Friends/Firefox

From MozillaWiki
Revision as of 00:58, 15 November 2011 by Ddahl (talk | contribs) (Created page with "Firefox Team =Guidelines for Firefox Engineering= The Firefox team is on the forefront of providing a safe and secure browsing experience to web users. ==Mozilla Privacy Prin...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Firefox Team

Guidelines for Firefox Engineering

The Firefox team is on the forefront of providing a safe and secure browsing experience to web users.

Mozilla Privacy Principles

No Surprises

Always be open about how users' data is treated. Ensure that the user is always in control of their data, even when the data is provided to improve security of a system (for example, Safe Browsing/antiphishing in Firefox).

Collected data should be used only for the purposes for which users have granted us permission, always avoiding secondary (surprising) uses of the data. By avoiding surprises, we build on our promise to users that it is their data, and they are in control.

Real Choices

Ensure that users are not overwhelmed by decisions we ask them to make; it is not reasonable to expect them to be security experts and any prompts or questions asked of them should be in plain language and understandable by the majority of our user base.

Sensible Settings

Prompting is not always a good idea when security decisions are complex. We should use sensible defaults for most settings that users are unlikely to change. Rationale for data collection or use should be outlined in a publicly accessible way (available and clear), but we should also not bother users needlessly.

By choosing sensible defaults, we give users who aren't privacy experts a head start towards understanding and controlling what happens to their data, and reduce the chance of surprises.

Limited Data

Simply: if we don't need to obtain it, don't. If we don't need to keep it, don't. One of our focuses should be making sure that teams we work with only operate on the data needed for the task at hand. Anything extra is a liability without any benefit.

User Control

We should help our organization develop technologies that not only require less access to users' data by Mozilla, but actually wrap it up in a way where the data can be exposed only as absolutely necessary and as authorized directly by the user.

Trusted Third Parties

When we enter into 3rd party transactions we should understand the privacy practices of the 3rd party and evaluate those against our principles. Projects like safe browsing, crash reporting, and others that involve third parties should be driven in a way that extends to these parties the principles by which we operate.