Mozilla doesn’t sell data about you (in the way that most people think about “selling data”), and we don’t buy data about you. We changed our language because some jurisdictions define “sell” more broadly than most people would usually understand that word. […]
The reason we’ve stepped away from making blanket claims that “We never sell your data” is because, in some places, the LEGAL definition of “sale of data” is broad and evolving. As an example, the California Consumer Privacy Act (CCPA) defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”
I’m not trying to be a dick or anything–that comes naturally–but yeah, Mozilla. Exchanging a good or service for money is called selling it. Since this has already been Mozilla’s practice for a while and they’re only now removing the promise because the definition of “sell” has apparently become so muddied, I don’t follow how Mozilla was describing it before now.
In order to make Firefox commercially viable, there are a number of places where we collect and share some data with our partners, including our optional ads on New Tab and providing sponsored suggestions in the search bar. We set all of this out in our Privacy Notice. Whenever we share data with our partners, we put a lot of work into making sure that the data that we share is stripped of potentially identifying information, or shared only in the aggregate, or is put through our privacy preserving technologies (like OHTTP).
I think this is really the important part and Mozilla is burying the lede by focussing on the word “sell”. I think there’s an argument to be made that “your data” is no longer “your data” once it has been de-identified. I don’t agree with that argument, but I find it more convincing than this Clinton-esque “It depends on what the meaning of the word ‘sell’ is” stuff. Mozilla isn’t selling “your data” in the sense of your name and phone number, but they are selling “all data types”, de-identified, anonymized, pseudonymized and/or in aggregate, about you.
I would still argue that that is your data and that by selling it, Mozilla is and has been selling your data. It’s nice that Mozilla isn’t blasting anybody’s actual personal biographical details to all their advertising partners, but it’s misleading to say that’s the only way “selling data” is understood.
These are some fair points. Thinking in the angle that they were kinda selling data for a while but just told us now bc of a new law; and are now muddying the word’s meaning and shading on the california law to save face; does make Mozilla look pretty bad. It makes them look worse if they were doing this for a while and told us just now.
I wonder if checking out of ads and data sending does stop all this from the user’s end or if that’s just a suggestive tick box.
I think the part I’m unclear about is what definition of selling Mozilla was using before. Here’s the update they posted to clarify the changes: https://blog.mozilla.org/en/products/firefox/update-on-terms-of-use/
I’m not trying to be a dick or anything–that comes naturally–but yeah, Mozilla. Exchanging a good or service for money is called selling it. Since this has already been Mozilla’s practice for a while and they’re only now removing the promise because the definition of “sell” has apparently become so muddied, I don’t follow how Mozilla was describing it before now.
I think this is really the important part and Mozilla is burying the lede by focussing on the word “sell”. I think there’s an argument to be made that “your data” is no longer “your data” once it has been de-identified. I don’t agree with that argument, but I find it more convincing than this Clinton-esque “It depends on what the meaning of the word ‘sell’ is” stuff. Mozilla isn’t selling “your data” in the sense of your name and phone number, but they are selling “all data types”, de-identified, anonymized, pseudonymized and/or in aggregate, about you.
I would still argue that that is your data and that by selling it, Mozilla is and has been selling your data. It’s nice that Mozilla isn’t blasting anybody’s actual personal biographical details to all their advertising partners, but it’s misleading to say that’s the only way “selling data” is understood.
These are some fair points. Thinking in the angle that they were kinda selling data for a while but just told us now bc of a new law; and are now muddying the word’s meaning and shading on the california law to save face; does make Mozilla look pretty bad. It makes them look worse if they were doing this for a while and told us just now.
I wonder if checking out of ads and data sending does stop all this from the user’s end or if that’s just a suggestive tick box.