"Privacy-Preserving" Attribution: Mozilla Disappoints Us Yet Again

No. The biggest problem about ads, that people still continue to watch them. Block them and any PPA or whatever else do not matters now. That is just 1 more useless checkbox in a browser.

Considering how bad usual aggregation and anonymization methods used in attribution are (99.98% probability to de anonymize the data, sources in the links), I still think:

a.) Mozilla should have communicated with the community instead of adding it sneakily
b.) Not talked down to the users when they brought up this issue
c.) Came up with a better solution for solving the attribution problem.

Sidenote: @Jonah and Privacy Guides blog quoted on this issue: Link

Mozilla should absolutely have communicated this (and many other things) much much better. I think Mozilla really shoots themselves in the foot quite often with poor communication and messaging, especially when it comes to communicating their vision, broadly.

But I think its a pretty unfair and inaccurate characterization to call it “sneakily” considering that:

1. PPA was clearly stated in the release notes, which is the most logical place to go to see what has changed.
2. They wrote (last month) and linked to a Knowledgebase article about it
3. They wrote a technical explainer posted to github the month before release
4. They have blogposts discussing private attribution and other related concepts going back to at least 2022 and 2021
5. There is a meta issue tracking the rollout of PPA on bugzilla
6. And of course for advanced users, the source code is searchable and public
7. Has been publicly engaged in this area at the standards level for some years. They are a named and public co-author of the related IETF draft proposal and a member of the W3C’s PATCG working group
8. PPA is one of the select few settings (2%? 5%?) that get exposed in the GUI, the vast majority of settings are relegated to about:config. If anyone was trying to be “sneaky” deliberately making it a big bold GUI setting under the privacy tab was not a very logical choice.

So while I understand being surprised, understand that most users never seek out sources like this, share the frustration towards Mozilla’s poor communication. I think its unfair and inaccurate to call the rollout “sneaky” (inept on the messaging front, frustratingly oblivious on the PR front, but not sneaky or hidden).

I think both your criticisms have validity (and I think there are other concerns you didn’t state that have validity as well) Though in terms of the misaligned incentives. I think I see this in probably a different way than you mean it.

I actually think the non-profit, public-interest nature of Mozilla is what is the root of the misalignment in this case, and not in a bad way. (I think Mozilla sees this as a practical improvement to the internet and users broadly, and power users are looking at whether it benefits them individually.

I think Mozilla sees the justification for pursuing Private Attribution as: If it is broadly successful-- it’ll be a practical and meaningful improvement to the status quo for all users (not just the small minority of users taking steps to actively fight tracking and block ads, and not just Firefox users). I think that is a valid argument.

BUT, that argument only resonates if your interest is primarily (or at least partially) social/community oriented, and most of the privacy community and most power users, see these things through a very individualistic lens, (“does X improve or degrade my personal privacy”) So the argument that it’d be a meaningful improvement over the status quo for the majority of users who just accept defaults, aren’t using an adblocker, don’t take steps to prevent trackings, isn’t going to resonate with much of the engaged privacy community, mostly concerned with our own privacy, because the value of PPA–if successful–will be most applicable to mainstream users, and is probably at best indirect for us, and likely inconsequential.

I’m sympathetic to the case Mozilla is trying to make, I’m not sure I see it as the right way, but I can understand how someone can come to that belief, and I can’t say I have any better counter-proposals.

I also think I understand the other philosophical argument, that ads are inherently manipulative and anti-social, and that our energy should be devoted to moving away from an internet based on advertising (regardless of invasive tracking, but even more true when tracking is involved), this worldview is more inline with my instincts, and values, but I’m not sure its a practical solution for the internet broadly. I think Mozilla’s counterargument is that that is a very very valid point of view, but that it is unrealistic, we are moving further, not closer to that goal, and that it is unrealistic to expect that to change in the foreseeable future.

A semi-parallel in my mind, that I was originally fairly critical of and eventually came to accept, was Moxie’s decision to work with Whatsapp in implementing the Signal Protocol without pre-conditions (open source client, interoperability --in retrospect I was being quite naive I think).

My recollection is his justification, which I disagreed with at the time, was similar to what Mozilla’s argument is now: It will practically and meaningfully improve privacy for a much greater number of users than Signal could reasonably hope to reach on its own (in the medium term), and sacrificing a little ideological purity and incurruing some reputational damage for “working with the enemy” was worth the tradeoff. I don’t consider these comparable situations, but I do think its an example of a similar philosophical tension between two legitimate approaches (practical and utilitarian, or holding out for a better solution, and being uncompromising in ideals). I don’t know what I think is right in this case, but I think there is validity and honor to both perspectives.

So you now need to opt out of PPA, opt out of telemetry, and change the search engine from Google to something else.

Even if not considering the settings above, the default settings that Firefox comes with aren’t really that great.

Then even if you configure all the settings properly (without touching about:config and Arkenfox), you’re still better off with Brave with its default settings.

At this point, I just don’t know why a regular PC user would go with Firefox over Brave…

Brave has long had their own system for ‘private attribution’, they’ve been advertising it to advertisers since at least 2021.

• Brave uses the term “Anonymous-but-Accountable Attribution”
• Mozilla (Firefox) uses the term “Privacy Preserving Attribution”
• Apple (Safari) uses the term “Privacy Preserving Ad Measurement”

Mozilla, Brave, and Apple, all have engineers publicly listed as members of the PATCG working group

(also worth noting, According to Mozilla, anyone who has opted out of telemetry would already be opted out of PPA) [Edit: Confirmation]

Personally I just don’t want google chromium to have an even bigger monopoly than it already has. If another proper browser engine manage to out-compete or at the very least gets somewhat close to firefox I’m down to switching

So you now need to opt out of PPA, opt out of telemetry, and change the search engine from Google to something else.

To be clear, according to Mozilla’s CTO, it does appear that disabling telemetry also disables PPA. Mozilla just completely failed from a UX perspective, and did not make this clear with the UI at all, one of many mistakes with how they handled this…

At this point, I just don’t know why a regular PC user would go with Firefox over Brave…

I’m not sure it’s fair to say at this point - I don’t think anyone’s ever recommended Firefox for its default settings. Brave has always excelled in that aspect.

Like @KDEBacon said, the browser engine monopoly is a real concern and probably the main reason I at least still use Firefox. The recent situation with Hangouts is a perfect & clear example of this issue:

I’ll also say that I do think Firefox has more to offer than simply not being Chromium. There’s one aspect of Firefox that I think most people seem to take for granted: the customization. The about:config is genuinely amazing - you can change nearly anything about the browser & its behavior. Nothing else comes close to it, the only other browser I’ve seen even make an attempt is Vivaldi, which is still very far off (and has its own issues).

Firefox is truly giving control of the browser & their experience with it to the users, and I won’t lie that I would genuinely miss that, and I do think that is a draw for users who don’t even necessarily care about privacy or fighting the Chromium monoculture.

I guess back to the main point: I’m not trying to defend this PPA feature at all because I am strongly against it, especially with the way this was handled, but I still feel like Mozilla & Firefox are deeply important, and genuinely have something to bring to the table. I just hope they can set their priorities straight, instead of shooting themselves in the foot like this.

Point well taken. But two points on why I think “sneakily” or maybe a milder version of the word is well deserved:

1. Taking a decision and then informing users about it is not communication, it is instruction. I know “Open Source is not a democracy”, but users should always have some form of buy in into the project direction to inspire their confidence and sense of community. And the buy in should not be “they did not explicitly opt out/raise dissent against the feature, so they have given consent” model, but instead on the “we actively seek out their consent and input, and then assume consent” model.
2. Firefox is making the same mistake linux distros used to make: Making it very hard for non-technical users to understand and contribute to roadmaps, excluding them from discussions and buy-ins for features, etc. Release notes, knowledge base, explainer blogs, issue trackers on bugzilla, source code, working groups drafts, etc. are NOT usually seen by the general public. If firefox wants to be a power user browser, then maybe it doesn’t need to do better, but if it wants mass adoption, these little things add up. I personally know a lot of people who still use firefox because they are used to it from the old days, and they sure aren’t reading any of the above. And I really like your idea of release notes popping up post updates with relevant links for further reading

Maybe “adding it sneakily” can be replaced with “adding it passively, with no intention to actively seek user buy-in”.

Brave is still better than Firefox out of the box.

If you had a family member or a friend that knew nothing about computers, OSs, and browsers, would you tell them to just install Brave or to install Firefox, configure the settings, start using Arkenfox, troubleshoot issues with Arkenfox, install uBlock Origin, explain why some sites will not work or will work poorly with Firefox, etc.?

The browser monopoly, etc. concerns are only valid for those who understand them, and for those who care about them, it’s not enough to convince an average internet user to use Firefox instead of Brave.

Honestly, I would just do the bare recs that are on the Privacy Guides site for either Firefox or Brave. Its about the same amount of work for either, and the only addition to Firefox would be uBO. The only reason Brave is “better” for a normal person is the fact that Chromium is the only browser 99.9999% of services test against, and Chromium doesn’t always follow web standards

Brave is still better than Firefox out of the box.

Brave has modestly better defaults, but both Brave and FF are subpar in their default state. And since both Brave and FF need at least a small handful of changes to the defaults, which one is a little better ootb isn’t very important to me.

This is a very exaggerated comparison.

Of course I wouldn’t recommend Arkenfox to a tech-illiterate family member. But comparing Brave in its default state to Arkenfox is Apples to Oranges and bordering on a strawman, they are not comparable.

I have very non-technical family members who’ve happily used Firefox + uBO for many years, in some cases since before Chrome(ium) was even a thing. I’m sure they could comfortably use Brave also, probably just as easily.

I would not hesitate to recommend either Firefox+uBO or Brave to less tech-savvy family members, but I try to avoid making blanket recommendations, I try to meet people where they are, offer a few options based on their context and comfort with technology. There are also contexts where I might recommend Safari or Librewolf.

What I meant is that it’s easier to configure and maintain Brave for non-technical people. Also, at least from my experience, when a family member gave Firefox a shot, at some point one of his sites didn’t work and he didn’t knew how to fix it and he just installed Chrome and never looked at Firefox again.

On this point, I agree with you (at least for users familiar with Chrome(ium)). I just don’t think the differences are that large.

For non-tech savvy family members, off the top of my head, the things I would focus on most are:

1. Not drastically changing their workflow. Non-tech savvy people rely heavily on memorized patterns and familiar UI.
2. Use an Adblocker (Brave has the advantage of having one built in, but installing uBO just takes a few seconds and a few clicks, and is about as difficult as installing a iOS app)
3. Enable DNS-over-HTTPS (set to Quad9 or something else with really good malware blocking)
4. Set their search engine to their preference after suggesting either DDG or Brave (unfortunately Google is still the usual choice).

I can understand what Mozilla’s trying to do here, and I appreciate the effort, assuming it’s true on the face of it, but their acquisition of an ad company, their willingness to collaborate with one of the most egregious abusers of digital privacy (Meta), and their decision to make it opt-out rather than opt-in means I can’t trust their intentions or their direction.

I have no doubt, in a year or two or three, we’ll see them start offering ads that are “non-intrusive” just as Google did when it first started offering ads. There’s just far too much money in it, and Mozilla is, at the end of the day, a corporation, one that seems to want so many of its irons in the digital fire except, it seems, in the browser itself.

They’ve lost so much market share over the past decade, and I feel they’re likely going to lose more, because the advertisers will certainly accept the data Mozilla’s offering, but they’ll also keep on hoovering it up from other sources. In a capitalist system, growth is not just essential, it’s mandatory, and so more and more data must be absorbed to make more and more profit. They’re not going to be satisfied with a small hamburger when they can run the buffet table.

So at the end of the day, I see it as well-intentioned, again at face value, but moving in the wrong direction. I can’t trust Mozilla the corporation to keep its profit grabbing hands out of Mozilla the browser.