Mozilla has been under fire for shipping a private attribution prototype feature to Firefox 128, enabled by default, and is reportedly being used to collect extensive personal data for advertisers. Firefox CTO Bobby Holley has cleared the air by indicating the approach is designed to help advertisers achieve their goals without compromising the user’s privacy. The approach sieves through surveillance parts deployed by advertisers to ensure the user’s data remains private.
Firefox is arguably one of the best privacy-focused browsers, free from “shady privacy notices and advertiser backdoors.” However, it recently received backlash after shipping an experimental feature—Privacy-preserving attribution, which collects data for advertisers. The privacy-sensitive feature is enabled by default, which made users more concerned about Firefox’s commitment to its promise of safeguarding the user’s privacy. The company CTO Bobby Holley took to Reddit to address some of the privacy concerns raised.
A Word About Private Attribution in Firefox
Holley indicated that the internet has turned into “a massive web surveillance,” while talking about Mozilla’s anti-tracking features designed to cripple these techniques. While the features successfully thwart these surveillance techniques, Mozilla’s efforts are limited by two major impediments:
- Economic Incentives: Advertisers have access to enormous economic incentives that make it easier to circumvent the measures put in place to keep their surveillance techniques at bay.
- Lack of Alternatives: The lack of alternatives doesn’t make the situation better. The measures are limited to Firefox users, but Mozilla’s ultimate goal is to “improve privacy for everyone.”
With the rapid evolution of advertising as an economic model, it’s increasingly becoming harder to maintain desired privacy standards for users. “It’s a powerful industry that’s not going to pack up and go away,” added Holley. “A mechanism for advertisers to accomplish their goals in a way that did not entail gathering a bunch of personal data would be a profound improvement to the Internet we have today, and so we’ve invested a significant amount of technical effort into trying to figure it out.”
How does Mozilla maintain the user’s privacy but still keeps advertisers happy?
The new approach leverages a Multi-Party Computation (MPC) system called DAP/Prio. Its privacy properties have been analyzed to identify loopholes. The prototype is temporary and restricted to a handful of test sites. It’s worth noting that it only works in Firefox. The company intends to use the findings to improve the effectiveness and efficiency of the final product.
According to Firefox’s CTO: “The privacy properties of this prototype are much stronger than even some garden variety features of the web platform, and unlike those of most other proposals in this space, meet our high bar for default behavior.” While the prototype allows advertisers to access the data they want from users, it does so without compromising user privacy.