Privacy/Roadmap/Tracking

From MozillaWiki
Jump to: navigation, search

Background

Tracking is any technique that can be used to accumulate history (purchases, browsing, messaging) and associate it with a particular person. There are many reasons for organizations to engage in tracking, including behavioral advertising, customized content, conversions, and government surveillance. Many of these reasons are legitimate -- in fact advertising revenue subsidizes almost all free web content. However, a combination of industry and government forces have aligned in a way to incentivize silent, invisible wholesale data collection of personal information. Because typical users don't recognize when or how data collection happens, it essentially takes place without user consent.

In this roadmap we focus on three major sources of tracking:

  • Tracking for the purposes of advertising
  • Tracking via social widgets, such as the Facebook "Like" button, the Twitter retweet button, or the Google +1 button
  • Tracking via physical devices such as mobile phones.

Goal: Firefox users know when they are being tracked

Lightbeam is a Firefox addon that enables users to visualize network connections. Lightbeam already does a good job at showing users their network connections. We want to make Lightbeam even more powerful by translating this information into a human-understandable format: who is tracking you, and what can you do about it? The Lightbeam roadmap discusses improvements to visualization, including per-tab visualization and automatically identifying tracking domains.

Goal: Firefox users can avoid being tracked

Tracking protection in Firefox

See Security/Tracking protection.

Tracking protection from social widgets

Social widgets such as the Facebook “Like” button and the Google “+1” button can be used for tracking, are embedded on 20% of sites worldwide and generate billions of impressions daily. These widgets transmit identifiers such as cookies on load, regardless of whether the user interacts with the widget. In some cases the NSA has used this feature to identify surveillance targets [1].

For users who have a first-party relationship with these service providers, blocking network loads entirely is not an option. However, we can improve privacy properties of these widgets by doing one of the following:

  • Serve the widgets from locally cached copies so that no network traffic is sent unless the user interacts with the widgets.
  • Block cookies on network requests that serve these widgets until the user interacts with the widget.

Physical tracking protection

Physical tracking is becoming increasingly important in brick-and-mortar stores [[2]]. Because networked devices broadcast their MAC address during wireless network discovery, simply entering the range of a wireless access point enables the wireless provider to track the device, whether or not the device connects successfully to the network. Wifi tracking is something that can only be tacked at the OS level.