We’ve gotten good responses about how to protect shared Firefox data, so we’re following up by highlighting some interesting ideas and clarifying some points. The initial concept of setting some terms of use on the data shared from Firefox seems to be easily understood, but there are many aspects with their own set of details. The four topics in the rest of the post cover a wide range: rewarding good behavior, using data non-transactionally, increasing transparency, and creating contracts.
Rewarding good behavior
The about:trackers experiment tries to simulate what would happen if a web site had access to a user’s locally analyzed Firefox data and if the site could have used cookies to get more information about the user. It would block cookies to prevent mixing the user’s Firefox data with other data as well as to only allow the Firefox data to be used for the current request. More importantly, this would mean a web site that followed the terms of use on the user’s data would work normally without any blocking.
This tool of blocking can be seen as taking away from web sites, but Firefox can also reward good behavior without directly negatively impacting the web sites that do not comply with the user’s data requirements. For example, Firefox can detect if a web site is known to break the user’s terms and then suggest a similar web site with a better privacy policy that respects the user’s data. It’s then up to the user to decide if they want to keep using the current web site or to try something better. This rewarding good behavior helps web sites not only by directly increasing visitors but also by indirectly reminding users that their data is safer, and these users might be willing to spend more money than usual for that safety.
Using data non-transactionally
One concern about the original proposal was the requirement of temporary or transactional access to the Firefox data. This means web sites can use the data only for the current request to personalize the content, and future visits could not be personalized if the user turned off the sharing of their data. There could be contexts where the user’s data isn’t readily available for the web site such as the user visiting from a different device, computer, or browser; so it might make sense to allow the data to be saved on servers for short periods.
Just like how the terms of use on the data could require transactional use, the term could allow a site to borrow the user’s data — almost like leasing some private property from the browser. Again, the terms could put requirements on the remote storage of data: for how much data, in what fashion, to whom has access, and until when. The most direct approach for specifying time could be a number of hours or days, but another interesting approach could be to put a price per unit time where the monetary value could be directly exchanged or indirectly given through discounts.
While all the terms are for the user’s benefit, an interesting idea is to have some primarily to help users learn more. An example term would require the web site to report back to the user what parts of the user’s data have been used. Depending on how much the user has allowed to be shared, there could be many attributes, so for example, a technology related page might only use the fact the user is interested in smartphones and ignore the user’s interest in sports.
This reporting back to the user could be formalized through the browser, so Firefox would understand what’s being used as opposed just having the page display some text. This means Firefox could provide a standard interface for users to check what data is used on each of their tabs without needing to search around on the page. Firefox could then also provide a view showing each individual piece of shared data with the sites that is making use of it.
Some responses to the original terms of use idea raised concerns about the effectiveness of contracts because individual users are less likely or able to make sure the contract is not broken. However, a web site that is breaking the contract with one user is likely to be breaking contracts for many users especially if there is a standard set of terms across all those contracts. These users could simply stop using the web site that blatantly fails to fulfill the contractual obligations, or if the problem is widespread, concerned users can get together and raise awareness to notify the offending party’s breach of contract.
Another approach would be to have a separate entity take on this role of making sure contracts are not broken. A non-profit that cares about the Internet and users’ privacy would seem to fit the part quite well. 🙂 This group could also directly create contracts with web sites instead of creating them at the per-user level. Contracts are mutually beneficial and agreed upon by both sides, so the non-profit that puts users first can set some standard terms to protect users’ data and privacy. None of this would have to be limited to just Firefox users either, so potentially all Internet users can benefit from the non-profit’s contracts with web sites.
We believe there will be many more ideas in this area given that we made this extra post to cover four topics from the one initial idea last time. So please continue to provide feedback on how Mozilla can help protect users’ data. We’ll continue next week with the originally scheduled experiment that puts some of these pieces of user data together.
– Ed Lee on behalf of the Prospector team