An update on Mozilla’s PPA experiment and how it protects user privacy while testing cutting edge technologies to improve the open web.
You know what they say about people who assume, especially when it’s about a company that had to sneak their changes into the browser in a way that would make even Google executives blush.
…except when you assume that data gets leaked despite literally nobody having been able to point to anything that indicates that it’s happening?
It is Mozilla’s job to show us what data is shared. Mozilla failed on that front.
If you want to be the Mozilla evangelist, then show us all on Mozilla’s behalf exactly what data gets sent over, so that we can replicate it.
Here:
When a user interacts with an ad or advertiser, an event is logged in the browser in the form of a value. That value is then split into partial, indecipherable pieces and then encrypted. Each piece is addressed to a different entity — one to Divvi Up at ISRG and one to Mozilla — so that no single entity is ever in possession of both pieces. (…) As an additional protection, the pieces are submitted to Divvi Up and Mozilla using an Oblivious HTTP relay operated by a third organisation (Fastly). This ensures that Divvi Up and Mozilla do not even learn the IP address of the indecipherable piece they receive.