It’s been nearly a year since we launched Firefox Focus for Android, and it has become one of the most popular privacy browsers for mobile around the world. In light of recent events, more and more consumers have growing awareness for privacy and secure products. The upcoming implementation of the General Data Protection Regulation (GDPR) in Europe later this month reflects this and, at the same time, highlights how important privacy is for all users.
At Mozilla, we’ve always valued people’s privacy and given them the opportunity to determine the data they want to share. Last year we updated our Privacy Notice to make it simple, clear and usable, and we’ve been transparent about how we collect user data. We feel well prepared for GDPR coming into effect and Firefox Focus is one of the best examples of why: This mobile browser has been ahead of its time and is well positioned as the go-to mobile product in the Age of GDPR. Now, we’re making it even more private and convenient.
Less tracking for more privacy
Up until now, Firefox Focus blocked all first party trackers of sites that were commonly known to follow users from site to site, also known as “ cross-site tracking.” From there, these sites collect “cookies” which are small data files stored by your browser. It helps publishers collect data to personalize your experiences with them. Again, Firefox Focus blocks first party trackers on the Disconnect list. Today, we are announcing a cookie management feature that also gives you control over the source of trackers that are following you. Users can now protect the visibility of their online activity through cookies on a site from other sites (third party), all sites – or not at all if they choose. You can find this under Settings, Privacy & Security, “Cookies and Site Data” to make your selection. There is a small chance that it it might not work on some sites, so we’re giving users the choice to turn it on or off. For example, advertisers use third party cookies to track your visits to various websites.
Once you click on “Block Cookies” a menu will pop-up with options to choose the different types of cookies
Autocomplete is Complete
In our previous release, we’ve included the ability to add favorite sites to an autocomplete list by adding them manually under Settings. We’ve noticed that this way might not be the quickest setup for some users. Starting today, our users will be able to conveniently and easily long-press the URL bar to select the site to add to their URL Autocomplete list. Now adding your frequently visited sites is even easier and will get you to where you want to go even faster.
The latest version of Firefox Focus for Android can be downloaded on Google Play.
We are only a few days away from May 25th, when the European General Data Protection Regulation (GDPR) will go into full effect. Since we were founded, Mozilla has always stood for and practiced a set of data privacy principles that are at the heart of privacy laws like the GDPR. And we have applied those principles, not just to Europe, but to all our users worldwide. We feel like the rest of the world is catching up to where we have been all along.
GDPR has implications for many different parts of Mozilla. Rather than give you a laundry list of GDPR stuff, in this post, we want to focus specifically on Firefox and drill down specifically into how we think about privacy-by-design and data protection impact assessments within our browser product.
Privacy By People Who Care About Privacy
Firefox, the web browser that runs on your device, is your gateway to the internet. Your browser will manage a lot of information about the websites you visit, but that information stays on your device. Mozilla, the company that makes Firefox, doesn’t collect it unless you give us permission.
Mozilla does collect a set of data that helps us to understand how people use Firefox. We’ve purposely designed our data collection with privacy protections in mind. So while the browser knows so much about you, Mozilla still knows very little.
Building a browser that is so powerful yet still respectful of our users takes a lot of effort. At Mozilla, we have teams of privacy and security engineers who are responsible for building a trustworthy browser. More than that, we have a workforce and a volunteer community that takes Mozilla’s responsibility to protect you seriously and personally. This responsibility cuts across all areas of Mozilla, including our security engineers, platform and data engineers, data scientists, product managers, marketing managers and so on. We basically have an army of people who have your back.
Rather than Privacy By Design, we do Privacy By People Who Care About Privacy.
It is important to keep this in mind when we think about the GDPR’s privacy-by-design requirements. Regardless of any regulatory requirement, including GDPR, if an organization and its people aren’t rooted in a commitment to privacy, any privacy-by-design process will fail. It is our people’s commitment to the Mozilla mission that undergirds our design processes and serves as the most important backstop for protecting our users.
Okay, enough throat clearing. At Mozilla, we do have plenty of design processes to identify and deeply engage on privacy risks; code reviews, security and privacy reviews, intensive product and infrastructure audits, and public forums for anyone to contribute concerns and solutions.
Our Firefox data collection review process is the cornerstone of our effort to meaningfully practice privacy-by-design and assess privacy impacts to our users. We believe it is consistent with the GDPR’s requirements for privacy impact assessments. Mozilla has had this process in place for several years and revamped it in 2017.
Here are a few key pieces of that process:
Before we look at any privacy risk, we need to know there is a valid analytic basis for the data collection. That is why our review process starts with a few simple questions about why Mozilla needs to collect the data, how much data is necessary, and what specific measurements will be taken. Mozilla employees who propose additional data collection must first answer these questions on our review form.
Second, our Data Stewards – designated individuals on our Firefox team – will review the answers, ensure there is public documentation for data collection, and make sure users can turn data collection on and off.
Third, we categorize data collection by different levels of privacy risk, which you can find in more detail here. The data category for the proposed collection must be identified as part of the review. For proposals to collect data in higher risk categories, the data collection must be default off.
Complex data collection requests, such as those to collect more sensitive data or those that call for a new data collection mechanism, will escalate from our Data Stewards to our Trust and Legal teams. Further privacy, policy, or legal analysis will then be done to assess privacy impact and identify appropriate mitigations.
The results of this review process, as well as in depth descriptions of our data categories and the process itself, can be found publicly on the web. And you can find the full documentation for Firefox data collection here.
But Wait, There’s More!
This process is just one of the many tools we have to protect and empower the people who use our products. Last year, we completely rewrote our privacy notice to provide clear, simple language about the browser. The notice includes links directly to our Firefox privacy settings page, so users can turn off data collection if they read something on the notice they don’t like.
We redesigned those privacy settings to make them easier to use (check out about:preferences#privacy in the Firefox Browser). This page serves as a one-stop shop for anyone looking to take control of their privacy in Firefox. And we revamped Firefox onboarding by showing new users the Firefox privacy notice right on the second tab the very first time they use the browser.
It’s easier today than ever before to take control of your privacy in the Firefox browser. As you can see, limited data, transparency, choice – all GDPR principles – are deeply embedded in how all of us at Mozilla think about and design privacy for you.
The Tech Museum of Innovation in San Jose was filled on Thursday with visitors experiencing new takes on the issue of fake news by artists using mixed reality, card games and even scratch and sniff cards. These installations were the results of Mozilla’ Reality Redrawn challenge. We launched the competition last December to make the power of misinformation and its potential impacts visible and visceral. Winners were announced in February.
One contributor, Australian artist Sutu was previously commissioned by Marvel and Google to create Tilt Brush Virtual Reality paintings and was the feature subject of the 2014 ABC documentary, Cyber Dreaming’. For Breaking News at the Tech, he used AR animation to show the reconstruction of an article in real time and illustrate the thought process behind creating a fake news story. Using the AR app EyeJack, you can see the front page of the New York Times come to life with animation and sound as the stories are deconstructed and multiple viewpoints are presented simultaneously:
Breaking News, by Sutu(Photography by Nick Leoni)
Visitors on opening night of this limited run exhibition also enjoyed conversation on stage around the topic from Marketplace Tech Host Molly Wood, Wired Contributing Editor Fred Vogelstein, BBC North America Technology Correspondent Dave Lee and our own Fellow on Media, Misinformation and Trust, Ren?e DiResta. There was a powerful message by video from the Miami Herald’s reporter Alex Harris. She found herself the target of a misinformation campaign while reporting on the tragedy at Marjory Stoneman Douglas High School in Parkland, Florida.
Reality Redrawn is open until June 2 at the Tech and admission is included with entry to the museum. Follow the link to find out more about ticket prices for the Tech. >link to find out more about ticket prices for the Tech. If you’re visiting the Bay Area soon I hope you’ll make time to see how it’s possible to make some sense of the strange journeys our minds take when attacked by fake news and other misinformation.
The post Reality Redrawn Opens At The Tech appeared first on The Mozilla Blog.
Today, the U.S. Senate passed a Congressional Review Act (CRA) resolution to save net neutrality and overturn the FCC’s disastrous order to end net neutrality protections.
We’re pleased this resolution passed – it’s a huge step, but the battle to protect net neutrality and reinstate the 2015 rules isn’t over. The next step is for the motion to go to the House of Representatives for a vote before the order is supposed to go into effect on June 11. Unfortunately, the rules in the House will make passage much harder than in the Senate; at this point, it’s not clear when, or if, there will be a vote there.
We will continue to fight for net neutrality in every way possible as we try to protect against erosion into a discriminatory internet, with ultimately a far worse experience for any users and businesses who don’t pay more for special treatment.
We are leading the legal battle in Mozilla v. FCC, working closely with policymakers, and educating consumers through advocacy for an open, equal, accessible internet.
And, we’re not alone – last week we partnered with organizations like Consumer Reports and the Electronic Frontier Foundation in the Red Alert protest to encourage Americans to call Congress in support of net neutrality. Consumers also share their support for the net neutrality fight- we recently conducted a poll that shows 91% of Americans believe consumers should be able to freely and quickly access their preferred content on the internet.
As I said in December– The FCC decision to obliterate the 2015 net neutrality protections is the result of broken processes, broken politics, and broken policies. The end of net neutrality would only benefit Internet Service Providers (ISPs) and it would end the internet as we know it, harming every day users and small businesses, eroding free speech, competition, innovation and user choice in the process.
Net neutrality is a core characteristic of the internet, and crucial for the economy and everyday lives. It is imperative that all internet traffic be treated equally, without discrimination against content or type of traffic — that’s how the internet was built and what has made it one of the greatest inventions of all time.
We’ll keep fighting for the open internet, and so we ask you to call your members of Congress to make sure that politicians decide to protect their constituents rather than increase the power of ISPs.
A research report from Mozilla and Open Tech Strategies provides new perspectives on framing open source strategy. The report builds on Mozilla’s “ Open by Design” strategy, which aims to increase the intent and impact of collaborative technology projects.
The basic freedoms offered by Mozilla’s open source projects?—?the famous “Four Freedoms” originally defined by the FSF?—?are unambiguous. But they only define the rights conveyed by the software’s license. People often have expectations that go well beyond that strict definition: expectations about development models, business models, community structure, even tool chains. It is even not uncommon for open source projects to be criticised for failing to comply with those unspoken expectations.
We recognize that there is no one true model. As Mozilla evolves more and more into a multi-product organization, there will be different models that suit different products and different environments. Structure, governance, and licensing policies should all be explicit choices based on the strategic goals of an open source project. A challenge for any organization is how to articulate these choices, or to put it simply, how do you answer the question, “what kind of open source project is this?”.
To answer the question, we wanted to develop a set of basic models?—?“archetypes”?—?that projects could aim for, modifying them as needed, but providing a shared vocabulary for discussing how to think about any given project. We were delighted to be able to partner with one of the leading authorities in open source, Open Tech Strategies, in defining these archetypes. Their depth of knowledge and fresh perspective has created something we believe offers unique value.
The resulting framework consists of 10 common archetypes, covering things from business objectives to licensing, community standards, component coupling and project governance. It also contains some practical advice on how to use the framework and on how to set up your project.
20 years after the Open Source Initiative was founded, open source is widespread (and has inspired methods of peer production beyond the realm of software). Although this report was tailored to advance open source strategies and project design within Mozilla, and with the organizations and communities we work with, we also believe that this challenge is not unique to us. We suspect there will be many other organizations, both commercial and non-commercial, who will benefit from the model.
You can download the report here. Like so many things, it will never be “done”. After more hands-on-use with Mozilla projects, we intend to work with Open Tech Strategies on a version that expands its sights beyond Mozilla’s borders.
Right now everybody’s talking about the right way to make the products that we love meet our individual needs AND respect our privacy.
At Mozilla, striking this balance has been our bread and butter for more than two decades. With today’s release of Firefox, we’re bringing you more features and tools that allow you to personalize your browser without sacrificing your privacy.
Here’s what’s coming out in today’s Firefox Release:
Enterprise IT pros can customize Firefox Quantum for the office
It’s not uncommon for people to use many different browsers, one they personally use at home and another at the office. Similar to how you set up your own Firefox browser with your personal preferences, Firefox Quantum for Enterprise can now be customized by your employer to optimize for performance on the job and meet the specific needs of your workplace.
Today’s release has a new feature to support IT professionals who want to customize the browser for their employees. IT professionals can now configure Firefox for their organization, either using Group Policy on Windows, or a JSON file that works across the Mac, Linux, and Windows operating systems. Here’s a look at how it works:
Easily configure Firefox with Windows Group Policy
IT professionals can choose to deploy either the standard Rapid Release (RR) of Firefox or the Extended Support Release (ESR). The standard Rapid Release auto-updates with performance improvements and new features roughly every six weeks, while the Extended Support Release usually receives these features in one big upgrade per year. Both Rapid Release and Extended Support Release receive critical security updates as soon as possible. With today’s release, the Extended Support Release of Firefox is now version 60.
Almost every online transaction we make, from paying bills to buying movie tickets, needs a password to access our personal online accounts securely. Today, Firefox is the first browser to support a new security standard, Web Authentication (WebAuthn).
With Firefox, WebAuthn allows people to use a single device like a YubiKey to log into their online accounts without typing a password, or as secondary authentication after entering a password. Only websites that have adopted WebAuthn will recognize your YubiKey and allow you access. Essentially, WebAuthn is a set of anti-phishing rules that uses a sophisticated level of authenticators and cryptography to protect user accounts. It supports various authenticators, such as physical security keys today, and in the future mobile phones, or biometric mechanisms such as face recognition or fingerprints. When your YubiKey is plugged in, the website will read it and automatically log you into your accounts. Web developers and product managers interested in learning more about WebAuthn can read about it on our Hacks Blog.
New Tab Experience Gets Personal Treatment, plus Pocket sponsored stories
The New Tab Experience was one of the features we rolled out with Firefox Quantum last year. We launched it as a visual snapshot of the top sites you’ve visited, recent history and bookmarks, and recommendations from Pocket. And from what we’ve heard from our users, it gets them faster to the sites they visit and check frequently.
Today, when you click on the New Tab, you’ll see a wider layout which includes Search, Top Sites, Recommendations by Pocket and Highlights. “Top Sites” is one of our most requested features so we increased the “Top Sites” menu from six to eight icons and increased the size of the “Highlights” icons.
As part of our exploration into new models that can support high quality content on the web, users in the US may now see an occasional sponsored story within Pocket’s recommendation section on New Tab. It’s part of our focus to deliver personalization, without sacrificing user privacy. What’s unique is that all the recommendations happen on your computer, meaning neither Mozilla, Pocket, nor sponsors receive a copy of your browsing history. You can learn more about how the process works here.
Firefox for Android gets faster with a new CSS engine
One of the elements which made the launch of our new Firefox Quantum browser successful was the addition of our new CSS engine, Stylo. It’s written in Rust, a systems programming language sponsored by Mozilla. Today, we’re shipping Firefox for Android with Stylo, giving it a Firefox Quantum boost. It takes better advantage of mobile devices with multiple cores that are optimized for low power consumption, which is perfect for anyone on the go.
The Red Alert protest raises awareness about net neutrality’s importance, and the means for keeping it intact: In mid-May, the Senate will vote on a Congressional Review Act (CRA) resolution to overturn the FCC’s net neutrality repeal. We’re partnering with organizations like Consumer Reports, the Electronic Frontier Foundation, and Reddit to encourage Americans to call Congress in support of net neutrality.
Says Ashley Boyd, Mozilla’s VP of Advocacy:
“Policymakers need to listen to their constituents: The majority of Americans are in favor of strong net neutrality rules. Mozilla’s latest public opinion poll reveals that outside of Washington, D.C., net neutrality isn’t a partisan issue. 91% of Americans believe consumers should be able to freely and quickly access their preferred content on the internet.”
Says Denelle Dixon, Mozilla COO:
“We are proud to be a leader in the fight for net neutrality both through our legal challenge in Mozilla v. FCC and through our deep work in education and advocacy for an open, equal, accessible internet. Today, Mozilla joins many other companies and civil society organizations to take another stand for net neutrality, as we try to protect against erosion into a discriminatory internet, with ultimately a far worse experience for any users and businesses who don’t pay more for special treatment.”
“Mozilla will always fight for net neutrality because it is fundamental for free speech, competition, and innovation online. Net neutrality is a core characteristic of the internet as we know it, and crucial for the economy and everyday lives. It is imperative that all internet traffic be treated equally, without discrimination against content or type of traffic — that’s how the internet was built and what has made it one of the greatest inventions of all time.”
Last month, Mozilla published results from a nationwide poll that reveals where Americans stand on net neutrality. The survey reinforces what grassroots action has already demonstrated: Americans support equal access.
Mozilla and Ipsos conducted this public opinion poll in February of 2018, surveying 1,007 American adults from across 50 states. Among our key findings:
Outside of Washington, D.C., net neutrality isn’t a partisan issue. Americans from red and blue states alike agree that equal access to the internet is a right: 79% of Colorado residents, 81% of Arizona residents, and 80% of North Carolina residents
91% of Americans believe consumers should be able to freely and quickly access their preferred content on the internet. Only 9% of Americans think ISPs should be able to offer fast lanes with quicker load times. Support for net neutrality is growing: When Mozilla and Ipsos asked this same question in 2017, 86% of Americans believed the former.
78% of Americans believe equal access to the internet is a right. This opinion is most common among younger Americans (84% of adults under the age of 35).
76% of Americans believe internet service providers (ISPs) should treat all consumer data the same, and not speed up or slow down specific content. This opinion is most common among older Americans (80% of adults ages 55+) and Americans with a college degree (81%).
63% of Americans do not think that ISPs will voluntarily look out for consumers’ best interests, compared to 32% who agree with this statement. Faith in ISPs in declining: When Mozilla and Ipsos asked this same question in 2017, 37% of Americans trusted ISPs.
Facebook has been in the news a lot lately. It started with the announcement that over 87 million Facebook users had their personal information shared with the private firm Cambridge Analytica without their knowledge. Since then, Facebook CEO Mark Zuckerberg has testified twice in front of the US Congress and people all around the world have been talking about Facebook’s data practices. We took this opportunity to survey people on how they felt about Facebook these days. 47,000 people responded to our survey. The data is interesting and open for your exploration.
The top takeaways? Most people ( 76%) say they are very concerned about the safety of their personal information online. Yet few people ( 24%) reported making changes to their Facebook accounts following the recent news of privacy concerns around Facebook. The majority of people who responded to our survey ( 65%) see themselves?—?rather than companies or the government?—?as being most responsible for protecting their personal information online. And very few people (only 12%) said they would consider paying for Facebook, even a version of Facebook that doesn’t make money by collecting and selling personal data.
Mozilla believes in making our survey data open and accessible to everyone safely and respectfully, without sharing any personally identifying information. If you would like to go deeper into this survey data, we built this awesome interactive tool for you. Enjoy!
This was not a scientific poll. This was a self-selecting survey targeted mostly at people on the Mozilla Foundation email list, the Pocket newsletter email list, through the Mozilla Twitter channel, through a Medium blog post, and through users sharing with friends and family.
Mozilla makes this data available under a CC BY 4.0 license.
Enjoy this open data? Care about things like privacy, data, the Internet being awesome. Sign up here and we at Mozilla will keep you updated with the latest news and useful information.
I’m excited to announce that Chris Lin is joining us today as our new Vice President of IT.
Chris will work closely with me to scale our impact and optimize operational efficiency. He will be responsible for the strategy, execution and operations of Mozilla’s business technology, information security, data management, network and infrastructure services.
“I am honored to join Mozilla at such an exciting juncture and work with the IT team to support the organization as we develop and grow our business and technical expertise,” said Chris Lin, Mozilla VP of IT. “Mozilla is a truly mission-driven organization with great products and technologies while also promoting internet health including privacy, security, openness, decentralization, digital inclusion, and web literacy. It’s wonderful to be part of Mozilla and contribute to our mission.”
Chris Lin joins Mozilla with a vast wealth of experience in IT, infrastructure, product management and cloud services. Chris was most recently at Facebook where he was Director of Enterprise Platform Infrastructure overseeing software-centric platform engineering, infrastructure services, applications operations, and data operations for Facebook business. Chris previously held other leadership roles in the industry including Vice President of Infrastructure AutoDesk, VP of Engineering & Infrastructure Operations at Symantec, and Principal of Architecture Services at VeriSign. Chris is also the founder and former President and CEO of iDini Corporation, a provider of scalable network computing for carrier-grade cloud services serving mobile devices.
Mozilla’s fifth-annual Global Sprint is May 10 and 11. Open-source engineers and activists around the globe will swap code and ideas to make the internet a healthier place
A decentralized alternative to today’s social media platforms. A community-built air quality monitor to thwart pollution in Buenos Aires. An open-source investigative tool for journalists in Hungary.
These are just three of nearly 150 projects from 24 countries participating in the 2018 Global Sprint, Mozilla’s fifth-annual distributed hackathon. Each year, coders, scientists, artists and activists gather online and in person for 48 hours to collaborate on open-source projects. This year’s Global Sprint is happening Thursday, May 10 and Friday, May 11.
“The Global Sprint is a way for the open-source community to swap code and ideas and energize their latest projects,” says Zannah Marsh, Mozilla’s Learning Strategist who helps lead the hackathon. “But the Sprint has a bigger mission, too. It introduces more people to the value of open-source approaches. And so many of the people and projects participating address the biggest issues online today — erosion of privacy, centralization of power, disenfranchisement. In the Sprint’s 48 hours, solutions to these issues take a big step forward.”
Here’s a snapshot of some of the projects, people, and places participating:
In Accra, Ghana, Yannick-No?l Aka is rallying coders from Nigeria, Kenya, South Africa and Cote d’Ivoire to participate. Learn more»
In Portland, OR, neuroscientists and civic hackers are working shoulder-to-shoulder on issues like disaster resilience and open protocols. Learn more»
Parliamentary Debates Open is seeking coders and designers to further expand the tool, a resource for investigative journalists in Hungary. Learn more»
The Commons Platform is seeking feedback on its model, a decentralized and cooperatively-owned social media destination. Learn more»