this post was submitted on 04 Mar 2025
7 points (81.8% liked)

Discuss

266 readers
1 users here now

Welcome

Open discussions and thoughts. Make anything into a discussion!

Rules

  1. Follow the rules of discuss.online
  2. No porn
  3. No self-promotion

founded 2 years ago
MODERATORS
[email protected]
7
Mozilla rewrites Firefox's Terms of Use after user backlash (techcrunch.com)
submitted 1 month ago by [email protected] to c/[email protected]
9 comments fedilink hide all child comments
 

HN comments

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 1 month ago (2 children)

You see this situation completely differently than I do. Mozilla is historically bad at handling things correctly. When this first showed up in the news it was abundantly clear that Mozilla was just rewording the ToS because legal definitions had changed in the areas they operate in. Users interpreted this as the ToS changing when in actuality nothing at all was changing. This is par for the course. Mozilla does something, privacy people jump to conclusions and completely misunderstand something, especially if it involves legal, and then claim that FF is going down the drain.

Nothing has changed, Mozilla is required by law to change ToS when legal definitions change, even if literally nothing about the ToS changes. I really wish people would stop jumping to the conclusion that everything Mozilla does is bad. If you want to stop using FF then stop, but leave the people that actually pay attention to what’s happening alone.

[–] [email protected] 1 points 1 month ago (1 children)

This isn't a one-off thing, it's part of a trend, and that's the part that I'm worried about. If everything was peachy except for one small TOS change I'd shrug and say it was an oversight. Mozilla is dipping their toes into advertising though, which IMO has a corrosive effect that will keep nudging them towards privacy invasion. Here's a few examples:

They removed this section from the FAQ:

Does Firefox sell your personal data?

Nope. Never have, never will. And we protect you from many of the advertisers who do. Firefox products are designed to protect your privacy. That’s a promise.

Why would they go out of their way to remove that unless they're selling it or are planning to? (before and after)

And then the Firefox Privacy Notice states:

Mozilla collects technical and interaction data, such as the position, size, views and clicks on New Tab content or ads, to understand how people are interacting with our content and to personalize future content, including sponsored content. This data may be shared with our advertising partners on a de-identified or aggregated basis.

They're selling your data and it's opt-out, not opt-in. That's not cool IMO. They also bought an advertising company, and they're not doing that because they're moving away from advertising as a business model.

Yes, they're saying a few nice things about "privacy-preserving", but good anonymization is hard, they've got a clear trend towards advertising and making money off of selling your data, and there's no good reason for the trend to stop at "just the tip". So to wrap that all back around to the submitted article, here's what they changed to it first:

When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox.

That's super vague, does "selling my data to advertisers" count as "helping me experience online content"? I obviously don't think so, but does Mozilla agree? Here's the updated one after the backlash:

You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox. This does not give Mozilla any ownership in that content.

"Purpose of doing as you request with the content you input" is a lot better language that is less vague. It's not perfect (silently adding in opt-out features probably counts as "doing what I request"), but is still way better.

Which is all to say that I think this change was indeed cause for concern, the backlash helped improve the language, and that Mozilla no longer sparks joy.

[–] [email protected] 0 points 1 month ago (1 children)

Why would they go out of their way to remove that unless they’re selling it or are planning to? (before and after)

Why would they go out of their way to remove a section on their website that uses the word sell when they're legally obligated to use correct terminology according to the jurisdictions they operate in? I think the answer to that question is completely obvious, but since others might have missed it. They stated that sell now means something that it didn't in jurisdictions they operate in. Since that definition has changed they can't leave language up on the website that continues to use that word.

And then the Firefox Privacy Notice states:

that has been there for years. That's why this ToS stuff is nonsense. If people cared about it then it would have been a big deal when that was first added.

They’re selling your data and it’s opt-out, not opt-in. That’s not cool IMO. They also bought an advertising company, and they’re not doing that because they’re moving away from advertising as a business model.

Pocket is owned by Mozilla. It operates as a separate subsidiary, but they're sharing it with their 'partners' by sharing it with themselves. If you click on a Pocket link, then you will of course get whatever advertising and tracking you do on the pocket website. Since Mozilla owns Pocket they're notifying you of this.

Yes, they’re saying a few nice things about “privacy-preserving”, but good anonymization is hard, they’ve got a clear trend towards advertising and making money off of selling your data, and there’s no good reason for the trend to stop at “just the tip”.

please provide one piece of proof that they're selling your data. Mozilla is working pretty dang hard to make sure that the internet continues to exist without destroying users privacy. I've read over how the token aggregation works for their deanonymization and it's perfectly privacy preserving. If they just wanted to sell your data they would do that. They wouldn't go inventing new forms of privacy preserving deanonymization ad tokens.

Quoting someone on HN:

That lawyers are spooked. That's all there is. California changed the rules and that made every lawyer in an organization that can't have a portrayed legal battle with the state very nervous. Nothing in the language says that they can do things that they couldn't do before.

Quoting another person on HN:

Title is a complete lie/misleading. They get a license, not ownership.

Let's dissect what it actually says, and we do it backwards, because given the discussion around this subject it seems like people space out or have their mind clouded by outrage before they get to the end of the sentence:

help you [do things] as you indicate with your use of Firefox.

So this already only covers things that you indicate you want to do with your use of Firefox. Meaning that if you hit some button, Mozilla now has a license to process the data they need to make that button work and nothing more. That means unless you give them additional permission somewhere, they can't, for example, also store and process that information to train some AI model or whatever. All they're allowed to use it for is making whatever you interacted with work. Seems pretty reasonable.

to help you navigate, experience, and interact with online content

This further narrows the scope to websites and such you interact with (online content). It also says that license only covers "helping" you with these things. The part we looked at previously narrows this to your intent.

you hereby grant us a nonexclusive, royalty-free, worldwide license

So just a license. No transfer of ownership is happening.

When you upload or input information through Firefox

Note that this says "through". They're clearly only trying to cover their butt as an intermediary by obtaining a license to process your information to act as such an intermediary. Explicitly nothing more.

Putting it back together we get:

When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox.

Important part in cursive.

So broadly what is the license for?

license [..] to help you [..] as you indicate

Funnily enough if you actually read that thread someone tries to use Word as an example:

I don't have to grant Word a license to what I type in it. This is a highly unusual clause that other software doesn't have.

and is immediately proven wrong:

Yes you do.

From Microsoft's Services Agreement [1]:

To the extent necessary to provide the Services to you and others, to protect you and the Services, and to improve Microsoft products and services, you grant to Microsoft a worldwide and royalty-free intellectual property license to use Your Content, for example, to make copies of, retain, transmit, reformat, display, and distribute via communication tools Your Content on the Services.

That's broader than what Mozilla is asking for.

[1] https://www.microsoft.com/en/servicesagreement

Just the fact that the share button exists in word means they have this section just to cover their asses. This is just how ToSes work, and it's why people hate them so much.

Someone notes that the offline Office apps do not have this in their license, but they do, it's just explicitly called out in a separate document. Note, I pulled the 2016 Word License just to show that this has been a thing for a decade if not more. I'm too lazy to go pull it for further back.

[–] [email protected] 1 points 1 month ago

Well, I don't think we're going to convince each other. I don't really find hairsplitting about what "sell" means to be convincing though. That's the sort of defense you use when you don't have a better one.

Nor do I find "But they already did the bad thing, you should've complained then" convincing (fyi people did complain). Also, that's clearly forming the trend that I'm talking about. This is not one small mistake, it's part of a clear, multi-year trend.

Pocket is owned by Mozilla.

FYI the link is about Anonym. The beef isn't that Mozilla is selling data to them (because they own them now), it's that Mozilla's incentives no longer align with users', exactly because they own an advertising business now. It's corrosive and inevitably enshittifying.

Using Word as an example isn't really convincing either. Of course Microsoft is going to throw in every shitty thing they can, because they're Microsoft. That's what they do. It shouldn't be mentioned in the same breath as or used as a justification for anything Mozilla does. But also, using a word processor shouldn't require that in the TOS.

please provide one piece of proof that they’re selling your data.

"Mozilla's partners receive de-identified information about interactions with the suggestions they've served." I don't really care if they're "selling" it or "giving it away". Straight from the horse's mouth, they're doing things with my data I don't like. Saying "partners" only means "Pocket" which means "Mozilla" isn't convincing either, because there's no reason that can't change on a whim.

If they just wanted to sell your data they would do that.

No, they'd instantly tank. Enshittifying must be done carefully for them, they need to slowly boil their frogs. The trend is clear, though.

I’ve read over how the token aggregation works for their deanonymization and it’s perfectly privacy preserving

I've also read over the DES specification and it's perfectly secure. Except I'm not a cryptographer and my "verification" isn't worth anything. Even if it's perfect now, they will poke holes in that to maximize profit over time, because that's what they're incentivized to do now. Mozilla should fire anyone that thought advertising was a good business model, and align themselves with users' interests.

[–] [email protected] -3 points 1 month ago* (last edited 1 month ago) (1 children)

Mozilla was just rewording the ToS

No, because it's the first time they added a useless ToS to Firefox. The ToS is not changing, and that's the main worry, it is being created.

  • There was no ToS before, for 20 year and maybe more.
  • They don't need a ToS for Firefox only.
  • Its existence violates the first freedom of open-source applications: The freedom to run the program as you wish, for any purpose (aka "freedom 0").
  • They refuse to explain why they need one despite developers knowing fully well that it is not needed unless you're trying to do bad stuff.

Yes, something bad has changed. The whole organization was a mess but it never changed or involved Firefox. It has now and they pretend that we are too stupid or confused to understand what is happening.

If you want to stop using FF then stop

That's what I'm doing because it never was that bad. I already trusted Mozilla as much as I trusted Google, but it was fine since it never involved Firefox. I wish them good luck with their ads and AI experiments.

[–] [email protected] 3 points 1 month ago (1 children)

No, because it’s the first time they added a useless ToS to Firefox. The ToS is not changing, and that’s the main worry, it is being created.

There was no ToS before, for 20 year and maybe more. They don’t need a ToS for Firefox only. Its existence violates the first freedom of open-source applications: The freedom to run the program as you wish, for any purpose (aka “freedom 0”). They refuse to explain why they need one despite developers knowing fully well that it is not needed unless you’re trying to do bad stuff.

they've had a privacy policy for years and yet that wasn't a problem? Only the ToS is a problem?

Its existence violates the first freedom of open-source applications: The freedom to run the program as you wish, for any purpose (aka “freedom 0”).

lol no it doesn't. stop making shit up.

They refuse to explain why they need one despite developers knowing fully well that it is not needed unless you’re trying to do bad stuff.

they literally did explain, in the first paragraph, why they need one. People like you just refuse to believe it.

We need a license to allow us to make some of the basic functionality of Firefox possible. Without it, we couldn’t use information typed into Firefox, for example. It does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice

[–] [email protected] -2 points 1 month ago (1 children)

lol no it doesn’t. stop making shit up.

They literally restrict the usage of Firefox by applying their policies. It’s written.

We need a license to allow us to make some of the basic functionality of Firefox possible

Why are they doing stuff on my behalf instead of relying on the programming language that already does everything. That’s another lie of course. Mozilla does nothing but they pretend they do in order to get more data and credentials.

Mozilla should have no fucking role when someone uses Firefox.

And stop with the Sync crap, it has already been dealt with when the user subscribed to the service.

If you dont understand why people are pissed that a company demands any kind of overreaching control that has never existed so far, you must be working for Mozilla but it’s not very convincing.

[–] [email protected] 0 points 1 month ago

They literally restrict the usage of Firefox by applying their policies. It’s written.

They apply a license. that's how open source projects work. You said:

Its existence violates the first freedom of open-source applications: The freedom to run the program as you wish, for any purpose (aka “freedom 0”).

which is just fundamentally incorrect. go look at the GPL and look at how many restrictions there are. The same applies to every open source license. If you apply a license you by definition are restricting someone to follow that license. If you do not add a license to your project then your project is not open source and cannot be used due to how copyright laws work across the planet.

Why are they doing stuff on my behalf instead of relying on the programming language that already does everything. That’s another lie of course. Mozilla does nothing but they pretend they do in order to get more data and credentials.

what are you talking about...

Mozilla should have no fucking role when someone uses Firefox.

that's not how browsers work. go use Lynx if you want that.

And stop with the Sync crap, it has already been dealt with when the user subscribed to the service.

once again, what are you talking about? There is no subscription with Sync...

If you dont understand why people are pissed that a company demands any kind of overreaching control that has never existed so far, you must be working for Mozilla but it’s not very convincing.

Mozilla didn't demand any overreaching control, you're just incapable of understanding nuance and want to get outraged over everything.