Confirmed users
238
edits
Privacy/Roadmap/2014: Difference between revisions
no edit summary
No edit summary |
No edit summary |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 2: | Line 2: | ||
== Background == | == Background == | ||
Tracking is any technique that can be used to accumulate history (purchases, browsing, messaging) and associate it with a particular person. There are many reasons for organizations to engage in tracking, including behavioral advertising, customized content, conversions, and government surveillance. Many of these reasons are legitimate -- in fact advertising revenue subsidizes almost all free web content. However, a combination of industry and government forces have aligned in a way to incentivize silent, invisible wholesale data collection of personal information. Because typical users don't recognize when or how data collection happens, it essentially takes place without user consent. | Tracking is any technique that can be used to accumulate history (purchases, browsing, messaging) and associate it with a particular person. There are many reasons for organizations to engage in tracking, including behavioral advertising, customized content, conversions, and government surveillance. Many of these reasons are legitimate -- in fact advertising revenue subsidizes almost all free web content. However, a combination of industry and government forces have aligned in a way to incentivize silent, invisible wholesale data collection of personal information. Because typical users don't recognize when or how data collection happens, it essentially takes place without user consent. | ||
In this roadmap we focus on three major sources of tracking: | In this roadmap we focus on three major sources of tracking: | ||
| Line 14: | Line 12: | ||
== Goal: Firefox users can avoid being tracked == | == Goal: Firefox users can avoid being tracked == | ||
In Lightbeam, once we have the ability to automatically identify tracking domains, we can offer people the option to disallow network connections to those domains. This work is | === Tracking protection in Lightbeam === | ||
In Lightbeam, once we have the ability to automatically identify tracking domains, we can offer people the option to disallow network connections to those domains. This work is discussed in the [https://github.com/mozilla/lightbeam/wiki/Lightbeam-Roadmap Lightbeam roadmap]. | |||
=== Tracking protection in Firefox === | |||
Lightbeam currently has 500K active daily installations. We eventually want to make Lightbeam features available to all Firefox users. Experiments in Lightbeam will serve as a valuable testing ground for determining the best user experience for tracking protection. Although Firefox already supports DoNotTrack, the DNT is not enforceable on the client side. With our learnings from Lightbeam, we can port the most useful tracking protection features to Firefox to make DNT "with teeth" available to more people. | Lightbeam currently has 500K active daily installations. We eventually want to make Lightbeam features available to all Firefox users. Experiments in Lightbeam will serve as a valuable testing ground for determining the best user experience for tracking protection. Although Firefox already supports DoNotTrack, the DNT is not enforceable on the client side. With our learnings from Lightbeam, we can port the most useful tracking protection features to Firefox to make DNT "with teeth" available to more people. | ||
* | === Tracking protection from social widgets === | ||
* | Social widgets such as the Facebook “Like” button and the Google “+1” button can be used for tracking, are embedded on 20% of sites worldwide and generate billions of impressions daily. These widgets transmit identifiers such as cookies on load, regardless of whether the user interacts with the widget. In some cases the NSA has used this feature to identify surveillance targets [[http://www.washingtonpost.com/blogs/the-switch/wp/2013/12/10/nsa-uses-google-cookies-to-pinpoint-targets-for-hacking/]]. | ||
For users who have a first-party relationship with these service providers, blocking network loads entirely is not an option. However, we can improve privacy properties of these widgets by doing one of the following: | |||
* Serve the widgets from locally cached copies so that no network traffic is sent unless the user interacts with the widgets. | |||
* Block cookies on network requests that serve these widgets until the user interacts with the widget. | |||
== | === Physical tracking protection === | ||
Physical tracking is becoming increasingly important in brick-and-mortar stores [[http://centerformediajustice.org/wp-content/files/WALMART_PRIVACY_.pdf]]. Because networked devices broadcast their MAC address during wireless network discovery, simply entering the range of a wireless access point enables the wireless provider to track the device, whether or not the device connects successfully to the network. Wifi tracking is something that can only be tacked at the OS level. | |||
== Goal: | == Goal: Mozilla transforms the discussion around tracking with science == | ||
Currently, technical and policy decisions around tracking mechanisms such as cookies are not based experiments conducted on publicly available data sets. Lightbeam strives to enable work in this area to be reproducible and open by encouraging its users to contribute their Lightbeam graphs back to Mozilla, so aggregate, de-identified data can be shared with the scientific community. | |||