Comment by jcranmer
1 year ago
Judging from nearby wording, this is primarily geared towards the Firefox account stuff as opposed to the Firefox browser.
(I'm not happy with Mozilla's decision to name everything Firefox, it makes things like this confusing.)
If that was the intention, the correct term would have been "Mozilla's services". The very first sentence of that document defines Firefox: "Firefox is free and open source web browser software".
As a non-legal word of advice: when reading legal text, always read defensively. Never assume good will when legal matters are concerned.
Yes, it seems like Mozilla has long had a problem of marketing getting in the way of communication. This keeps happening over and over gain. They make changes for marketing reasons, and then people are confused when they make policy changes because they've solidified their naming so much in the pursuit of brand recognition that their audience (rightly) is confused about what they're actually saying when they use that brand name to refer to a singular component of their offerings.
Mozilla is quite adept at own goals when it comes to privacy. If I were a Mozilla executive reviewing this policy, I'd send it back to the lawyers to make a lot more effort to be clear about what Mozilla will and will not do for stuff, in a way that is actually readable and understandable by lay people.
I have enough legal knowledge to know that most of this is basically necessary legal boilerplate because holy crap does the legal system suck, but Mozilla tries to pitch Firefox as a privacy-favoring alternative, and looks-like-everybody-else legal boilerplate absolutely undermines that pitch and more.
The problem is more that they actually do want to sell user data (albeit anonymized and/or aggregated), and they want to present themselves as a privacy-favoring alternative.
They literally say:
> Mozilla doesn’t sell data about you (in the way that most people think about “selling data“), and we don’t buy data about you. Since we strive for transparency, and the LEGAL definition of “sale of data“ is extremely broad in some places, we’ve had to step back from making the definitive statements you know and love. We still put a lot of work into making sure that the data that we share with our partners (which we need to do to make Firefox commercially viable) is stripped of any identifying information, or shared only in the aggregate, or is put through our privacy preserving technologies (like OHTTP).
Sharing data with partners and getting money in return (that's what "to make Firefox commercially viable" means) is selling user data. They want to change the definition of selling data to exclude what they want to do, but they don't get to decide what the meaning of words is.
So they're not as privacy-friendly as they want to appear, and that's a difficult position, and that's why this policy allows them more access to data than a naive reading would indicate.
Is the audience confused though or is the text simply ambiguous and thus should be interpreted defensively.
I think the fact I said they are rightly confused makes that explicit, does it not?