Skip to content(if available)orjump to list(if available)

Mozilla rewrites Firefox's Terms of Use after user backlash

Mozilla rewrites Firefox's Terms of Use after user backlash

66 comments

·March 4, 2025
Visit

robshep

We need to get behind Mozilla and Firefox for the simple reason it is the last bastion on the path to omni-chrome

Those who care very deeply about very tight privacy have enough niche options.

But I want there to be browser that has enough privacy to be sustainable so there’s a reliable option for me to recommend to family members etc which is holds enough market share for websites to test against.

If Firefox’s market share dips any lower website makers won’t support it - testing only against the homogeneity of chrome/edge/safari and then it will become a death spiral and humanity will have taken a step backwards.

It’s a case of use it lose it.

thomassmith65

If we need to do anything, it's get behind Ladybird, and put up with a Mozilla fork for the next 12-24 months as a 'daily driver'.

Mozilla has little enthusiasm for developing its actual web browser, and doesn't seem to like its users very much.

For the past decade, Mozilla has made one bad choice after another, and every time it blows up in their faces, their takeaway is that they failed to properly 'educate the customer'.

Mozilla should just get out of the way. If Google Legal didn't need them, they already would be out of the way.

nopcode

Why is Ladybird going to be more successful than all the other failed browsers?

spinningslate

> Those who care very deeply about very tight privacy

> that has enough privacy to be sustainable

These are the key phrases. Mozilla has hitched its wagon to advertising. Behind all the bluster over last week, the underlying direction is clear. They bought Anonym [0] and Ajit Varma, the new VP of Product for Firefox and source of the updates, is ex-Meta. It's reasonable to assume that he's there, in part, because of advertising expertise.

Some will see Anonym's "privacy-powered advertising" as "enough privacy" and the only viable way to sustain Firefox without Google's annual cash injection.

Others won't buy that, believing that a browser can be built without relying on advertising. Ladybird is taking this approach - so we'll find out.

> If Firefox’s market share dips any lower website makers won’t support it

This is the risk the exec team must know they've taken. Specifically: what proportion of the current Firefox user base exists because of the historic pro-privacy stance, and what percentage of that will leave because of the advertising-based future?

[0] https://www.anonymco.com/

--

EDIT: addedd missing reference

BSDobelix

>We need to get behind Mozilla and Firefox

No we need to get rid of Mozilla (the org and the company), transform/fork Firefox and Thunderbird to a community project with (maybe?) a Foundation behind like FreeBSD or Blender.

Mozilla's CEO's and Manifesto writers did nothing to support Firefox but fill their own pockets and hype the AI train, I really wonder how much money goes directly into the development of Firefox, if we compare it to the Linux Foundation supporting Linux (the Kernel) it's about 3%, it's probably even less for Mozilla.

bjord

if that were truly (sustainably) possible, I'd support it, but imo that'd just be signing ff's death warrant

side note, thunderbird is already independent and democratically-managed by the community (as of a few years ago). the way I understand it is that they effectively just use mozilla's resources for legal, logistical stuff

BSDobelix

>if that were truly (sustainably) possible, I'd support it, but imo that'd just be signing ff's death warrant

I really don't think so, have a look at the ladybird browser:

https://ladybird.org/#sponsors

Or even Servo:

https://servo.org/

godelski

I'm with you, I really am. I've been on Firefox for nearly two decades, even the shitty years. But I still think this was a foreseeable issue and even the claim that "there was confusion" only shows a disconnect.

If you make a move like this you need to announce it in advance. You announce it loudly! You need you recognize that users concerned with privacy are looking for canaries. So when you have to put a canary down you fucking tell people before and don't just wait for them to find a dead canary. Of course people are going to freak out, that's what canaries are for.

bjord

I agree completely that something needs to change procedurally—this can't be allowed to happen again

112233

Huh? You do understand that Firefox is just a single executive decision away from becoming a chromium skin? In order to forward-think, proper-size and upward-achieve , so that limited funds can be utilized with most impact etc.?

Zealotux

I just wish I could get enthusiastically behind Mozilla, right now I stand behind them in spite of their leadership.

mdp2021

Please, directly skip to the real announcement:

https://blog.mozilla.org/en/products/firefox/update-on-terms...

The actual content:

> [Given that the definition of "selling" in legal terms can be slippery, we must be aware of not falling in cases like the following:] In order to make Firefox commercially viable, there are a number of places where we collect and share some data with our partners, including our optional ads on New Tab and providing sponsored suggestions in the search bar. We set all of this out in our Privacy Notice. Whenever we share data with our partners, we put a lot of work into making sure that the data that we share is stripped of potentially identifying information, or shared only in the aggregate, or is put through our privacy preserving technologies (like OHTTP)

troupo

This was discussed before on HN.:

> in some places, the LEGAL definition of “sale of data” is broad and evolving. As an example, the California Consumer Privacy Act (CCPA) defines “sale” as...

And then they go on to describe what a common-sense definition of a sale is. There's nothing broad or slippery about the example, so yes, they basically say "we're going to sell your data"

BSDobelix

>"we're going to sell your data"

And:

>>This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox.

So now we can use your photo of your birthday party that you sent via webmail... but don't worry, we don't own it, you just gave us a "non-exclusive, royalty-free, worldwide license".

chownie

This leaves out the important part, nothing has actually changed. This is entirely a rewording for what they're currently doing and have been doing for years.

If it's such an outrage worthy subject why did no one explode about this when they added the sponsored links years ago?

troupo

> why did no one explode about this when they added the sponsored links years ago?

There was a lot of discussion and consternation about this as well.

zoobab

No thank you. Fork.

distances

There's no chance I would be able to recommend some Waterfox or Iceweasel to family or friends. Current status is Chrome or Firefox, and there's a long long way ahead for anything else to become relevant. Death of Firefox would mean immediate death of all the forks too.

chownie

You're forking the FAQ? Because that's the only thing that's actually changed here.

rhdunn

This is even more confusing. I understand that the browser needs to know my primary language and will send that as part of the HTTP requests (e.g. as part of the Accept-Language header) in order to operate ("To provide you with the Firefox browser"). I don't know why Mozilla needs a license for this.

They are not clear where/how the data is being used. For example, why are "Unique identifiers" and "Interaction data" part of "To provide you with the Firefox browser"?

From "Interaction data": "This is data about how you engage with our services, such as how many tabs you have open or what you’ve clicked on." -- Why is it necessary to track how many tabs I have open in order to provide the browser to me? -- That isn't something they need to send via HTTP to make websites function. If it is for telemetry and improving the browser, that should be a separate section.

braiamp

> You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe in the Firefox Privacy Notice. It also includes a nonexclusive, royalty-free, worldwide license *for the purpose of doing as you request* with the content you input in Firefox. This does not give Mozilla any ownership in that content.

They are saying that you give a license to Firefox to do as you request. That's all. The language is explicit and explain the relationship between you and the product when you use it. The product behaves as your agent, and would need permissions to do so. Every browser implies this, Firefox just was explicit with it.

rcxdude

It still doesn't make sense unless that info is going via mozilla's servers. Software running on your PC doesn't need permission to process and send data that you are giving it, to send it to the places you intend.

rhdunn

I'm looking at the https://www.mozilla.org/en-US/privacy/firefox/#lawful-bases section of the new privacy document which goes into more detail on what is collected and why, along with the "Types of Data Defined" section above it that describes the different data.

It doesn't differentiate when that data is stored locally, when it is sent to (and collected by) Mozilla, and when it is sent/accessed by the website you are on/using.

Likewise, because "Interaction data" covers both "how many tabs you have open" and "what you’ve clicked on" (as well as ad related information in the next paragraph) it can cover things like handling anchor ping attributes (what you've clicked on) which are nec1essary for Firefox to work w.r.t. that feature vs. collecting ad related information ("Click counts, impression data, attribution data, how many searches performed, time on page, ad and sponsored tile clicks.") which is not.

With those broad information categories they are combining different use cases from using the browser, telemetry, and collecting data useful for advertising.

Another example: in the "To adapt Firefox to your needs" section they explicitly call out sending location data to websites like Google Maps but the data collected is listed is "Any data type" not "Location".

I know there are other cases, but the specific wording is vague and unclear. For example that section mentions being able to "clear your browsing history". As a developer I can infer that that is related to JavaScript APIs being able to access your browsing history, but that isn't called out in this section so it is unclear that this is what they are referring to.

cedws

Why does Mozilla keep falling into the trap of bringing these crappy MBAs into their leadership? Promote real ambassadors of privacy and open software instead of people like the current interim CEO, who is ex-McKinsey. If they can't manage that then maybe it's finally time to let Mozilla go. Andreas Kling's browser project sounds like it's coming along well.

squarefoot

They're essentially owned by Google through a contract both cannot refuse, because it keeps the "Google isn't a monopoly" narrative while allowing Mozilla to stay afloat, therefore I wouldn't expect them to do anything that could harm the agreement with Google, like real competition.

Khaine

How about the directors and Management who let this happen, resign. We need another phoenix to rise from the ashes of Firefox.

claudex

They are currently with an interim CEO and searching for a new one https://blog.mozilla.org/en/mozilla/a-new-chapter-for-mozill...

robshep

I am old enough to get that.

BSDobelix

Let's fork it and call it Firebird...oh no wait ;)

bjord

that seems wildly excessive

Khaine

Why? Mozilla has been circling the drain for a while with their poor decisions, and questionable privacy practices all while proclaiming to be all about user privacy. Now they have flushed any goodwill they had right down the toilet.

As leaders, they need to be held accountable for their poor decisions. Which means they need to fuck off, and let new people come in and rebuild trust.

bjord

yes, this was a big screw-up all things considered, but crucifying people for a (relatively straightforward, imo) comms issue just seems...borderline violent?

> For instance, Mozilla said it may have removed blanket claims that it never sells user data because the legal definition of “sale of data” is now “broad and evolving,” Mozilla’s blog post stated.

> The company pointed to the California Consumer Privacy Act (CCPA) as an example of why the language was changed, noting that the CCPA defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”

mind you, I sincerely doubt this ever even came across the desks of leadership—if it's legalese compliance bullshit, why would it?

bjord

and no, a decent manager shouldn't have to literally review every little thing every single one of their employees does

obviously something needs to change here procedurally, but micromanagement across the entire board is not the answer

and therefore firing management for this is not really solving anything other than satiating the bloodlust of the mob

rickdeckard

Wow, quite black and white views here.

Despite all the justified doubts and concerns, it's also worth noting that Mozilla runs one of the few independent browser engines left, with limited ways to actually fund it.

When they're not here anymore, there aren't many parties left to argue about web standards in favor of a free web.

So I'd keep watching them as always, without painting them as evil just because of some misstep...

SapporoChris

Original

"The Firefox Browser is the only major browser backed by a not-for-profit that doesn’t sell your personal data to advertisers while helping you protect your personal information."

Now just says.

"The Firefox Browser, the only major browser backed by a not-for-profit, helps you protect your personal information."

This is not some misstep, it is the breaking of a promise.

rickdeckard

If I remember correctly, more than 50% of their revenue came from Google Search in the past.

They are now at 2.6% market-share, I can imagine that revenue-stream is making it hard to keep the lights on.

It's sad that it came to this, but somewhat understandable as they don't really have these other lucrative side-businesses of Google, Apple, Microsoft.

FWIW, the change is that the new wording allows them to build a revenue-stream based on telemetry data, while the original wording prohibits them from such a financing model at all.

Outside of Europe this might be significant, but in European legal context the difference is that they could now ASK you if you allow them to use your telemetry to create revenue, and only do it IF YOU AGREE (small nudge to push for privacy-friendly laws).

eagle2com

I would say they are changing the promise, not breaking it. Breaking it would have been if they sold data with the old description (which is not the case, is it?).

chownie

The definition of the word "sell" has a different meaning in a post-AI world and in specific California have a new bill adding some other contexts to it, so despite not actually doing anything differently (go and look at the Firefox source tree if you don't believe me) they have to change their wording.

ETA: Setting Google as their default search engine in exchange for funding from Google has been cited as an example of "selling user data to Google", if you'd like a concrete example of what I'm talking about.

Ferret7446

Does it matter if they weren't arguing in favor of a free web to begin with? Quite the opposite in fact; their stated stance is they want to remove people they disagree with from the web.

powersnail

It seems like what is happening is not Firefox now making a pivot to the privacy unfriendly side, but Firefox has already been selling data, but in a manner that---for whatever strange reason---they didn't consider to qualify as "selling data", and hence the original Terms of Use included the promise of "We never sell your data". Then lawyers came along and told them that this just wouldn't fly legally, and they have to change their terms now.

Even now, Firefox still doesn't consider what they do "selling data", and they are forced to change the wording only because the laws are weird.

Frankly, I just don't see how sharing data to partners to make yourself commercially viable can be construed as not selling data. In their own words, what Firefox does is:

> In order to make Firefox commercially viable, there are a number of places where we collect and share some data with our partners, including our optional ads on New Tab and providing sponsored suggestions in the search bar.

We could argue about whether the laws are slippery or over-reaching, or how responsible or not Firefox has been handling user data. We could argue about how much anonymization and aggregation of data reduce privacy concerns.

But to argue that the above action is not "selling data" is in my view not a reasonable position.

thinkingemote

Optics. Mozilla bungled the optics, then in their reaction, bungled it some more! They do not look good here. We respond to looks.

In objective reality it's a bit of much ado about nothing, but in today's world it's optics and perception that rules. It's subjective.

As another comment says it takes forever to gain trust and a moment to lose it all. Trust is subjective.

braiamp

I would love that detractors explain what data is being sold, exactly. Because it's the same data that you have willingly given them by using their _services_. The only change with the product is "for the purpose of doing as you request", which is the definition of an User Agent.

rcxdude

Sounds like the blog post shows that they are explicitly selling user data. Specifically data relating to the ads they show in the browser. They claim it's carefully anonymised and aggregated, but they are selling it nonetheless. The blog post is a nonsequitar with the claims in the updated 'TOS', which make no sense because they don't need a license for an executable on your PC to process and send data to the website's your visiting in line with what's expected of a web browser, only a license if they are also sending it to themselves or on behalf of themselves, which is not "what you intend" if you visit a web page or just open up a new tab.

godelski

People need to resign

It's insane to think Firefox would ever have gone this route? How disconnected is management? The move would be suicide! A major reason people use Firefox is because of privacy. The other major reason is because a user's privacy conscious child or grandchild installed it for them. That's your whole fucking userbase!

It's a shame too because they had the opportunity to double down on privacy. What with Apple caving to governments.

I was a fanboy who's been with you for nearly two decades You can check my comment history. I defended you through tough times, I've donated, and for what? A slap in the face.

You had it going with the rust rewrite and just floundered on every opportunity. You made Thunderbird pretty good and gave many hope, then floundered. You have some great devs, let them make great software

So where do we go now? What browser that isn't just a different color of chrome? Safari? No. Ladybird? Sea Monkey?

methou

The whole thing confuses me is that why would Firefox as an browser (user agent) need that legal jargon to work. Hopefully Legal Eagle or similar channels would cover this, but they are too busy with politics at the moment?

qiqitori

Time to sue Intel for releasing chips that process our inputs as we request.

tarkin2

So isn't this a good thing? The comments on here are more overwrought than rational and disinterested...

NoboruWataya

I honestly don't understand the insane levels of hate that Mozilla gets on HN and certain other corners of the internet. More than the most evil corporations on earth. I can only assume some of it is politically driven.

Firefox and Thunderbird are two of the last bastions of functional, accessible FOSS software in their respective spaces. The software landscape would be a lot more bleak without them.

It's important to hold Mozilla to account given their role (and this TOS roll-out was clearly a screw-up whatever way you look at it) but the amount of people jumping in saying that they are irredeemable now, that we must now stop using their software even if they backtrack on this, is counterproductive. And honestly I suspect a lot of the people saying that have also been saying it for years before any of this happened.