this post was submitted on 30 Jul 2024
4 points (100.0% liked)

Firefox

17937 readers
39 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
k_o_t@lemmy.ml
4
Mozilla adds stupid AI stuff with horrible T&C (lemdro.id)
submitted 3 months ago by astro_ray@lemdro.id to c/firefox@lemmy.ml
68 comments fedilink hide all child comments
 

PSA (?): just got this popup in Firefox when i was on an amazon product page. looked into it a bit because it seemed weird and it turns out if you click the big "yes, try it" button, you agree to mandatory binding arbitration with Fakespot and you waive your right to bring a class action lawsuit against them. this is awesome thank you so much mozilla very cool

https://queer.party/@m04/112872517189786676

So, Mozilla adds an AI review features for products you view using Firefox. Other than being very useless, it's T&C are as anti-consumer as it possibly can be. It's like mozilla saying directly "we don't care about your privacy".

you are viewing a single comment's thread
view the rest of the comments
[–] GenderNeutralBro@lemmy.sdf.org 0 points 3 months ago* (last edited 3 months ago)

Mozilla says they use a third-party OHTTP intermediary. In the blog post linked above, they name Fastly as their partner. So it's not as bad as Mozilla + Mozilla-wearing-funny-glasses.

Personally, I still think this is the wrong approach to privacy, even though I've used Fakespot on my own many times over the years. Largely because I don't think any of this needs to be built into a web browser.

I would prefer my web browser to minimize information leakage by default, to the greatest degree that it can while still remaining useful as a web browser. Mozilla keeps adding bloat to Firefox, and bloat always comes at a cost. I'd much prefer these to be browser extensions that people can download if they want them, rather than built in by default. The baseline Firefox should be lean. Less "stuff" = smaller attack surface. Simplicity is best.

I mean, the Fakespot browser extension has existed for a long time, and I've never seriously considered installing it. I'd much rather just take an extra three seconds to load their web site and paste in a URL than have it constantly monitoring my activity and doing god-knows-what with it. That way I have better knowledge and control of what is happening with my data. Even if I trust their intentions, I don't implicitly trust their competence (all software has bugs) and I don't trust that they will never go rogue in the future.

And also, I just don't find this claim all that compelling in principle:

By processing the data jointly across two independent parties, they ensure neither party holds the information required to reveal sensitive information about someone.

I mean...sure. That's fair. Buuuuuut handing half the data to your "partner" doesn't give me a whole lot of confidence. Especially since literally nobody reads all of the privacy policies they are subject to. See:

https://www.theatlantic.com/technology/archive/2012/03/reading-the-privacy-policies-you-encounter-in-a-year-would-take-76-work-days/253851/

https://www.npr.org/sections/alltechconsidered/2012/04/19/150905465/to-read-all-those-web-privacy-policies-just-take-a-month-off-work

https://www.techradar.com/computing/cyber-security/you-need-a-whole-workweek-every-month-to-read-privacy-policiesand-thats-bad-news

Minimizing privacy policies should be a high-priority goal for any organization that claims to value privacy.

Furthermore, how many additional parties have access (legally or otherwise) to both Mozilla and Fastly? 🤷