Mozilla Hit With Privacy Complaint In EU Over Firefox Tracking Tech
Mozilla has been hit with a complaint by EU privacy group noyb, accusing it of violating GDPR by tracking Firefox users by default without their consent. TechCrunch reports: Mozilla calls the feature at issue "Privacy Preserving Attribution" (PPA). But noyb argues this is misdirection. And if EU privacy regulators agree with the complaint the Firefox-maker could be slapped with orders to change tack -- or even face a penalty (the GDPR allows for fines of up to 4% of global revenue). "Contrary to its reassuring name, this technology allows Firefox to track user behaviour on websites," noyb wrote in a press release. "In essence, the browser is now controlling the tracking, rather than individual websites. While this might be an improvement compared to even more invasive cookie tracking, the company never asked its users if they wanted to enable it. Instead, Mozilla decided to turn it on by default once people installed a recent software update. This is particularly worrying because Mozilla generally has a reputation for being a privacy-friendly alternative when most other browsers are based on Google's Chromium." Another component of noyb's objection is that Mozilla's move "doesn't replace cookies either" -- Firefox simply wouldn't have the market share and power to shift industry practices -- so all it's done is produce another additional way for websites to target ads. [...] The noyb-backed complaint (PDF), which has been filed with the Austrian data protection authority, accuses Mozilla of failing to inform users about the processing of their personal data and of using an opt-out -- rather than an affirmative "opt-in" -- mechanism. The privacy rights group also wants the regulator to order the deletion of all data collected so far. In a statement attributed to Christopher Hilton, its director of policy and corporate communications, Mozilla said that it has only conducted a "limited test" of a PPA prototype on its own websites.While acknowledging poor communication around the effort, the company emphasized that no user data has been collected or shared and expressed its commitment to engaging with stakeholders as it develops the technology further.
Read more of this story at Slashdot.