Firefox maker Mozilla deleted a promise to never sell its users’ personal data and is trying to assure worried users that its approach to privacy hasn’t fundamentally changed. Until recently, a Firefox FAQ promised that the browser maker never has and never will sell its users’ personal data. An archived version from January 30 says:
Does Firefox sell your personal data?
Nope. Never have, never will. And we protect you from many of the advertisers who do. Firefox products are designed to protect your privacy. That’s a promise.
That promise is removed from the current version. There’s also a notable change in a data privacy FAQ that used to say, “Mozilla doesn’t sell data about you, and we don’t buy data about you.”
The data privacy FAQ now explains that Mozilla is no longer making blanket promises about not selling data because some legal jurisdictions define “sale” in a very broad way:
Mozilla doesn’t sell data about you (in the way that most people think about “selling data”), and we don’t buy data about you. Since we strive for transparency, and the LEGAL definition of “sale of data” is extremely broad in some places, we’ve had to step back from making the definitive statements you know and love. We still put a lot of work into making sure that the data that we share with our partners (which we need to do to make Firefox commercially viable) is stripped of any identifying information, or shared only in the aggregate, or is put through our privacy preserving technologies (like OHTTP).
Mozilla didn’t say which legal jurisdictions have these broad definitions.
Why wouldn’t they be optional? Every other change like this has been before.
Sorry I hope for the best. We’re speaking of terms. Terms are legal facts.
Terms of Service (ToS) are regularly not upheld in court, and their terms are worded so poorly that as written, it would not be a difficult case to defeat.
The Firefox specific terms for the precompiled binary link to a more general terms page meant to be additional parts, but the additional parts they link to specify that the additional terms only apply to use of Mozilla “services” (sync, vpn, etc). The concerning shit on the ToS lies in the terms for their services.
It’s a clear contradiction of scope, and unfortunately not Firefox’s first fuckup of this kind. So far, with a multi decade history, none of these contradictions have been used to fuck over their users.
They already have separate terms for use of the source code. Those are what making forks, and what compiling the source yourself, fall under. They do not make any reference to the services ToS. Use of the source is not effected by any of this so far, on a technical (can the bad shit be removed) and on a legal (are forkers allowed to remove) level.
Hacker News has some deeper discussion about the finer points of the ToS mess.
And apparently Mozilla has clarified that the wording changes in their summary (not the actual ToS) are because California’s definition of “sale” of information includes just communicaring it to a third party as part of normal operations support. Thanks again to Hacker News discussion of Mozilla’s latest statement.