Firefox maker Mozilla deleted a promise to never sell its users’ personal data and is trying to assure worried users that its approach to privacy hasn’t fundamentally changed. Until recently, a Firefox FAQ promised that the browser maker never has and never will sell its users’ personal data. An archived version from January 30 says:
Does Firefox sell your personal data?
Nope. Never have, never will. And we protect you from many of the advertisers who do. Firefox products are designed to protect your privacy. That’s a promise.
That promise is removed from the current version. There’s also a notable change in a data privacy FAQ that used to say, “Mozilla doesn’t sell data about you, and we don’t buy data about you.”
The data privacy FAQ now explains that Mozilla is no longer making blanket promises about not selling data because some legal jurisdictions define “sale” in a very broad way:
Mozilla doesn’t sell data about you (in the way that most people think about “selling data”), and we don’t buy data about you. Since we strive for transparency, and the LEGAL definition of “sale of data” is extremely broad in some places, we’ve had to step back from making the definitive statements you know and love. We still put a lot of work into making sure that the data that we share with our partners (which we need to do to make Firefox commercially viable) is stripped of any identifying information, or shared only in the aggregate, or is put through our privacy preserving technologies (like OHTTP).
Mozilla didn’t say which legal jurisdictions have these broad definitions.
It seems like the issue here is, users want to be spoken to in colloquial language they understand, but any document a legal entity produces MUST be in unambiguous “legal” language.
So unless there’s a way to write a separate “unofficial FAQ” with what they want to say, they are limited to what they legally have to say.
And maybe that’s a good thing. Maybe now they need to create a formal document specifying in the best legalese exactly what they mean when they say they “will never sell your data”, because if there’s any ambiguity around it, then customers deserve for them to disambiguate. Unfortunately, it’s probably not going read as quick and catchy as an ambiguous statement.