I hear people saying "Mozilla isn't trying to push AI on users", well here is an example of it.
With the new, free! Firefox VPN, your data gets routed through the servers of Mozilla's service partner, Fastly, a content delivery network.
First, not every service is created equally: Mozilla's Mullvad-based VPN explicitly promises not to collect data if you use their paid VPN service, and says its partner Mullvad does not collect data:
Network data. When you activate Mozilla VPN, it will encrypt your internet traffic and send it to Mullvad. No logs of your network activity are maintained by either Mozilla nor our partner Mullvad when you’re using the Mozilla VPN service in any circumstance. Learn more at Mullvad’s Privacy Policy.
To Mullvad's credit: It has been audited, and it has been battle-tested. But this isn't a look into Mullvad...
I cannot find a similar promise for the free "VPN" in Firefox, but Mozilla washes their hands of data shared to third parties that presumably include Fastly for this free service.
While testing, I managed to only connect to Fastly servers in one part of the United States, specifically through
p.m1.fastly-masque.net
I tested this while spoofing an IP address from these countries (while using the free tier of Proton VPN):
Unless I'm missing something here, this might be the only available jurisdiction.
In its privacy policy, Fastly enumerates the data they collect about you:
- "[N]ame, postal address, e-mail address, or telephone number, either actively or passively, and billing information such as credit card number and tax address."
- "Information about your Internet connection and Internet protocol (IP) address, your login data, the equipment you use to access our websites and applications, time zone settings and location, browser plug-in types and versions, operating system and other technology on the devices you use to access or use our websites."
- "Behavioral Data: Inferred or assumed information relating to your behavior and interests, based on your online activity and your use of our websites."
In its privacy policy, Fastly describes collecting data with various technologies that may include your private data.
Fastly and our partners use cookies or similar technologies (such as web beacons) to gather information, analyze trends, administer our websites, track users’ movements around our websites, and to gather demographic information about our user base as a whole. These technologies may provide us with personal data, information about devices and networks you utilize to access our websites, analytics information and other information regarding your interactions with our websites.
Fastly collects client IP address information on a limited basis to provide and improve its services. Fastly also may collect and retain for its legitimate business purposes client or Customer IP addresses associated with suspicious activity that may pose a risk to the Fastly network or our Customers, or that are associated with administrative connections to the Fastly service.
According to the Fastly privacy policy, user data is retained for 7 years after the end of service, or longer. They maintain a long list of reasons to not delete it:
The retention period shall not exceed the duration of our business relationship with you plus (7) years unless we have a legitimate business interest need to retain the information for a longer period, which include maintaining a record of your preferences, securing the integrity of databases, conducting audits, complying with our legal and contractual obligations, resolving disputes, and enforcing our agreements.
Unsurprisingly, Fastly shares your data with other companies.
We consequently share information, including personal data, with these contracted third-party service providers in connection with using their services...
We share information, including personal data, with our subsidiaries and affiliates in the operation of our global business because our subsidiaries and affiliates may provide you services under our contracts or other functions...
From their privacy policy:
We may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us to update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to you. If you provide us personal data about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us. If we receive personal data about you from a third party in order to engage in marketing of our services, then we will market to you only in your capacity as representatives of companies we wish to sell to and we will present you an opportunity to opt-out of future communications.
Examples of the types of personal data that may be obtained from public sources or purchased from third parties and combined with information we already have about you, may include:
- Contact information about you, including your name, email address [sic] telephone number...
- Data purchased from third parties, such as social networking sites... to create more tailored advertising and products.
Source: https://addons.mozilla.org/en-US/firefox/blocked-addon/%7Bc4b582ec-4343-438c-bda2-2f691c16c262%7D/
I could not find any articles with further information on the topic.
There seems to be a fork with tracking removed, but it only has about 2000 downloads, so proceed with caution.
The latest news and developments on Firefox and Mozilla, a global non-profit that strives to promote openness, innovation and opportunity on the web.
You can subscribe to this community from any Kbin or Lemmy instance:
Related
While we are not an official Mozilla community, we have adopted the Mozilla Community Participation Guidelines as far as it can be applied to a bin.
Always be civil and respectful
Don't be toxic, hostile, or a troll, especially towards Mozilla employees. This includes gratuitous use of profanity.
Don't be a bigot
No form of bigotry will be tolerated.
Don't post security compromising suggestions
If you do, include an obvious and clear warning.
Don't post conspiracy theories
Especially ones about nefarious intentions or funding. If you're concerned: Ask. Please don’t fuel conspiracy thinking here. Don’t try to spread FUD, especially against reliable privacy-enhancing software. Extraordinary claims require extraordinary evidence. Show credible sources.
Don't accuse others of shilling
Send honest concerns to the moderators and/or admins, and we will investigate.
Do not remove your help posts after they receive replies
Half the point of asking questions in a public sub is so that everyone can benefit from the answers—which is impossible if you go deleting everything behind yourself once you've gotten yours.