Advertisers are already tracking everyone. Firefox is providing another option to help preserve privacy. You still have the option to disable or block anything you want, Firefox hasn’t taken that away. This doesn’t effect you, it effects the average user who doesn’t already block everything. I don’t see how having a new option that helps preserve your privacy is a bad thing. The goal would be for this to catch on, and then eventually be able to prevent more personal tracking that occurs through cookies today. It would be a net benefit.
That’s fine but it should have been opt-in or at least asked before enabling it. I have ad blockers and anti-tracking extensions, but they don’t do anything against this new feature because it’s the browser itself doing it. If I hadn’t read about it and gone in and disabled it I would be providing data to ad companies without even knowing it and that’s unacceptable.
I have ad blockers and anti-tracking extensions, but they don’t do anything against this new feature because it’s the browser itself doing it.
I don’t think that’s the case. If you have e.g. uBlock, the API for this new feature won’t be called, even if enabled, according to Colin (developer for Multi-Account Containers) in the Mozilla General matrix chat. I’d lean towards trusting Colin over you, here.
And, please, don’t bother Colin over this. I only mention him because if I didn’t, I just know some people would downvote without even bothering to ask for a source, despite never providing any source for the opposite themselves.
I get your point, and your frustration, but please don’t talk so confidently about things you aren’t actually certain of.
Maybe, but I’m not seeing anything that suggests that would be possible.
Here is the technical documentation for how this feature works. The short version is that it exposes some new JS functions that sites can invoke to register various ad related activities. That data in turn gets forwarded by the browser to a 3rd party using a protocol called DAP which can be considered out of band for the purposes of website interactions. I see no evidence at all that uBlock would be able to block the DAP calls, and limited evidence it could effectively block the JS functions.
uBlock works primarily by blocking network requests using a series of rules. Here is the syntax supported by uBlock for defining its blocking rules. It primarily works by inspecting hostnames, although there is some capability to match on things like HTTP headers, or raw text. There is the capability of blocking an entire script element if it matches specific text E.G. navigator.privateAttribution, however doing so is likely to break sites quite drastically. There is very limited ability to surgically remove such things. Maybe if you injected some JS into each page that overwrites the navigator.privateAttribution namespace with stub functions that do nothing (I believe this is actually what the browser does when you opt-out of that feature), but I’m not sure if that’s even possible or if the browser would simply ignore attempts to write to that namespace.
It’s possible Firefox is being “smart” and if it sees you have uBlock or similar ad blocking extensions loaded it disables this feature. It’s possible that there’s some extra tricks uBlock or other extensions can pull to block this at a more fundamental level that just aren’t obvious from looking at their documentation. But nothing in the documentation for this feature seems to guarantee any of that, and it’s frustratingly vague in several areas. Regardless none of that changes the fact that this should have been opt-in from the start instead of opt-out. Mozilla argues that they made this opt-out because they wanted to insure a large enough user base to anonymize the collected data, but that alone suggests there might be privacy problems with this entire thing. This wouldn’t be the first time that a supposedly anonymized data set could be at least partially de-anonymized.
I do follow release notes which is how I knew to disable it, but the point is that I shouldn’t need to. The reason Mozilla didn’t ask before enabling this “feature” is because they know most people would disable it. That should be a pretty big clue that this isn’t something their users want.
This take is so naive. You really think the advertisers will give up their current, rich sources of data for Mozilla’s watered down crap? Given the current market share, no one is going to pay a premium for this little data. Or do you think the people that came up with everything creep.js does in order to track you will suddenly grow some ethics and stop doing that just because Mozilla is selling my data in aggregate? Not only is this a dumb idea that won’t even work (like just about every other non-browser thing they have tried), but then they also felt selling my data was within their right.
Mozilla Corp was never entitled to my data to sell in aggregate or to stay in for-profit business.
