Mozilla’s system only measures the success rate of ads—it doesn’t help companies target those ads—and it’s less susceptible to abuse, EFF’s Lena Cohen told @FastCompany@flipboard.com. “It’s much more privacy-preserving than Google’s version of the same feature.”
https://mastodon.social/@eff/112922761259324925
Privacy experts say the new toggle is mostly harmless, but Firefox users saw it as a betrayal.
“They made this technology for advertisers, specifically,” says Jonah Aragon, founder of the Privacy Guides website. “There’s no direct benefit to the user in creating this. It’s software that only serves a party other than the user.”
Everyone’s up in arms about a literal anonymous counter, but the other option is the current “spy on everything you do”
How is Mozilla getting flak for this outside of a few hardcore nerds that are welcome to use chrome if they so desire…
And I say that as a huge privacy advocate. In the local tin foil hat “privacy matters” nerd and I honestly don’t see the problem.
And quite frankly anyone that’s said it’s a problem has only been able to come up with “it shouldn’t help them count your views “ which is ridiculous, because it’s very anonymous.
Sooo …. Help me out here, what’s the issue?
It isn’t anonymous, it’s slightly obscured.
They use ohttp ( a proxy ) run buy a “partner” they control to do the obscuring.
That should be part of people’s informed threat modeling. Having a tattle tale in the browser reporting web activity to a third party is a big deal.
From what I’ve seen PPA doesn’t depend on OHTTP to do the obscuring. This page mentioned Distributed Aggregation Protocol and differential privacy, that are meant to ensure that it is literally impossible for any one party to see your data. Not just “obscured”, but impossible to access.
But be sure to let us know what data about us a partner could theoretically view, and how, if you disagree.
https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap#name-security-considerations
https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-08#name-security-considerations
Clearly not impossible even according to the standards authors.
I see only two data leak risks mentioned:
- The user leaks their data themselves.
- The aggregators (one of which is Firefox, I believe) can collude to compromise your privacy.
The first doesn’t need PPA. As for the second, Firefox can already conspire to compromise your privacy, if you’re using it.
I’m still looking for some concise documentation about exactly what Firefox sends, and if I could, I would love to intercept that data so that I can send it myself at a later time, with extra details
There’s a bit in the technical explainer here. But there’s really no way for you to add details; the whole point is to share nothing about you specifically.
“The other option,” like there’s only one. Like you can’t imagine anything else.
Until Mozilla got directly involved, other option was, fuck off.
There’s no reason why open source software should cater to advertisers.
Advertising is a plague on humanity. If we have to rethink our digital economics to fix it, then so be it.
If privacy preserving ad features become good enough, we won’t have as much privacy inversive ad tracking and a better internet overall. For the long game, this might not be such a bad thing as ads won’t go away anytime soon.
If people aren’t ready to see an ad or pay to support something. Then maybe they don’t deserve that thing.
Fine.
But today they want us to pay and collect everything about us.
I highly recommend “Taking Control of Your Personal Data” by prof. Jennifer Golbeck, published by The Teaching Company, ISBN:978-1629978390, likely available at your local library as a DVD or streaming.
Exactly. I am happy to pay a reasonable price for content (I’m paying a bit for Nebula, for example), and my hope is that transitioning advertising to a privacy-friendly system run by clients will encourage more options to pay for content in lieu of ads.
I’d pay a few dollars a month to avoid ads on most sites, and I’m guessing that’s about what advertisers are making from me, but instead the options are:
- pay 10x what they’d make from ads
- see ads and get my privacy absolutely violated
- don’t interact with the thing
So the more we move toward privacy-respecting ads, the more likely we are to see more options than the above. At least that’s my take.
exactly. If the price was as much as ads pay it would cost users fractions of pennies per view. They just charge paid users so much more then that for the same thing. Since google ads is one of the biggest ads supplier we could technically have a wallet that substracts the ad value to not see it directly with google.
I just sent feedback to google from the “my ad center” page describing the wallet idea to pay the ad price instead of watching the ad. Last time i sent youtube feedback they didn’t come back to me but they did apply the change i was asking for. So we never know.
Cool, but I doubt Google honestly cares much. If they do it, it’ll be something much higher than the actual amount that ad is worth as a way to nudge users to pay for some kind of subscription.
Yea. That’s also what i think would happen if anything.
I mean, go ahead, rethink our digital economics. While we wait for that, what do we do in the meantime?
(And of note: Mozilla itself has launched several initiatives there as well (example), but none have panned out so far.)
Yeah it couldn’t happen overnight. I feel like ad blocking is a better solution to invest in up until that point however. We don’t need to enable advertisers.
We have adblockers. Websites keep finding ways to track us still, and/or to block people who are using them :/
I would support something like this. Or something like what brave does. Or something like GNU Taler.
Pretty much anything but sending extra tracking data out.
I feel a little worried that I’m not even sure how Mozilla could monetize this. At least when Brave does its ads, people know how Brave makes their cut.
Mozilla doesn’t monetise this; the whole point is to change the ecosystem to enable more privacy. It’s not a moneygrab.
Okay, so the end result is a privacy drain for users, extra data that Mozilla slurps up but somehow does not benefit from, no benefit to legitimate advertisers (versus a/b url testing), and no draw for privacy invasive ones.
Then WTF
Tell me, what data about you does anyone get? And why is there no benefit to legitimate advertisers who will be able to know which of their ads have resulted in sales, even if they don’t know anything about you specifically?
The draw for privacy-invasive ones indeed needs a couple of extra steps, which requires being able to see the long-term vision: having a privacy-friendly alternative available enables both legislators to enact stricter legislation, as well as decrease the incentive to keep engaging in the cat-and-mouse game with browsers, trying to find new way to violate people’s privacy.
Tell me, what data about you does anyone get?
For starters, Mozilla Corp gets non-anonymous data like your IP address, time of connection, and all the advertisement telemetry.
Then they tell you “trust us with this”. The problem is, they have already broken their trust by refusing to tell the user, and doubling down upon this.
And why is there no benefit to legitimate advertisers
Because advertisers already have better options.
Method: PPA Topics Using different links Corporate creator Facebook Google - Needs users to trust 3rd party? Yes (Mozilla) Yes (Google) No ~% browsers it works on <3% >60% 100% Guaranteed privacy increase? No No No* *If you trust the advertiser, they can do it on their own. If you don’t trust the advertiser, then the additional third party does nothing.
Sorry, I meant: what data does anyone get through this new capability? Mozilla could always get your IP address and other connection data when e.g. Firefox checks for updates, or add-ons, or safebrowsing lists, etc. Could you name one or two things that are part of “all the advertisement telemetry” that is new?
Because advertisers already have better options.
Better in the sense that they provide the same information with privacy guarantees that are just as good?
Also, why do you need a guaranteed privacy increase? Why would we want to miss “opportunity to get us a future with improved privacy for everyone”?
Personally, I don’t have a problem with ads. And if those ads can support further development on an open source product I get to use for free then that’s even better. What I have problem with is privacy intrusive targeted ads. Even before the internet, newspaper, radio had ads. They sure were annoying, but not as bad of a situation as it is now.
Getting shot in the feet is technically better than getting shot in the stomach, but is still a bad option.
This entire thing is just idealism vs pragmatism for the trillionth time. The idealists are mad because they think all ads are bad and we shouldn’t try to work with advertisers in any capacity. They do not believe reducing the harmfulness of ads is a valid approach, because that would be an acknowledgement of ads. Common talking points there are about how this is technically working with advertisers and how the internet shouldn’t have ads in the first place.
The pragmatics also think ads are bad, but believe that an Internet without ads is very unlikely to happen, so they believe attempting to reduce the harmfulness of ads is a valid approach. Common talking points there are about how this isn’t giving advertisers anything they don’t already have and about how this doesn’t matter if you’re using an adblocker.
Like all other debates of this type, this probably isn’t ever going to be resolved to anyone’s satisfaction and we’ve really just been seeing the same talking points over and over again since the beginning. So I hope y’all have fun duking it out, I don’t think I’m gonna bother looking at these pointless PPA threads anymore.
As a privacy enthusiast and pragmatist, I see Firefox as providing no additional benefit to users or advertisers. Considering the laughably small market share of Firefox, I’m not sure how it is expected to woo advertisers over either.
Which of these options look more robust: Google Topics, Mozilla PPA, or advertisers doing AB testing on their own by simply using different links for different audiences?
Method: PPA Topics Using different links Corporate creator Facebook Google - Needs users to trust 3rd party? Yes (Mozilla) Yes (Google) No ~% browsers it works on <3% >60% 100% Guaranteed privacy increase? No No No If you trust the advertiser, they can do it on their own. If you don’t trust the advertiser, then the additional third party does nothing.
This is a nonsense comparison as these features serve completely different purposes, while only having in common that advertisers currently use user tracking to achieve the same.
Topics data-mines your browsing history for information about your interests and reveals this information to advertisers in order to improve ad selection. It’s meant to replace ad networks tracking each individual user’s visits to connected websites and building that profile themselves. Since this is, in a way, much more powerful than tracking cookies, Chrome has a scary dialog asking for it to be enabled, and I don’t think we’ll be seeing it in Firefox. “Using different links” cannot replace user profiling at all.
PPA doesn’t provide any new capabilities to advertisers. It’s a privacy-preserving way of measuring ad campaign success that is currently done by ad networks tracking individual users from ad impressions to conversions. “Using different links” is also defective, as advertisers need to connect ad impressions to conversions even if they are not immediately connected through a click on the ad.
If these features become generally available, this reduces the leverage advertisers have on legislators to prevent tracking from being outlawed. Mozilla will be hoping Chrome picks up PPA.
You want to legislate telling companies which servers they are allowed to gather data from, making it into a de jure oligopoly rather than a de facto one?!
Where did I say that?
Wrong.
Not an idealist, I’m not even mad, just calling out the hypocrisy because Mozilla did this quietly, not telling us at all.
“I’m doing this for your benefit, but I’m not telling you about it”, where have we heard that before?
Save me from people “doing things for my benefit”.
Just so funny how you blatantly mis-charaterize this, even using pejoratives to label people who dislike Mozilla’s arguably adversarial approach.
And frankly, they had a chance to develop a fair balance over 20 years ago, and chose to say “fuck all the users” instead. And the website owners keep repeating this. Ok, fine, I will never stop blocking ads - they chose this battleground, not me.
To take your approach to making arguments: how’s the taste of boot today?
Please argue how removing all (non-voluntary) advertising from society right now would do anything other than vastly improve society, and keep calling people like me idealists.
All ad supported services would need to move to a paid only model, locking out those who couldn’t afford to pay.
Or profit margins could just go down. I don’t know why you treat those two concepts as mutually exclusive; it’s been shown that even with expensive products companies will still mine massive amounts of user data and advertise to you endlessly. These parasites aren’t going to turn down extra profit at any avenue, no matter how legally, morally, or ethically questionable.
Many of the non-pragmatists also see this as somehow leaking information about you to advertisers though, rather than only working together with advertisers in the first place. But nobody has been able to mention what an advertiser would be able to know about me.
(Yes, yes, there are also people for whom it is only about working together with advertisers - I’m not talking about you, so no need to let us know.)
Exactly, well said.
It’s not that the ad issue isn’t going to be solved, it’s that ads are here now and we have to deal with them.
They are going to be replaced by direct micro-payments eventually but the puzzle pieces have been slow to get into place (also Google and the whole ad industry haven’t been cooperating for obvious reasons).
One of the major hurdles was the [in]ability to make online payments of a fraction of a cent but the digital Euro aims to make that possible (among other things).
With that and support for direct micropayments implemented in the browser we’ll be able to give a web page owner that fraction of a cent they get from ads now but only IF we want to, and when we do that we cut out all the ad industry as middlemen.
The problem with PPA wasn’t anything to do with the method it uses. Given enough announcement, discourse and investigation by the community; it’s entirely possible that users in general would have accepted it.
However; Mozilla did something very wrong by deploying this without asking the greater community. Point blank. That’s not good faith; and that did not allow for the community to go over the code and suggest fixes and express their concerns with how it works.
Instead Mozilla took the lead and decided it will exist; quietly. Without consulting the community. Given that this is how most companies turn selfish, that alarms MANY people who are knowledgeable about how Mozilla typically operates, and it undermines public trust in Mozilla.
They don’t necessarily need to run everything by me (or us, the community) but this context would’ve lessened my rage greatly.
The biggest issue I have with this is that it is opt out
Wouldn’t be a very useful metric if no one had it on lol
At least they could have popped up a dialogue saying it existed, like Google Chrome does.
Insult to injury, Mozilla posted an excuse to Reddit that said that they didn’t want to confuse users with too many pop-ups. This is the same company that would pop up messages reminding you that they were blocking trackers, or saying you should change your browser…
That is a very anticonsumer and user freedom mentality.
Sure but it’s the reason why
Other big issue is they didn’t consult the Open source community. They could’ve been just straight with us and told us that donations aren’t cutting it and then community as a whole could’ve come up with something to monetize. And even if it ends up being advertising they could’ve worked with community to implement in such a way that it would respect the try reason why most people switch to Firefox to escape Google’s surveillance. And maybe I can stop daydreaming about an utopia
It was never about money. This feature isn’t and was never going to make Mozilla one cent.
It’s about reducing the leverage advertisers have on legislators when it comes to the measurements necessary to operate effective ad campaigns. The hope is that with privacy-preserving methods available, privacy-violating measurement can be more easily outlawed.
I think we would have arrived at the very same feature.
I still don’t understand what’s so bad about this. Isn’t it a good thing for people not using adblocker and changes nothing for adblock users?
The problem is that they auto-opted all users into it, without giving notice or warning about what it is. They’ve done this before too with other “experiments”. The problem is that Mozilla becoming an ad oriented business is bad for user privacy. No different to Apple’s shift from hardware to services. The fox is infiltrating the hen house. Line must go up, and the users always pay the price for that with their data.
Turns out a user base who hates ad tech and surveillance capitalism doesn’t want ad-tech or surveillance embedded in their browser. Who would’ve thought?
I don’t want ads.
Their effectiveness is not really a factor.
Half the problem with Chrome is, browsers should have NOTHING to do with advertisers. It is a conflict of interest.
There’s a lot of people that trust the privacy guides website and yet the founder is just spewing emotional bullshit that’s not even grounded in facts. A bunch of smart people can see the benefit to the average end user and then Jonah is putting out bullshit. I’m disappointed in him and privacy guides.
What in his statement was incorrect?
That there’s no direct benefit to the user.
I think a reasonable person would say better ad-tracking does not provide a direct benefit to a user.
The argument is that better ad-tracking means that companies such as mozilla can make money from advertisements while providing “better” privacy then the cookies/fingerprinting everywhere model.
That is a indirect benefit for the user. If they don’t use the new ad-tracking how does their experience change? Not at all. So any benefits are down the line.
I think a reasonable person would say better ad-tracking does not provide a direct benefit to a user.
That’s not a reasonable person. That’s an ignorant conspiracy theorist whose reality is grounded in delusion because right now advertisers take what they want and what they can get and the average user is depending on the browser to pay whack-a-mole with the invasive privacy tech they build and it’s not sustainable.
The argument is that better ad-tracking means that companies such as mozilla can make money from advertisements while providing “better” privacy then the cookies/fingerprinting everywhere model.
There has never been a suggestion that Mozilla is planning to monetize PPA for themselves.
That is a indirect benefit for the user. If they don’t use the new ad-tracking how does their experience change? Not at all. So any benefits are down the line.
The benefit is that it’s better than what we have now.
Since I think of myself as a reasonable person, and I agree with what said by the privacy guides editor, that means I’m also a “ignorant conspiracy theorist” and I may be just conspiring about my ignorance but I don’t appreciate being devalued as such.
Mozilla purchased a advertisement company… that’s a pretty strong step towards monetization.
One has nothing to do with another, since the other person replied with logical fallacies, I’ll point out that you’re using a false cause. Regarding your feeling devalued when you bandwagon and push a false narrative in order to assist in manufacturing outrage is on you.
And for the record, reasonable people stick to the facts, they don’t pull random bits of information to support theories with zero standing.
That’s not a reasonable person. That’s an ignorant conspiracy theorist whose reality is grounded in delusion because right now advertisers take what they want and what they can get and the average user is depending on the browser to pay whack-a-mole with the invasive privacy tech they build and it’s not sustainable.
I’m afraid actually you are the ignorant corporate worshipper, whose reality is grounded in delusion, because ad tech companies will not ever stop using their already researched tracking and targeting techniques. For one, they have spent a lot of money on that research, the results are earning them a lot of money, and the business model of all of them is based on infinite growth, like cancer, so they’ll never stop using those techniques to switch to something inferior in their eyes.
You won’t be able to force them with legislation either. They’ll either find loopholes, make the loopholes, or just pay the small fines for the few cases they’ll receive, in any case treating the costs as the cost of business because it is still very profitable.Parasites cannot be believed, if you have forgot.
There has never been a suggestion that Mozilla is planning to monetize PPA for themselves.
I think the user was speculating that Mozilla might want to embed ads in Firefox with this tech, or on their support and other websites.
The benefit is that it’s better than what we have now.
Saying this is like accepting a new form of tax from a government that’s widely known to be (monetarily) corrupt, in the hopes that with it they’ll be content and will stop stealing and privatizing public money.
Ah, yes, ad-hom people you disagree with, that’s always a compelling argument.
Maybe you should learn how much we’re actively tracked today before making your claims.
I highly recommend “Taking Control of Your Personal Data” by prof. Jennifer Golbeck, published by The Teaching Company, ISBN:978-1629978390, likely available at your local library as a DVD or streaming.
A lovely bit of tu quoque in the afternoon! 🤤
As the other comment mentioned, it’s about caring about principles in theory vs. real-world effect. He still says that you should use Firefox (with some tweaks - installing uBlock Origin is the most important one, of course) if you want the most privacy-friendly browser, but I’m sure his ruckus will have caused people to just give up and stay with Chrome too.
I don’t think that PG’s and EFF’s standpoints are incompatible.
PG says this is not private.
EFF says this is better than google’s solution.
Being better than google’s solution does not mean that it’s now private.
Your title has your title has a grammatical error
Lol, sorry, didn’t realize that. Thanks for telling me.
Np. Love that they’re editable here