or disable it--what/where are the configuration settings? Opaqueness doesn't go well with privacy-preserving. It gives a sense of bias which erodes trust.
Mozilla has enough money to run Firefox for a decade without accepting any additional money if they stop spending money left and right on non-relevant things.
Leaving the ethical discussion aside; from a practical standpoint this won't impact anyone worried about privacy using Firefox unless they insist on not using an ad-blocker (which would be add odds with caring about privacy¹). This feature would only be used if you click on (or perhaps just encounter?) an ad and eventually buy something on the target website.
1: Or just caring about your mind constantly battling distractions.
doe_eyes|1 year ago
The best objection to these proposals isn't privacy, it's that a browser vendor is lifting a finger for advertisers. I guess the fundamental question there is if we prefer to outright shut down online advertising, or give it the tools it needs to be less bad. Opinions differ, but all major browser vendors are in the latter category.
account42|1 year ago
It is strictly less privacy-preserving than not implementing this "feature" that has zero benefit to the user running the browser. At the very least it pings yet another third party, most likely it effectively leaks much more.
> The best objection to these proposals isn't privacy, it's that a browser vendor is lifting a finger for advertisers. I guess the fundamental question there is if we prefer to outright shut down online advertising, or give it the tools it needs to be less bad. Opinions differ, but all major browser vendors are in the latter category.
That is a very very generous assumption of the browser makers' goals. Particularily when one of them IS an online advertising company and another one is almost exclusively funded by said advertising company. They do not deserve the benefit of the doubt.
tjoff|1 year ago
And honestly, whenever I see that something has been anonymized I assume it isn't. Mostly because the industry has a terrible track record, secondly because the incentives are almost always misaligned to begin with.
I'd trust mozilla more than most, but not enough to give them free rein and opt in things for me. I don't (yet) know enough specifics on this matter to make an informed decision, but if it weren't for hn I'd have missed this.
I doubt firefox would ask the user after install (again, incentives).
I should go through all options for every update (not just for firefox). But I can't, I don't have enough time. I need to be able to put some trust into the software I use, and things like this erode that trust.
tgvaughan|1 year ago
hypeatei|1 year ago
This is it. We're polluting the web browser with even more bullshit so that companies can squeeze a few pennies out when someone visits a page.
It was bad enough when pages are loaded with tracking cookies and JavaScript but at least you can block those. Now we get browser functionality on by default cooperating with advertising networks. Insane.
lapcat|1 year ago
You mean online tracking, not advertising.
Advertising without tracking has existed for as long as commerce has existed. The elimination of tracking is not a threat to advertising. Historically, tracking is a very recent "innovation", an unwelcome one IMO.
AlexandrB|1 year ago
We've been giving advertisers new tools for 20 years. Over that time advertisements have only gotten worse. The less bad state is a myth. There's no economic incentive to be less bad.
madeofpalk|1 year ago
It is net negative though.
It is more privacy-preserving to just not implement this in the first place.
It is baffling why Firefox ships with this on by default. Even Chrome prompted users with a (misleading) dialog box to turn it on or off.
rpastuszak|1 year ago
90% of Mozilla’s revenue, ca. $500,000,000 comes advertising partnerships (almost exclusively Google)
https://untested.sonnet.io/Defaults+Matter%2C+Don't+Assume+C...
My point is: it’s not just lifting a finger for advertisers. It’s deception. Defaults matter.
zihotki|1 year ago
It's that an ads vendor is lifting a finger for ads. Mozilla is an ads vendor now - https://blog.mozilla.org/en/mozilla/mozilla-anonym-raising-t...
chatmasta|1 year ago
Symbiote|1 year ago
dtx1|1 year ago
firebaze|1 year ago
Glad the whole thread was apparently flagged to death though. I'd guess 90% of firefox users already turned that off and are actively looking for the next best alternative.
RobotToaster|1 year ago
Internet advertising worked fine before user tracking, it was just based on the contents of the webpage.
Before that it existed in newspapers and magazines for over a decade, without advertisers insisting the publisher spy on each of their readers.
lkdfjlkdfjlg|1 year ago
The best objection is that I want my software to work for me, not for someone else. Simple.
nextaccountic|1 year ago
This would be my preferred outcome no doubt. And after widespread adoption of content blockers like uBlock Origin, the next step should be mass adoption of webpage mirrors (like archive.is and Wayback Machine do now, but more comprehensive), and stop giving impressions to read-only websites.
In this sense, paywalls are a blessing in disguise: I don't ever visit wsj for example and thus any articles from it must be read from archive.is. But reading from mirrors should be more widespread, even for websites not behind a paywall.
If browsers want to improve the situation regarding ads, besides bundling and automatically enabling content blockers, they should also provide integrations to mirrors like archive.is to go further than that and not even risk a page access to ad-infested sites.
> or give it the tools it needs to be less bad.
However there are more than two options. If society reach a compromise to ban targeted ads, this doesn't shut down advertising completely but sets it back to TV-era levels of analytics. This discussion should have happened after Cambridge Analytica.
> Opinions differ, but all major browser vendors are in the latter category.
I thought Chrome were in the business of making sure ads stay bad.
barnacs|1 year ago
Yes, please. Both online and offline. Advertising is probably the most useless, annoying and wasteful industry out there.
We could have pull-only databases of businesses, products and services instead. Ideally, with independently verified, fact-checked information and authentic reviews. Realistically though, this kind of objectivity would probably be infeasible to enforce and maintain. But even if we allow for misinformation, paid rankings and whatnot, the point stands: any such database should follow a pull-only model, users access it voluntarily to search for products and services and it's not an unsolicited broadcast to everyone everywhere all the time.
smsm42|1 year ago
It's not like we've just invented this new advertising thing and are now struggling to make it fit the internet. We've been living with it for decades now, and over all this time that industry haven't expressed even a slightest desire to be "less bad" in any meaningful way. I think we can safely set aside the idea that they don't do it because they just didn't have any tools. No, they don't do it because they are doing just fine without it, and they have zero motivation to do it. And a lot of motivation - billions upon billions of dollars of motivation - to keep doing exactly what they are doing, or worse.
unknown|1 year ago
[deleted]
rvnx|1 year ago
It's not to protect privacy, because to protect privacy there is already a solution: it's to block the ad hosts and not talk to them at all (anti-fingerprinting techniques don't work).
ibejoeb|1 year ago
Doesn't this break most modern methodologies. Can I do next best action without knowing who did what?
ants_everywhere|1 year ago
RockRobotRock|1 year ago
EasyMark|1 year ago
1vuio0pswjnm7|1 year ago
If this is "privacy", then it appears so-called "(ad) tech" companies are attempting to redefine the term.
Question for readers: Is knowing the identity of a person a prerequisite for that person to lose (some) privacy.
Consider the dictionary definition:
Webster's: "The state of being in retirement from the company or observation of others; seclusion."
Wordnet, from the Cognitive Science Laboratory at Princeton: "the quality of being secluded from the presence or view of others [syn: {privacy}, {privateness}, {seclusion}]"
Example:
A person in a building in a large city on a busy pedestrian street draws the curtains or blinds in a window facing the street to prevent passers by from seeing in. The passers by do not know the identity of the person(s) inside.
The scare quotes around "privacy-preserving" are justified. The act of allowing measurement destroys some privacy. It is less private to let people on the street see into the building.
Allowing measurement destroys privacy. How can marketers make it easier to swallow. Using a term like "privacy-preserving" is obviously deceptive, it is sleight of hand to conceal the frog boiling. This is not Mary Poppins. You are not being given a spoon full of sugar to help the medicine go down in a delightful way. It's poison in small doses. Eventually, the frog will die.
The "frog" is the concept of your privacy. The notion of "privacy" for so-called "tech" companies is not being targeted. Even when courts ask them to share what they are doing, they evade such discovery claiming it would put them at a competitive disadvantage: they might ultimately lose money. Whereas if opening yourself up to 24/7 observation causes you to lose some advantage and ultimately to lose money, then your loss is their gain.
There are certain risky activities in life that some folks choose not to engage in. These activities can be made "safer" and even "safe enough" that many will choose to do them despite the risk. But it does not remove all the risk. There are endless examples. Skydiving, bungy jumping and so on all the way down to relatively mundane stuff. But in almost every case, there is an incentive to participate. There is a "reward" for taking the risk.
The incentives for Mozilla, "ad tech" and all those who support this nonsense "business model" based on surveillance is easily discernable. Finding an incentive for anyone using a web browser to want to participate in this "measurement" requires mental gymnastics.
And so it must be opt-out. No one would knowingly subject themselves to such needless observation.
mrweasel|1 year ago
The language is even rather vague and Mozilla seems to good a long way to avoid explaining that this is the alternative Google has designed for Chrome to replace tracking via third party cookies (Protected Audience API I believe). Now it is better than third party cookie, but having neither is best.
This does not need to be in Firefox.
erk__|1 year ago
0: https://blog.mozilla.org/en/privacy-security/googles-protect...
1: https://support.mozilla.org/da/kb/privacy-preserving-attribu...
omoikane|1 year ago
In comparison, when Chrome pushed out ad privacy setting update[1], there was a popup that asked users to make a choice before moving on, so there was no surprise as to what changed.
[1] https://news.ycombinator.com/item?id=37401909 - Google Chrome pushes browser history-based ad targeting (2023-09-06)
shadowgovt|1 year ago
prime17569|1 year ago
To disable it on macOS: Safari > Preferences/Settings > Advanced > Uncheck "Allow privacy-preserving measurement of ad effectiveness"
To disable it on iOS: Settings > Safari > Advanced (scroll all the way down) > Turn off "Privacy Preserving Ad Measurement"
hamilyon2|1 year ago
I always knew that safari is no better than other browsers, but the overt deception is a new low.
ibejoeb|1 year ago
1. Does it disable measurement?
- or -
2. Does it disable the privacy-preserving feature, i.e., enable tracking?
What I really want to know: is it better for me to check the box or not?
ErigmolCt|1 year ago
TekMol|1 year ago
zihotki|1 year ago
slightwinder|1 year ago
So Mozilla becomes the treasure-guard? What prevents them from abusing or leaking the data in the future?
ollybee|1 year ago
shiandow|1 year ago
1. It relies on an 'aggregation service', which you'd better hope is trustworthy because they seemingly get all info about what 'impressions' you had and what 'conversions' you caused.
2. This is the browser acting on behalf of advertisers. It's nice there's a way for people to help companies benchmark their ads, but this really shouldn't be something a user agent does without being explicitly told to.
progval|1 year ago
lopis|1 year ago
0x0|1 year ago
entuno|1 year ago
It definitely works for other titles, but not for this new opt-out privacy related setting. How very convenient...
PedroBatista|1 year ago
I'm not acting surprised, but I think it's more than time to start looking into a viable alternative.
It's "Chromium" (?) still a thing? Do you guys know if there is a browser based on Firefox that doesn't have any of the BS Mozilla is putting into their browser?
I'm really praying for Ladybird but of course it's still not ready for prime time.
jksflkjl3jk3|1 year ago
[1] https://github.com/intika/Librefox
[2] https://f-droid.org/en/packages/us.spotco.fennec_dos/
cobertos|1 year ago
Waterfox and Librewolf seem to exist, and I imagine there's more Firefox forks out there. No idea on the state of things though
grantith|1 year ago
https://floorp.app/en
strix_varius|1 year ago
baggachipz|1 year ago
UweSchmidt|1 year ago
ScaredToUseName|1 year ago
voytec|1 year ago
For some reason, changing search engine via policy no longer works, but that can be bypassed by auto-installed extension that changes search engine.
[0] https://mozilla.github.io/policy-templates/
capybara_2020|1 year ago
I have all telemetry turned off but when I went and checked this "feature" was enabled by default with no notification it had been added.
jobigoud|1 year ago
bozey07|1 year ago
I really don't like Firefox forks, for the slow updates and because I do genuinely use some bleeding edge features, but I'm tired of Mozilla.
EasyMark|1 year ago
jumpCastle|1 year ago
puppycodes|1 year ago
metadat|1 year ago
"Firefox added [ad tracking] and has already turned it on without asking you"
https://news.ycombinator.com/item?id=40954535 (170 comments)
--
Also, there are two options to disable the ad tracking behavior:
1. Use LibreWolf instead — Advantage: This is also a long-term solution :)
2. Follow @thangalin's instructions to disable it in Firefox:
> Step 1. Visit about:config
> Step 2. Set dom.private-attribution.submission.enabled to false
Credit: https://news.ycombinator.com/item?id=40955221
martin_a|1 year ago
asicsp|1 year ago
voytec|1 year ago
Mozilla: How high?
mrweasel|1 year ago
hulitu|1 year ago
moffkalast|1 year ago
Google: You keep the antitrust division's fingers away from Chrome.
Mozilla: Ohmygod.
luke-stanley|1 year ago
I did not consent, and as best I can tell, Mozilla has breached GDPR.
As best I can tell, Mozilla disregarded my preferences. It seems they have violated these GDPR principles: a lack of consent, purpose limitation (unintended data use), `Data protection by design and default` AKA `privacy by design` (by ignoring settings), and right to object (disregarding preferences).
It is absolutely unfair to argue that it is not personal information about me. It seems to me that they are lying, or at the very least twisting words so thin. My trust in them is vanishing.
There is no way to reliably verify their differential privacy, and even if there was, they still had no informed consent to collect the data and send it off.
To give controls to a user, and then totally ignore them, is what got Facebook in big trouble.
It really looks like Mozilla is not only not listening to explicitly stated user preferences, preferences that have been set intentionally, but it's outright ignoring them and doing the very opposite of what the users intention is!
If they thought that they had a good reason to do so, and that the ends justifies the means, they are so very wrong.
I have used Firefox for as long as it's existed. For Mozilla, this is an almost sadistic own goal. How did they think that this was going to be okay? Did they think people would not find out? There will have to be changes after this at Mozilla if they were to regain trust and I'm really sceptical they can do it.
I really want / wanted them to succeed but I don't see how.
Scottn1|1 year ago
I've supported Firefox as my daily-driver on desktop and laptop since 2016. I feel that a browser should be 100% open-source and used to feel FF also had it's USERS interest at heart. FF was what I relied on to continue to fight for internet privacy in your browser and the growing ad garbage on the web. FF + uBlock was great and made the web a joy for me. I would donate to FF if I could.
I've basically had enough of this. Commercialization has now infiltrated all browsers. There are none left (except for a few FF forks run by who knows). I put up with the many blunders FF has done over the past years like; "Mr Robot" incident, Tracking my default browser in Windows with a Scheduled Task that always comes back after updates, Studies are on-by-default, increasing tracking features added in that were Opt-Out and now THIS latest "anonymous" collection of my browsing habits sold to advertisers. This is appalling.
I'm tired of having to go through all the release notes and settings again to see what I have to disable this time on my own devices plus my clients FF installs and family I've recommended FF to. I can do that with Edge or Chrome.
I'm out FF. I uninstalled FF 128 from my PC fully today (and any others I help support) and will try out Vivaldi for a bit (they seem still pretty grounded DESPITE it not being 100% open-source). and if that doesn't meet my needs I will just use Edge. I'd try Brave but again that is an advertising company at this point that also pitches crypto.
It is a sad day for me. I really am holding out hope for Ladybird next at this point because I don't think FF ever goes back now to it's stand and to what it represented.
shrimp_emoji|1 year ago
spencerflem|1 year ago
krelian|1 year ago
yjftsjthsd-h|1 year ago
Let me give them money. Either straight-up take donations to fund firefox development, or sell a "Firefox Pro" that doesn't have these stupid anti-features. But don't refuse to take money from users and complain that because you don't take money from users you're "forced" to screw them over.
subjectsigma|1 year ago
Really, though, it’s not like me or any of the commenters are being paid millions a year to fix these problems. If I were being paid $6,903,089 I feel like I might be well-equipped to fix them.
AlexandrB|1 year ago
ndriscoll|1 year ago
account42|1 year ago
Gee I wonder why...
Could it be them disregarding users preferences over and over again or claiming to stand for privacy while siphoning your data at every opportunity. Sure will be hard finding an example of that behavior.
spencerflem|1 year ago
Legit, this is the same FLoC we had to bully Chrome out of having. And now Ffx is putting it in sneakily by as an opt out default with no notice.
solardev|1 year ago
wkat4242|1 year ago
I turned it off immediately nonetheless. One thing to note though is that the switch doesn't exist in mobile Firefox. And it's not clear to me whether that means the feature doesn't exist at all or that I just can't turn it off?
progval|1 year ago
roca|1 year ago
natrys|1 year ago
gorbachev|1 year ago
https://news.ycombinator.com/item?id=15931730
This is in their DNA.
mardifoufs|1 year ago
pacifika|1 year ago
ErigmolCt|1 year ago
criddell|1 year ago
ChrisArchitect|1 year ago
More discussion: https://news.ycombinator.com/item?id=40952330
Phemist|1 year ago
fifteen1506|1 year ago
_flux|1 year ago
It seems it could be a more private way to implement such functionality, if applicable.
nicman23|1 year ago
karmakaze|1 year ago
Imagine if it was Apple doing this to Safari, it would certainly rile up more users even though it would be the same thing.
switch007|1 year ago
unknown|1 year ago
[deleted]
illiac786|1 year ago
[deleted]
karmakaze|1 year ago
> Firefox now supports the experimental Privacy Preserving Attribution API, which provides an alternative to user tracking for ad attribution. This experiment is only enabled via origin trial and can be disabled in the new Website Advertising Preferences section in the Privacy and Security settings.
Which (1) isn't clear if my installation is opted-in or out (what exactly does 'supports' mean? am I in the 'origin trial'?), (2) how to check or disable it--what/where are the configuration settings? Opaqueness doesn't go well with privacy-preserving. It gives a sense of bias which erodes trust.
dist-epoch|1 year ago
PhilipRoman|1 year ago
haunter|1 year ago
See Youtube Premium for example. Or just generally giving money to Google in any shape or form.
stranded22|1 year ago
Website publishers need to know what works and what doesn’t - otherwise they cannot improve nor generate revenue.
So, privacy preserving measuring? I’m in, well done Mozilla.
zihotki|1 year ago
Mozilla has enough money to run Firefox for a decade without accepting any additional money if they stop spending money left and right on non-relevant things.
unknown|1 year ago
[deleted]
Freak_NL|1 year ago
1: Or just caring about your mind constantly battling distractions.