Firefox CTO Bobby Holley has rebutted worries that the privacy-focused browser will be used by advertisers to collect user data. The goal is to create an industry-wide privacy-preserving mechanism that would keep both advertisers and users happy while moving away from predatory data collection practices.
Following the backlash regarding the addition of Firefox's new “Privacy-preserving attribution” (PPA) feature, which collects and aggregates anonymized user interaction data for advertisers, Holley admitted that the company should have communicated better about it.
In a detailed post on Reddit, Holley explained that Mozilla wants to address the internet's "massive web of surveillance.” Previously, Mozilla approached this problem with anti-tracking features that thwarted the most common surveillance techniques. However, that approach has two inherent limitations.
Advertisers have enormous economic incentives to bypass any countermeasures, leading to a perpetual arms race. Also, while blocking helps, Mozilla wants to “improve privacy for everyone,” not only people who use Firefox.
“Whatever opinion you may have of advertising as an economic model, it’s a powerful industry that’s not going to pack up and go away,” Holley said.
Instead of the current internet, where advertisers gather extensive personal data, Mozilla is working to create a system that could meet the bar of accomplishing advertisers' goals while protecting user privacy.
“We’ve been collaborating with Meta on this, because any successful mechanism will need to be actually useful to advertisers, and designing something that Mozilla and Meta are simultaneously happy with is a good indicator we’ve hit the mark,” Holley believes.
He assures that the PPA feature, introduced in Firefox version 128, is uncompromising on the privacy front, and only provides bare-bone functionality to advertisers. The experimental prototype has been in the works for several years now and is unrelated to the recent acquisition of AdTech company Anonym. The privacy properties “have been vetted by some of the best cryptographers in the field.”
The temporary prototype is also restricted to a handful of test sites and is expected to be extremely low volume.
“It’s about measurement (aggregate counts of impressions and conversions) rather than targeting,” the CTO said.
Holley also defended enabling the new feature by default, and considered consent dialogs to be a “user-hostile distraction from better defaults.”
“Digital advertising is not going away, but the surveillance parts could actually go away if we get it right. A truly private attribution mechanism would make it viable for businesses to stop tracking people, and enable browsers and regulators to clamp down much more aggressively on those that continue to do so,” he concluded.
Regardless, some users still expressed concerns about giving any information to advertisers, even if anonymized.
“If you give advertisers an inch they take a mile. If this system is in any way breakable, it will be broken. If a person can be bribed to de-anonymize the data, they will and if that can't be they will be replaced,” one Reddit user worried.
Holley explained that there’s no tracking in the feature, and nobody outside the local machine gets individualized data, just aggregate counts.
Holley also assured users that no money is changing hands between Meta and Firefox, as it is an engineer-to-engineer collaboration. Firefox does not expect any revenues from the PPA. Holley mentioned that if users choose to block ads using various solutions, the API calls will also be blocked.
Mozilla posted a detailed explainer on GitHub. The company believes “that a good attribution system will give advertising businesses a real alternative to more objectionable practices, like tracking, which should allow browsers to further restrict those practices.”
“A core tenet of the Mozilla Manifesto is that user privacy is fundamental and non-optional. The surveillance practices common in modern digital advertising are deeply problematic in this regard and we want to do something about it.
In Firefox 128, we are testing a research prototype of a technology that we hope could one day replace these surveillance practices. The privacy guarantees of this technology are ironclad: unlike other proposed designs, nobody outside the user’s device learns any information whatsoever about their individual activity”, a Mozilla spokesperson said in a comment to Cybernews.
The prototype can be disabled directly, and is only enabled if telemetry is otherwise enabled.
“Internet advertising is not going away, and many sites rely on advertising to support themselves. To avoid pitting the interests of sites against the interests of users, we want to create a long-term solution that ensures companies can still achieve their goals without collecting personal data. This would be a major step forward for privacy on the Internet,” the spokesperson said.
Updated on July 18th [06:10 a.m. GMT] with a statement from Mozilla.
Your email address will not be published. Required fields are markedmarked