Changes

At Mozilla, like at many other organizations, we rely on data to make product decisions. But here, unlike many other organizations, we balance our goal of collecting useful, high-quality data with our goal to give users meaningful choice and control over their own data. The Firefox Mozilla data collection program was created to ensure we achieve both goals whenever we make a change to how we collect data in our products.

To request a review for new or changed Data Collection in Firefoxa Mozilla product, Data Review requesters are required to provide the following:

** If your chosen a Data Steward doesn't get to your review within a couple of days, please [https://chat.mozilla.org/#/room/#data-stewards:mozilla.org reach out to us on Matrix].

: Information This includes information about the machine or Firefox software application itselfin which there is no or little risk of personal identification.  :Examples include OS, available memory, crashes and errors, outcome of automated processes like updates, safebrowsing, activation, version #s, and buildidetc. This also includes aggregated compatibility information about features and APIs used API usage by websites, addons, and other 3rd-party software that interact with Firefox the application during usage.  : It also includes information about the user's settings that is necessary to provide functionality. For example, what applications users have connected to a service or what services users have logged into using a Firefox Account.

: Information This includes information about the user’s direct engagement with Firefoxthe service in which there is no or little risk of personal identification.  :Examples include how many tabs, addons, or windows devices a user has open; uses of synced, engagement with specific Firefox features; like clicks, scroll position, audio and session length, scrolls status of user preferences, and account activity levels. : It also includes information about the user's in-product journeys and clicksproduct choices helpful to understand engagement (attitudes). For example, selections of add-ons or tiles to determine potential interest categories etc. ; '''Category 3 “Stored Content & Communications”''': This includes information about what people store, sync, communicate or connect to where the information is generally considered to be more sensitive and personal in nature.  :Examples include users' saved URLs or URL history, specific web browsing history, general information about their web browsing history (such as TLDs or categories of webpages visited over time) and the status potentially certain types of interaction data about specific web pages or stories visited (such as highlighted portions of a story). : It also includes information such as content saved by users to an individual account like saved URLs, tags, notes, passwords and files as well as communications that users have with one another through a Mozilla service. ; '''Category 4 “Highly sensitive or clearly identifiable personal data”''': Information that directly identifies a person, or if combined with other data could identify a person. This data may be embedded within specific website content, such as memory contents, dumps, captures of discrete user preferencesscreen data, or DOM data. : Examples include account registration data like name, password, and email address associated with an account, payment data in connection with subscriptions or donations, contact information such as phone numbers or mailing addresses, email addresses associated with surveys, promotions and customer support contacts.

; '''Category 3 “Web activity data”''': Information about user web browsing It also includes any data from different categories that could be considered sensitive, when combined, can identify a person, device, household or account. Examples include users’ specific web browsing history; general information about their web browsing history (such as TLDs or categories of webpages visited over time); and potentially certain types of interaction For example: Category 1 log data about specific webpages visitedcombined with Category 3 saved URLs.

; '''Category 4 “Highly sensitive data”''': Information that directly identifies Additional examples are: voice audio commands (including a personvoice audio file), speech-to-text or if combined with other data could identify a person. Examples include etext-to-mailspeech (including transcripts), usernamesbiometric data, identifiers such as google ad iddemographic information, apple idand precise location data associated with a persistent identifier, fxaccount, city individual or country (unless small ones are explicitly filtered out), or certain cookiespopulation cohorts. It may be embedded within specific website content, This is location inferred or determined from mechanisms other than IP such as memory contentswi-fi access poinits, dumpsBluetooth beacons, captures of screen datacell phone towers or provided directly to us, such as in a survey or DOM dataa profile.:

Every year, the data collection owner and peers will survey all of the existing data collection systems with Firefoxfor their product or project. This survey has the following goals: