An update on Mozilla’s PPA experiment and how it protects user privacy while testing cutting edge technologies to improve the open web.
I will say it again: The way i read it, it sounds like the companies will get some general data if their ads work, without a profile about you being created. I am fine with that.
Just imagine what a boon it would be for the “normal“ less tech savvy, if advertisers switched to a more privacy respecting technology like this.
If more privacy focused people don’t like it, they can simply disable it by ticking one box, without negative consequences (unlike content blockers and similar techniques where a website can penalize you, turned off PPA is not detectable).
It has no downsides as far as I am concerned. It doesn’t give advertisers additional data that they wouldn’t already be able to get, it just creates the option of measuring their ads in a privacy respecting way.
Here’s the complete list of ads I find acceptable:
That is for any and all media.
Genuine question, would you be willing to pay for all the content you consume using a “token” system where each page, video or other piece of media has a price to it, usually about a cent per article or 5c per video, is automatically debited from either an account loaded with real money or some sort of blockchain, at the discretion of the user? A token could be one cent.
There’d be an open API, and multiple brokers could handle that transaction for you, so there is no vendor lock-in. You could even be your own broker if you set up your own server that talks to the servers hosting any media you’d like to consume. It would get rid of online advertising, but you have to pay out of pocket for server costs and content creation costs.
Sounds like BAT token from Brave
Top up by buying it or watching ads somewhere else, and then spend on sites you see as important or flat to everyone who you visit and is connected to BAT ecosystem.
Yes.
There used to be a service where you set an amount you paid each month and you could then mark pages/services for donation. At the end of the month your money would be split between all the pages/services you marked.
It was called flattr.
The elegance of this system is that you can set aside an amount of money you’re comfortable spending on art, or whatever you wanna categorise it as. So you’re fully in control of your spending. If videos/songs/articles/things cost a flat amount it’s easy to lose track of the total.
Maybe this should have been the initial announcement before they pushed it onto users. Though obviously some of the backlash is due to inept media going (as usual) for clickbait instead of research and actual reporting.
They sure do “improve” the “open” web by developing new tech that benefits advertisers.
Just use librewolf or mullvad browser…
And website operators will be compelled to adopt this, how? They will likely just use PPA and also all of the tracking tools, or straight up not give a shit about PPA. Mozilla does not have the influence to affect real change. Until such a time, all of this is just worthless posturing.
Mozilla by itself doesn’t have the influence to change it, but with Mozilla’s help (i.e. this experiment), others do. Specifically, legislators can have more freedom to implement strict privacy-protecting measures if they have proof that an alternative is available that doesn’t cost lots of voters their jobs.
But you can’t provide that proof if you don’t run the experiment.
Firefox already blocks all trackers by default. I think Mozilla is trying to be the good guy by providing a more private option that’s available to people that don’t use Firefox. It seems pretty naive, but I think their heart is in the right place.
At the end of the day, this is just another setting to toggle off on a fresh install for those of us against all tracking and advertising on the web.
There’s also the bit where if it doesn’t work out no real harm is done (to users - there’s obviously reputation damage to Mozilla now): people who already block things by default are not affected at all, and no new information is shared about those who don’t. Whereas the upside if it does work out is enormous. In other words, low risk, high gain. Even with low odds, that’s a path worth exploring.
I would be more okay with this if Firefox did more to block the tracking techniques that advertisers are currently using. They block third party cookies and compartmentalize social media cookies which is fine but they do almost nothing to stop the more insidious tracking techniques like device fingerprinting.
Mozilla really wants to push me to Brave
What more do you think should be done to stop fingerprinting, and does that involve sacrificing usability?
(Also, “almost nothing” feels like a gross exaggeration? Just the Tor Uplift project brought in lots of measures, quite a few of which could even be enabled by default.)
Brave randomizes the output of fingerprinting techniques like canvas rendering, system fonts, installed devices, etc in a way that makes you look like a real, consistent user providing real data that still allows the site to work, while still changing the output from one session to the next enough that sites can’t tell you’re the same person.
Firefox claims to block all this but if you check their site they explain how it actually works:
Firefox protects users against fingerprinting by blocking all third-party requests to companies that are known to participate in fingerprinting
We’ve partnered with Disconnect to provide this protection. Disconnect maintains a list of companies that participate in cross-site tracking, as well a list as those that fingerprint users.
This does nothing to actually disguise you. It’s the equivalent of putting a paper bag over your head when you think there’s a security camera. You stand out because of the bag and you don’t know where all the cameras are so you’re still being tracked when you don’t know it.
I hate the idea of Brave because Chromium’s dominance will ruin the web but Firefox does not protect us.
That is a bit confusing, but the feature called “Fingerprint Protection” (i.e. blocking known fingerprinters) isn’t the only protection built in. I’m not motivated enough to find a full list right now, but it also includes e.g. limiting the information in the User Agent header. I did at least find a list of things that were worked on at some point by searching for “Tor uplift”, which is a good starting point if you’d like to find more: https://wiki.mozilla.org/Security/Fingerprinting
I’d also add that actually blocking requests to known fingerprinters does help. It’s more like camera’s getting disabled when you’re around: sure, from the point of view of the camera, it’s suspicious that it stopped working, but it can’t see you, so it doesn’t know who is standing out.
Here’s my takeaway on the article:
Blablablablablablabla (…) bla.
-> Deactivate it.
Good comment. Thanks for sharing that insightful information.