Thanks everyone for your active participation here. We knew this would have a lot of interest and so we’ve waited to dive into the conversation because we see some themes emerging that I’ll respond to broadly here. The main concerns I’m noting are around the license agreements we declare, our use of data for AI, and our Acceptable Use Policy. Below are a few clarifications to each of these areas.
When you interact with your web browser as an application, the information you put into it - including any DNS queries or submitted data - is routed between your ISP, your DNS provider, and the provider of the website. And for non-mozilla websites then none of those are Mozilla.
“Firefox” as a browser sees that stuff, but “Mozilla” as an organisation, a busineas entity, does not need to see that.
Exactly the same that when you buy a bicycle you can ride it anywhere you like without the company who made the bike knowing where you are - sure they made the bike, but after that point, the relationship is over.
This is why historically there has not been any need to accept terms for a browser, because a browser is just a vehicle - what you use the browser for has actually no dependency with the company who made it.
A policy only starts to become necessary when the browser positions itself as an entity that you transact with directly; like creating an account to sync data with Mozilla services and store things in pocket, or to interact with AI services which Mozilla provides.
Effectively, mozilla have now started adding extra features to the bicycle which are useful but also need to communicate with Bike HQ to work. And they are being a little less than specific about what data that is or what they will do with it.
That’s what data usage policies are about - what data does Mozilla as an organisation collect, what do they use it for, and what third parties do they interact with to provide those services. And that’s what I’d hope to see, rather than a broad statement that in theory allows anything.
That’s the thing: you do interact with the web browser. It’s literally the first thing that has to happen before accessing the Internet.
You don’t type directly into Facebook; you don’t search Google directly. You type into a text box in web page rendered by your browser. Your browser handles the HTTPS encryption as well as sending everything you type to the next layer in the network stack. That’s what Mozilla’s policy is clarifying- the very act of typing data into Firefox means you’re giving data to Firefox, so they’re telling you what happens to that data when you do (which is not “send it to Mozilla”).
That’s what Mozilla’s response to the recent criticism tried to explain this as being, but that response itself is to me not at all plausible.
You do not need to give Firefox or Mozilla permission to “do” anything when you simply navigate to a website or perform a search, because the only entities involved in that transaction are yourself, your ISP and the website. NOT Mozilla.
To be super clear here: Yes, Firefox as an installed application has complete and total access and permission on anything you ever do or say or send, and always has done since day 1. And that is absolutely fine, because that data did not go back to Mozilla.
That’s how its been with web browsers since the web browser was invented - you don’t have to agree to let the browser do things for you, because just like a bike you are the one driving the browser and deciding where it goes and what requests the broswer makes when you drive it - you are in control.
The new terms and conditions have been added to cover data which is sent back from the browser to Mozilla, or to other partner services.
Your previous response couldn’t be more clear. At this point this guy is just trolling, and it’s never a good idea to feed trolls.
Again, as I’ve already pointed out this is not correct. You don’t interact with websites directly; you interact with them through your web browser.
Except you don’t know that. You can’t say what expectations you might have had with whatever data you provided because there was no policy published to say what Mozilla might have done with it. Now, there is.