Emilis@GitHub: Dear Mozilla, stop watching me...

I have signed the StopWatching.Us letter today. I am not a US citizen, so even if the letter succeeds, I don’t think my privacy will improve substantially. But at least I did something.

I am not sure what could solve the current privacy crisis and return our rights back. I think that lobbyism is only part of a possible successful solution, because a big part of the problem is a very technological one.

Consider piracy. It is a complex problem, but part of it is that copying and transferring copyrighted data is so cheap, easy and fast nowadays. You can’t put that genie back in the bottle. Similarly copying and transfering our private data is also getting cheaper, easier and faster every day.

I don’t think that my private data will end up exclusively at the NSA. Some of it may have already reached UK or Australia, most of it will probably end up everywhere eventually. Because leaking, selling or stealing it is also getting cheaper, easier and faster. There are some regimes close to my nations borders that I am much more worried about than USA, UK or Australia.

I think gathering data is a big part of the privacy problem that may be solved or improved. I try to avoid exposing my own private data as much as I can. I avoid Facebook and Google, personalized discount cards, stick to free software, etc.. I am always looking into what else I could do.

I also think privacy conscious organizations (like the Mozilla Foundation) should lead others by avoiding to gather information about me.

Update 2013-06-17 10:16 EET:</em> My intent is not to point fingers at Mozilla for what they do, but for all of us to take a moment to re-asses what we are doing with our user data. I am guilty of such practices myself. Until recently I used Google Analytics on this blog.

But I received this message ~~today~~ a couple of days ago from Mozilla, full of tracking links and images. See for yourself:

Date: Fri, 14 Jun 2013 17:28:38 +0000
...
From: "Mark Surman, Mozilla.org" <joinmozilla@mozilla.org>
Subject: Stop watching us
Message-ID: <f121f5a56caa2c184daabf2169a65b46@bounce.bluestatedigital.com>

The personalized links are in the HTML part of the message. It is funny that Thunderbird displays the full personalized link in the statusbar, even though they tried to disguise it with a title="..." attribute:

<a href=3D"https://sendto.mozilla.org/page/m=
/29b5e3cb/6a8d42ca/163f6d38/5cda3f54/3611907196/VEsH/" style=3D"color: =
#ec3e36; font-family: Trebuchet MS, Verdana, Arial, Helvetica, sans-serif; =
font-size: 13px; line-height: 1.5; font-weight: bold;" =
title=3D"https://sendto.mozilla.org/Stop-Watching-Us-1"><span =
style=3D"color: #ec3e36;">Stop watching us.</span></a>

Comments

@lilith2u 2013-06-16 18:10:19 +0000

Thanks! Have you seen the many privacy add-ons in mozila also the new Aurora browser?

Emilis Dambauskas 2013-06-16 18:51:03 +0000

I am a fan and a supporter of Mozilla. I noticed the tracking image in the email with the help of Thunderbird's "block remote content" setting. I am aware of many of the add-ons and settings that Mozilla applications allow. The purpose of my post is not to expose Mozilla, but to show how deep we all are in this tracking and gathering user data business. In some of my work I am guilty myself of such practices.I think we should take an opportunity in this crisis to rethink what we do and how we do it.

Dave 2013-06-16 19:44:31 +0000

To sign the petition, you had to click the "I agree to Mozilla's privacy policy" button, which clearly states that they use "Interactive Product Features" and "Clear GIFs" for analytics. They also promise to use these features to aggregate, not identify users.https://www.mozilla.org/en-US/privacy-policy.html

Emilis Dambauskas 2013-06-16 23:47:40 +0000

The email I received was from a Mozilla newsletter, not from the StopWatching.us list. I am sorry for the confusion.Nevertheless I still think *gathering* too much data is part of the problem.

Byron 2013-06-16 22:19:51 +0000

Perhaps an opt in identity code might work to assuage many (but never all) fears we have of the Police State. It might work something like this.You opt in to any search engine or other on-line service that collects data such as subscription based services, etc. by accepting a descriptive code that only two entities have access to with your personal name attached: law enforcement with a warrant, and the service itself.If, for instance, a bank wants to sell credit services to a group of people who fit into a certain category, then they would buy the aggregate information of that group from a search engine (say google) and allow google to distribute the bank's ad/application. This way, those who respond would provide their personal identifiers the same as if they walked into a branch to sign up for the service. The bank would only have the "metadata" by the aggregated codes. It's basically the same as the bank putting a sign in their window advertising their service to all who pass by on the sidewalk outside. The bank does not know the identity of the people passing their branch, (not yet anyway) but hopes the ad in the window will pull in the unidentified passerby and then they can turn them into a customer.Law enforcement too would have the coded metadata and if they culled "profiled" on-line behavior that was criminal, they would then be able to get a proper warrant. Otherwise, listening in on phone calls (such as happened to Elliot Spitzer and causing a career resignation) would not allow governments, corporations, or individuals to embarrass people because they cheat on their husbands, support unsavory political parties, or any other embarrassing, but not illegal behavior.Too expensive and time consuming, you say.. Okay, maybe so, but what price do you put on the freedoms afforded by the 4th Amendment to the American Constitution.

Michael 2013-06-16 23:01:23 +0000

This is standard stuff to get the rate of who opened the email. This isn't big-brother stuff and certainly not a huge dramatic revelation.

jack 2013-06-17 00:26:01 +0000

Is there a need for a verified 3rd party, who only aggregates the information the said website says it does, and throws the rest away.Something run by EFF or its likes, to which mozilla others pay a subscription to use?that way, websites can get some info such as response rates or other things that they can be open about, and users who click on that link can find out exactly what is being gathered, what is being delivered, and when all that information will be scrubbed.

Jason 2013-06-17 02:19:41 +0000

> But knowing that this data of your users will be easy to get and use by third parties for something that may be contrary to your user interests – would you still do it?You still do it. Take a minute to look at what files you are including and using. Quantcast?
> I avoid Facebook and Google...But you willingly include external scripts for IntenseDebate, WP, and Twitter.
Indeed, Mozilla is tracking you for their own reasons. But it's just Mozilla. You, however, are allowing 3rd parties to track us. I think their is a big difference there. Glass houses and stones.

Emilis Dambauskas 2013-06-17 07:09:47 +0000

I think Quantcast script was added by IntenseDebate. I don't find it in my source code and NoScript shows that I have disabled the other JS include (drnicwilliams.com) at the moment.Thank you for pointing it out. I will switch to other comments service ASAP.

Left Right Left... Vim Shell Vim...

Firefox OS presentation at VilniusJS meetup