about:trackers – Protecting Shared Firefox Data

Last time we explored improving the Firefox experience with locally analyzed data and sharing summarized data to web sites. The Prospector team understands the importance of giving users control of what Firefox data is analyzed and what summarized data is shared. Even with Mozilla evaluating sensible defaults that support privacy by design, some users might want to share more or less, and this gets even trickier when data is shared to web sites out of Firefox’s direct control.

We’re looking into ways for how Mozilla can help protect users’ data that gets shared to improve the web experience. We’ve gotten some useful feedback already on how to analyze data in Firefox and what to do with the data, so we would like to hear more from you about this topic of protecting shared data.

One idea we have is related to the “terms of service” that users often need to agree to before using certain web sites. Except here, we want to flip that around and require web sites to agree to terms before accessing the summarized Firefox data.

Using that as a starting point, there are many ideas of what could be included in the terms, such as requiring the web site to only use the shared data for the current request and not associating the data with the user for future requests. This would ensure that web sites are using the freshest Firefox data that might have recently changed, and this gives users control to grant access to more or less data.

To help users make sure web sites comply with the terms, Firefox can provide tools such as targeted cookie blocking or connection blocking. These are useful because without cookies, the web site would have a harder time to associate any shared data with the current user. If this safeguard at the individual user level isn’t enough, Mozilla could reveal the bad acting web site and even put up warnings for all Firefox users similar to the existing built-in phishing and malware protection.

Different policies based on web site behaviors

We’ve put together a proof-of-concept add-on, about:trackers, that explores this idea of policies that allow for cookie blocking and connection blocking. While this add-on shares no data to the web sites with accompanying terms, this experiment gives users some settings to adjust and see if their browsing experience would be positively or negatively affected.

Just like the about:profile proof-of-concept, the main purpose is to get people thinking about what could be done in Firefox. So the exact details of the concept policy aren’t too relevant, but at a high level, about:trackers will gradually block sites that would have been able to see you across too many other web sites. It somewhat simulates a term that allows access to a user’s shared data as long as the web site isn’t trying to get other data by using cookies when on other web sites. This also means that web sites that don’t rely on cookies will have their connections working normally.

With the idea of Firefox helping enforce terms for the user on a per-web-site basis, this could help shift more control of data to the users — a better web experience on the user’s terms. So please try out about:trackers without restarting Firefox and think about ideas of how Mozilla can help protect users’ data. Next week, we’ll put some of these pieces together in yet another experiment. And as always, you can check the source on Github, provide feedback, and submit issues or suggestions!

Ed Lee on behalf of the Prospector team

5 responses

  1. Dwight Stegall wrote on :

    It does a pretty good job, but the Ghostery addon is way better.

    1. Edward Lee wrote on :

      Glad to hear that about:trackers able to do a good job for the quick proof-of-concept I put together. 🙂 The expectations for the add-on shouldn’t be too high because it was created mainly to spark some ideas on the types of terms and policies Mozilla can set to help users control their data.

  2. tom jones wrote on :

    “about:trackers will gradually block sites that would have been able to see you across too many other web sites. ”

    i understand that this is a Labs project, and this is all experimental and opt-in at the moment, but i don’t like the standard you are setting with this move. if something like this ever comes to Firefox proper, and by default Firefox starts blocking some tracking and advertising dollars, how is this better than Microsoft turning DNT: 1 by default for IE users?

    how do you know it’s in the user’s interest _not_ to be tracked? has anyone, ever, anywhere, shown some _actual_ harm to any one user from ad tracking?

    what if users like more targeted instead of random ads for things they are not interested in? what if users actually _like_ for (free) websites they are visiting to earn a living, even if it’s through targeted ads (a pretty plausible assumption in my book, as they have already chosen to visit the website).

    (and not to mention giving users a false sense of security, when the more insidious, invisible and undetectable tracking through browser fingerprinting can’t even be stopped, not using this, nor any other measure)

    again, i understand you are not doing that right now, but it looks like that’s the direction you are heading in, and i don’t think it’s good for the health of the free and open internet..

    1. Edward Lee wrote on :

      @tom Sorry if I didn’t make it clear in the post; the context of this experiment is looking at how Firefox is helping users share their data while still being in control of how that data is used. The add-on is to help start a discussion about ways to give users control, and one very simple idea that was easy to implement was to not need cookies in exchange for the data.

      This was building off an idea from the previous post:
      https://blog.mozilla.org/labs/2012/10/improving-firefox-with-locally-analyzed-data/

      Where if users were to carry around their profile in Firefox, a site might not even need the user to log in (using cookies) to do personalization. Every time the user visits the site, it can automatically customize to the user’s newest interests.

    2. Edward Lee wrote on :

      @tom In regards to better targeting, I think we’re in total agreement that users would most likely want personalized content than random content, or at least easy access to personalized content. If Firefox were to expose a web API for any web site to use, even my own personal blog could easily show a brand new visitor a list of blog posts that the visitor might be interested in after after reading the current blog post. Then hopefully the visitor finds more interesting posts and becomes a regular reader.