Hi Georg, I have a couple of questions and/or concerns and they don't seem to be addressed too well in this thread. It's probably going to be rather long, so sorry for that.
> One recurring ask from the Firefox product teams is the ability to collect > more sensitive data, like top sites users visit and how features perform on > specific sites. > > Currently we can collect this data when the user opts in, but we don't > have a way to collect unbiased data, without explicit consent (opt-out). Does this refer to the Firefox Pioneer [1] add-on, or something else? >> (...) We are not in the advertising business, (...) > In fairness, we have been, at one moment, to the surprise of many. I can understand that people could fear that happens again some day. Thanks, Mike, for admitting this. I assume it's about the sponsored/suggested tiles functionality, but I'm not convinced that it stopped. Are there still plans to make about:newtab load from the Mozilla servers [2]? Is Activity Stream fundamentally different? Note that RAPPOR was originally implemented years ago with the intention of being used for this kind of data collection [4] and not for monitoring performance. I also think it's happening with Pocket. > This data will be sent once (and only once) per copy of Firefox, to make sure that nobody (including Mozilla) can deduce more detailed data by observing specific users. That is the promise for this SHIELD experiment. We don't know how RAPPOR will be used in the future. It might, for example, be expanded to cover whole domains instead of eTLD+1s (that's been considered in the past [5], so it's not just a slippery slope argument). > What we would be sending is a neat list of jumbled garbage that is almost > indistinguishable from random noise. No conclusions can be made about what > websites you visit from this. My (admittedly shallow) understanding of DP is that there is always a risk of data being exposed. This is a parameter of the implementation and can be tuned in one direction of another, but it's always there. DP is not perfect privacy. There's also a discussion of client identifiers (FHR/Telemetry ids) being included or not in the data. This is not obviously safe. >> Offering to send anonymous info on one of these events, through a popup or >> dropdown hanger (similar to the password manager, security certificates, >> etc), would fulfill the same objective. A user is inclined to help when >> his/her favorite website suddenly starts slowing down, or throwing errors. >> At this point it's also easy to check a box to "always do this from now on". > We don't want to annoy users _more_ by asking them to tell us about their performance issue. I feel like you're too eager to dismiss suggestions like this. Please don't. Mobile applications on iOS and Android do something similar [6], so the users might be familiar to them. Don't ask for a thousand permissions at install time. Ask nicely when you need something and show what you need it for. Allow the user to decide on a site by site basis. > For crawling the sites, this will allow us to see how many sites use Flash, but can't tell us which sites our users encounter it on. If I understand it correctly, RAPPOR needs a pre-defined list of sites. If users encounter Flash applets in a RAPPOR study, you will already know it's on a site in that pre-defined list. It can be most likely be found via crawling. Now you might be interested in how often users interact with Flash on those sites. I admit that's not possible with only crawling, but it's not obvious from your message. I strongly dislike you giving the example of Flash. It's already dying and we all know that. Adobe will discontinue it in a couple of years. My guess is that the top visited sites are no longer using it. Would any information obtained via RAPPOR change Mozilla or Adobe's stance on Flash support? Compare this with the XUL add-on situation, where Mozilla already knows exactly what add-ons the users have and what they are installing. > "Which top sites are users visiting?" Alexa's top list should be enough, or whatever list you would be preloading into RAPPOR. If Firefox works well on those sites, the users will be happy. There's no reason to believe that Firefox users are interested in completely different sites from other Internet users. The feeling I got from your first post is that you want to have the mechanism available without a clear idea of how it's going to be used. Myself, I'm really uncomfortable with this. > Hello, Redditors... Please don't dismiss posters from high-profile sites like HN and Reddit. They came here because they care. They're the ones that recommend Firefox to their friends. Some of them are the ones who offered constructive feedback related to the issue at hand. And they are the Firefox users, even if they might not care to read a Wikipedia page full of formulae. I understand how you might be annoyed about thousands of people coming to this thread like it happened before on the one about Pocket. But we aren't the "bad guys" here, just as I think you're not, either. Laurentiu [1] https://addons.mozilla.org/en-US/firefox/addon/firefox-pioneer/ [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1176429 [3] https://wiki.mozilla.org/Firefox/Activity_Stream [4] https://bugzilla.mozilla.org/show_bug.cgi?id=1136461 [5] https://bugzilla.mozilla.org/show_bug.cgi?id=1138022#c17 [6] https://techcrunch.com/2014/04/04/the-right-way-to-ask-users-for-ios-permissions/ _______________________________________________ governance mailing list governance@lists.mozilla.org https://lists.mozilla.org/listinfo/governance