Firefox now has Terms of Use! This'll go over like a lead balloon.

You give Mozilla all rights necessary to operate Firefox, including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate the internet. When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox.

https://www.mozilla.org/en-US/about/legal/terms/firefox/

So if they decide ads based on my artwork/writing help me "navigate, experience, and interact with online content," they have the right to steal it from me and use it in their "privacy-respecting" ads?

@mttaggart not seeing what’s objectionable about the quoted section

@copiesofcopies If I upload my artwork to anywhere via Firefox, have I just granted aa royalty-free license to that intellectual property to Firefox?

@mttaggart oh for fucks sake... I am done with mozilla and their bullshit. sorry firefox, you'll have to go.

This clause explicitly separates the information they claim license over from the data collected in the Privacy Notice. This clause is more expansive—"information uploaded through Firefox" is basically anything in a HTTP request or a websocket.

https://www.mozilla.org/en-US/privacy/firefox/

@scottwilson Sometimes this language gets written without sufficient scrutiny. And sometimes it gets written with all the scrutiny it needs to ensure you, the user, are screwed.

@mttaggart @scottwilson
They spent too much money on CEOs to have any sense left

@mttaggart brb, gonna go install LibreWolf

@scottwilson I think they're being very clear about what they want. In fact, I'd go so far as to speculate that somewhere, around some boardroom table, there was a conversation that Firefox is an albatross around Mozilla's neck. The sooner they can kill it and become the AI/privacy ads org, the better.

@vkc I ain't gonna tell people what browser to use (it's not a particularly weighty moral choice!). In terms of stability, however, I like that Vivaldi has arrived at a business model that pays developers without screwing users.

@mttaggart w t actual f

@mttaggart Does this apply to software that uses the Firefox's engine like Zen Browser?

@wtrmt No. From the Terms:

These Terms only apply to the Executable Code version of Firefox, not the Firefox source code.

@mttaggart anyone know what the previous terms were?

(Going to be so sad when this turns out to be AI related)

@davidhanzlik Per OMG Ubuntu, they are new new: https://www.omgubuntu.co.uk/2025/02/mozilla-introducing-terms-of-use-to-firefox

@scottwilson @cR0w We're all gonna be keying in messages via Meshtastic via Morse on @Sempf 's BBS. That'll be it.

@da_667 Vivaldi has committed to MV2 support for as long as possible!

@da_667 The very same. Viv has been my standard since I ditched Brave, and I've been very happy with it.

@cR0w @da_667 True, however their built-in blocker works quite well. I'm unsure how that will be affected, since I believe it is technically an extension.

@mttaggart They make it REALLY difficult to find an alternative to a chrome based browser. I do like Vivaldi but am all for more options than only chrome ones

@mttaggart this wording is wonky but you are not providing context and kind of posturing. That may not be your intent but given the replies it's implied.

@cienmilojos How the hell can replies to a post be my "posturing?" I have linked primary sources and provided a read.

@mttaggart So…. Who is forking Firefox to build a browser without this crap?

@mttaggart Ok. Civil discussion by blocking. Cool.

@mttaggart What the actual fuck.

@mttaggart In short, Firefox is going to steal people's passwords.

@mttaggart Based on that guess it's time to say goodbye and thanks for all the fish to Firefox.

@copiesofcopies @mttaggart The idea of passwords is to limit the amount of people knowing them.

Firefox noting user credentials down and sending them to the US government via NSLs is not going to garner much fans in the current climate.

@da_667 @scottwilson @cR0w I used it. Hell, it's in the old PWST videos. I'm ashamed of that. But yeah, if you're looking for a browser that has a sustainable business model but doesn't screw users, you have a clear option. If you require FOSS, you have a thousand, but I don't trust a single one to be around for > 5 years

@mttaggart @da_667 @scottwilson @cR0w Hashtag librewolf :)

@mttaggart is this not the same boilerplate language used in almost every website that hosts user content?

Like, no doubt it’s weird for a browser to do this but that wording is typically for allowing websites to publicly host your content on their service/equipment and allow things like image cropping/ re-sharing etc.

Makes me wonder if they’re going to start like, hosting servers as intermediaries between the user and whatever site they’re uploading to. I can’t see why that’d be worth it though except maybe in situations where the end site is unstable. Even if it is at the end of the day for training purposes, I can’t imagine they’d not have some kind of cover story to justify it.

@malusdraco A website is not the intermediary between you and the rest of the web. This language suggests every HTTP request you make is fair game. That's the difference.

@mttaggart

#TranslatedFromTheRepublican

"Your rights don't exist" is Firefox's new Terms of Use.

@mttaggart as I read it, you give them a limited license to use that content as needed to do what you’re using Firefox to do. I.e. if you’re uploading an image to a website, you authorize them to do so as you directed.

@copiesofcopies @mttaggart Good point. That interpretation is more comforting...

@WebCoder49 the problem with things that can be interpreted differently is that if your interpretation doesn't match Mozilla's, and they do a snatch and grab of all your stuff, your only recourse is an expensive lawsuit, which no matter which way it is finally decided, the only parties that win are the lawyers.

@copiesofcopies @mttaggart

@womble @WebCoder49 @copiesofcopies Part of what Firefox is doing is now advertising. You are at the mercy of their definitions here.

@mttaggart so if I use Firefox to post an article to my self hosted CMS, they are claiming copyright over my work now?

@mttaggart or, say, if I use Firefox at work to submit code changes. This is untenable...

@aburka This was exactly my concern

@mttaggart yes, I've been watching Mozilla's various thrashing movements with slack-jawed horror for some time now.

@mttaggart Everyone, switch to #LibreWolf. It’s based on Firefox but has all the privacy-invasive bullshit stripped out.

@mttaggart @scottwilson @cR0w I'm ready to answer the call.

@mttaggart I don’t know that I buy “any http request” unless that qualifies as “inputted information”
did they do some sort of press release to go with the change in policy?

@malusdraco https://blog.mozilla.org/en/products/firefox/firefox-news/firefox-terms-of-use/

@mttaggart @da_667 god dammit. Is it even possible for a secure open source browser with its own rendering engine to be maintained without AI and advertising infecting every part of it?

This is the press release. I do not believe there is concord between this language and the actual policy: https://blog.mozilla.org/en/products/firefox/firefox-news/firefox-terms-of-use/

@infosecdj @mttaggart and for what replacement? chromium?

@f4grx @mttaggart I am open to suggestions. chromium is not an option either.

@mttaggart @da_667 Thanks for this! I’ve now moved over to Vivaldi. Love the blocklist integration!

@infosecdj @mttaggart thats completely depressing. the web was bad enough now the last standing browser is pissing on its users.

people in the thread talk about librewolf. never tried yet.

@f4grx @mttaggart well it is probably a rebuild of firefox, like a thousand of others. I'd rather have something properly security-supported.

Hey FWIW, Vivaldi does not have anything like this language: https://vivaldi.com/privacy/vivaldi-end-user-license-agreement/

@infosecdj @mttaggart Sure. I hope we find something.

From this toot it looks like they embed some additional crap in their binaries. Maybe we're safe with a rebuild from source.

https://infosec.exchange/@mttaggart/114072086184051373

@f4grx @mttaggart with rebuilds, the question is how well they port security fixes to their fork. well, that and when will they get themselved pwned of course, with a backdoored update getting pushed to users...

@cR0w @Sempf @mttaggart @scottwilson Vivaldi?

@mttaggart @ptrc i assume we have disabled any functionality relating to this in alpine's vendor prefs file, right?

@ariadne @mttaggart not yet - to be fair, i'm not even sure how they could get such data... but i'll make sure to disable anything that phones home and isn't an actual user-facing feature like Sync or Addons

This is your hojillionth reminder that non-profits are corpos that figured out how to avoid taxes. When the chips are down, most will readjust the "mission" toward revenue.

@infosecdj @f4grx @mttaggart Firefox forks don't have the resources to maintain an entire browser. If Mozilla completely goes off the deep end or ceases to exist, LibreWolf and other forks are going with it.

@egerlach @f4grx @mttaggart yes, this is a risk but I would not say the likelihood is high--at this moment.

@mttaggart

yup. there are some less greedy for profit and non-profit orgs, but it is important to remember that non-profit is a tax status. it does not mean a mandate to only do charitable works. it just puts some restrictions on how profit may be used and how much of revenue can be profit.

@mttaggart @nixCraft
Ditch Firefox, use #Librewolf or #Floorp

@cR0w @Sempf @mttaggart @scottwilson I'm going to start sending him this when I need his attention/help and it is non-negotiable. Excellent.
Hmm. I could send it to the TV.

@cR0w @mttaggart @scottwilson Five stars, no notes.

@cR0w @Sempf @mttaggart @scottwilson Hmm...send to TV as video with a bell sound behind it. Or boo-boo bus siren.

@cR0w @scottwilson @mttaggart @da_667 well, apart from the privacy aspect. I wanted to check out Vivaldi on android, I went to deviceinfo.me and Vivaldi just let's websites see any and all fingerprinting information they want. Still better than the homophobe's cryptoscam browser though.

@cR0w @scottwilson @mttaggart @da_667 yup, choosing a browser is a lot like choosing a political party or candidate. They're all shit, there's no hope in sight, we should just throw our computers in the bin.

@copiesofcopies @mttaggart Yeah, that seems more correct.
The last line is pretty telling "..as you indicate with your use of Firefox".
If you didn't indicate that you wanted Firefox to take your artwork then Mozilla doesn't get that permission. They only get the permissions to do what you "indicate".
The other important part is "When you upload or input information through Firefox"

Basically it's just saying that if you indicate that you want to upload a photo to x website, by for example dragging an image into Firefox, then you give Firefox permission to send it to that website you are on.

To rephrase, when you upload through Firefox, you give Firefox the permission to do what you indicated, i.e. uploading.

The true meaning of the quote seem to have blown over @mttaggart 's head like a helium balloon.

@saphkey @copiesofcopies It didn't. Your interpretation does not require a "non-exclusive, royalty free, worldwide license."

@mttaggart I'm skeptical of what exactly this means. Every social media service gets shit for saying you relinquish rights to them for anything you upload but that's kind of the only legalese way that they can allow user generated content. IANAL, so it's hard for me to judge why they would need that text and why they would not.

@igimenezblb I think the important distinction here is a site you navigate to and a service you use on the web, and the tool you use to access everything on the web.

@mttaggart I am happy I dumped them. Their reasoning is fictitious.

@mttaggart Ho. Lee. Fuck.

@mttaggart how is this possible? anything i write, upload, input...is basically everything i do in a browser. this includes passwords, media, etc.

fuck ALL the way off, mozilla. now to find some browser that has decent extensions and isnt a right assbag.

@mttaggart I don’t agree with these terms. I will cease using Firefox at once. Which will be easy because it’s only on a single system. Librewolf is on everything f else.

@mttaggart
I'm surprised to see you spreading FUD like this.

How is this license different than any other license for any other web-based application?

You know how many things your browser interacts with to display what it does and you also know that there are a handful of tools like Firefox Sync or Pocket built into it that interact with backend services that Mozilla runs, and those things probably already had terms like this so....

I'm straining to see any way in which this is an issue other than the fact that everybody in the entire universe is going to make it an issue, because we go through this fucking dance every single time everyone ever sees this language, even though it's used in like every EULA ever and you'd think people would get it by now.

sigh

@mav I want you to think carefully about the difference between the means of access—the browser—and the site that you choose to access. The language at the browser layer is much more concerning.

Also, I take exception with the "FUD" framing. I have linked only primary sources here. We can disagree about interpretation, but that's not the same thing as FUD..

@mttaggart
That wouldn't be "as you indicate with your use of Firefox"

@nachof Are you sure? I'm agreeing to some ads simply by using Firefox

I guess it is time to throw some money at @servo.

#Mozilla #enshitification

@mttaggart
So is the issue you're taking here that the EULA is not sufficiently granular, in that it doesn't distinguish between usage for data provided for standard browsing versus data transmitted to built-in services like Sync?

I'm calling this FUD specifically because I think your interpretation of this language, which we really do see almost everywhere, is particularly uncharitable (to put it nicely.)

I'm as frustrated with Moz' governance as everyone else, but I do not think this EULA is some great evil. I think this is probably them trying to have one standard EULA instead of separate EULAs for every damn thing they do, plus they didn't have one at all AFAIK for the data they exchange to provide standard things like CRL lookups and safe browsing checks.

@mttaggart
I guess if you want to say that your beef with it is that this could be stretched to say that every time you submit data to a site you're giving Mozilla a license to use it, but I don't think that's what they intended at all. Moreover, Firefox IS using your data, and if you use Sync, may very well be saving stuff about what you did (depending on what kind of access you did.)

Asking them to clarify is certainly not unreasonable, but this is hardly a "panic lets all switch to Chrome" kind of scenario.

@mav Respectfully, you are imputing intent where there is none in the language. For one thing, "Sync" shows up nowhere in this paragraph. The language is "When you upload or input information through Firefox." That is broad, and I must assume intentionally broad.

Look, we can disagree on intention, but think defensively. Let's assume Mozilla does want to do gross stuff with my HTTP requests. With this tacit contract, I've agreed to that usage, and any attorney worth a damn could argue so in front of a judge or jury. It's not what they will do; it's what the language could let them do.

@mav Furthermore, you will note that I did not tell anyone to switch to anything. I merely pointed out that this language is dangerous. And it is.

@mttaggart No, if you upload your artwork they can outright steal it and you can't sue them because you agreed to ToS. That's what it says. This better turn into such massive shitshow Mozilla is going to feel it for a decade. I bet they want to use this bullshit to train their Ai garbage.

@rejzor @mttaggart

Does it? The fact that the bolding ends before the end of the statement does not delete the "to help you navigate, experience, and interact with online content as you indicate" part.

@deirdrebeth @rejzor @mttaggart There's no way they *won't* be interpreting "navigate, experience, and interact with online content" in the same hoover-everything-for-advertising-or-AI-purposes sense that all other tech companies do these days.

@TamsynUlthara @mttaggart Or Vivaldi

@mttaggart

"These Terms only apply to the Executable Code version of Firefox, not the Firefox source code."

From

https://www.mozilla.org/en-US/about/legal/terms/firefox/

So if a Linux distro, like Debian, compiled the source code and put it on a server then the new terms do not apply to the compiled version?

If so then there is nothing to stop anyone from forking the code (eg Librewolf).

The new TOU sucks but there seems to be a workaround.

@mttaggart

I actually read the tagline as this;

MOZILLA
Forget: About Your Rights

@mttaggart Will have to give it a read later but I hope this doesn't affect forks like librewolf

@_tissa_ it can't. There is not an EULA to run the code. If you download and run Firefox through an installer, yeah it does affect you, because you're presented (I assume) the EULA.

Any forks or people who compile it themselves aren't subject to it.
@mttaggart

@stinerman @_tissa_ @mttaggart Does this include precompiled packages like those distrobuted by linux package managers?

@TruelyNotARobot I'm not a lawyer but I don't see how. You were never presented with these conditions. If Mozilla thinks that they can say "this is available under a free software license but oh there's this other website where we take away your rights that you were never notified about" that's uhhhhh not the way it works.

@_tissa_ @mttaggart

@stinerman @_tissa_ @mttaggart I figured as much, but honestly you can never be too careful with this legal stuff.

@TruelyNotARobot @_tissa_ @mttaggart now if you use Sync that's a completely different story altogether.

@stinerman @mttaggart Oh whew! 💦

@deirdrebeth @rejzor @mttaggart And suppose people say no thanks, I can navigate on my own? I somehow doubt Firefox will have that as a selectable option.

The advertising industry corrupts everything it touches.

@_tissa_ @mttaggart I'd imagine LibreWolf is unaffected + the devs of that browser are no fans of Mozilla so they likely wouldn't comply anyway.

@mttaggart
I think that the smartest attorney in the world would have a difficult time crafting a EULA for a browser that, under these terms, you would be willing to accept. I'm not a lawyer (or even a particularly good approximation of one) but it sounds like to me the only way to satisfy the thing you're asking for is to spell out in detail inside the EULA itself what services they are talking about and when they are used.

(Mozilla's site does spell out in significant detail what they acquire and what they do with it, but unless there's something specific to link each section with its corresponding role in the EULA, I can't imagine anyone being sufficiently happy about it.)

From a defensive point of view, you're using a tool you didn't make to access servers and services you don't control. If any one of the pieces of this puzzle decide to go full evil, everyone interacting with that layer is fucked.

And it's quite clear by the discussion here that the primary remedy for this is seen as other browsers. Which, fine, use whatever browser you want, but there's one engine in the world left that runs uBO and it ain't Chrome. (I'm not in any way happy about this, but that's what happens when you put the world's largest ad company in charge of the world's most widely used browser engine.)

This is like the 9,185,046th time we've had the exact same license use terms discussion and I feel like I wanna just wail for a while and then do a shot for every one of them and expire in an alcohol-induced coma.

@mav This is a very confusing claim, given that I above linked Vivaldi's Terms, which do not include this seemingly intentionally-vague or expansive language. And those terms satisfy me just fine. So I guess it is possible to satisfy me!

If by "what they acquire," you are referring to the enumerated data in the Privacy Policy, the paragraph in question in the new terms is clear that they are referencing a set of data including, but not limited to, that data. Combined with the expansive "Uploaded through Firefox" language is neither normal nor particularly comforting.

Now, your points on defensive tooling are pure goalpost-moving. Yes, any service can decide to "go evil," as you put it. But look at how Mozilla has been behaving. Why the hell would I give them the benefit of the doubt now?

As far as what's been hashed and rehashed, I cannot recall a time when a web browser, much less an open source one meant to be a paragon of privacy, has included language like this.

I could be entirely wrong! But look at the pattern and tell me I shouldn't be wary.

@Polychrome @lispi314 Yours is a very charitable reading of the clause. But let's consider Mozilla's recent behavior, and ask how much good faith is due. Can you imagine no more expansive interpretation of this language?

I've spent the night reading browser Terms. Not a one includes a clause like this. They do explicitly call out GDPR, which this oddly does not (the Privacy Policy does have appropriate EU affordances). You know what does use this language?

Facebook.

I have spent my night reading browser Terms and Privacy Policies. Why? Because I love you and hate myself, apparently.

So here's the deal: that "non-exclusive, royalty-free, worldwide license" you're granting to Firefox/Moz when you upload data through it? It is boilerplate language. Pretty common actually!

But not in browsers. In fact, not a single browser ToS has anything resembling this provision.

Know what does?

Facebook
X
Instagram

I wonder why Mozilla would want to use the same language those platforms do.

@mttaggart As far as I can tell, the privacy notice is about how Mozilla can access your data. And this is about how Firefox processes it. I.e. if you click a link, Firefox has to use that information to load the document that link is referring to.

@Schouten_B I do not agree.

You give Mozilla all rights necessary to operate Firefox, including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate the internet.

This means the set of data to which the "license" applies includes, but is not limited to, the data defined in the Privacy Policy. That's why the "when you upload or input information through Firefox" clause is so concerning to me. We don't know the bounds of that expanded set, only that it is expanded.

Mozilla has updated their press release with the following clarification:

UPDATE: We’ve seen a little confusion about the language regarding licenses, so we want to clear that up. We need a license to allow us to make some of the basic functionality of Firefox possible. Without it, we couldn’t use information type into Firefox, for example. It does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice.

https://blog.mozilla.org/en/products/firefox/firefox-news/firefox-terms-of-use/

That is good to hear, but their reasoning makes no sense given that no other browser uses that language.

@mttaggart As I read it, this explicly says in the phrases higher up that any data -collected- is covered by the privacy policy. I.e. this only applies to the data where Firefox is the middle-man, i.e. when you type in a google doc and Firefox sends that data to google, when you upload an image on Instagram and Firefox sends that image data to Meta, etc.

@Schouten_B Well, they've clarified in that direction, but I still find their rationale bogus, given that no other browser seems to require that language to operate. But hey, at least we can hold them to this.

@mttaggart More specifically the litigation being avoided here is that when a user uploads an image in Firefox to Instagram, they can then claim royalties from Firefox for sharing that image data with Meta. That obviously, would be kind of absurd, but a careful reading of the law would leave some room for that. Obviously that data is not -collected- by Mozilla, and therefore the privacy policy doesn't apply to that, but only because Mozilla itself doesn't do anything with that data.

@Schouten_B What law are you referring to?

@mttaggart Directive 2001/29/EC and 2001/84/EC. Depends on how you read them for sure. Haven't looked at other Browser's terms of use yet, but will have a look how they deal with uploaded content and URL bar input and such.

@Schouten_B I am certainly not EU law expert, but Article 5, section 2 of 2001/29/EC would seem to obviate this concern:

1. Temporary acts of reproduction referred to in Article 2, which are transient or incidental [and] an integral and essential part of a technological process and whose sole purpose is to enable:

(a) a transmission in a network between third parties by an intermediary, or

(b) a lawful use of a work or other subject-matter to be made, and which have no independent economic significance, shall be exempted from the reproduction right provided for in Article 2.

@mttaggart This feels like the second paragraph says the exact same thing except more misleading.

@mttaggart Tbh I'm not even sure what that second paragraph means.

@Schouten_B What's that even from?

@mttaggart Google Terms of Service. The ones referred to by Chrome: https://policies.google.com/terms#toc-what-we-expect

@Schouten_B Yeah I dunno, this is scoped to the Google Services, aka the applications on the web. And as mentioned, other such services license similarly. But I can not for the life of me find any instance of a browser's own terms doing this.

@buherator As of today, Mozilla's primary revenue comes from search engine deals, not adtech. That will be true if and until the DoJ's proposed remedies in the Chrome antitrust case are adopted, which would prevent the kind of exclusive deal Google has with Mozilla.

@mttaggart

https://www.google.com/chrome/terms/

Seem to just apply to Chrome as well.

@Schouten_B I understand that. But the nuance here is where the license for the content is applied: at the service level, or the browser. This reads clearly to me that it's at the service level.

@mttaggart What I find troubling is the vagueness about 'upload' - to me, an upload is anything at all sent in the upstream, including personal logins and private identity data you may be sharing with a secure system. If this is what they mean, then they need to break down exactly what data is being collected. Is it everything you send to a site via the browser?

Or is this whole thing just about basic telemetry that you can disable in privacy settings?

@mttaggart so they’ve decided to scrape data from every user & become a massive security liability?

@TransitBiker Apparently not; keep reading the thread

@mttaggart ... yeah, we don't want Mozilla to use information that we type into Firefox? that's our entire objection

@mttaggart

relevant thing is "Without it, we couldn’t use information type into Firefox"

means: "What you type into FF, we grab it. but we dont own it"

have I understood that correctly?

@rootsnase Based on this, the charitable reading seems to be what they are claiming: they need this license to literally transmit your data via HTTP. But uh, no other browser uses this language, so it's still weird.

@ireneista Many have suggested that the intended meaning here is something like "We literally need to license your data to transmit it via HTTP," but this feels off to me, given that no other browser's Terms contain this language. I'd be interested in your thoughts on that.

@mttaggart No. It is very explicitly listed on several places: https://policies.google.com/terms/service-specific

@Schouten_B This...makes my point? The enumerated services do not include the browser qua the browser. This is the distinction! Google is not, it seems, claiming a license over all HTTP requests you send anywhere via Chrome. But Firefox now is.

@mttaggart I can't find any way to read this in a way that it doesn't just apply for all of Chrome. Especially since they go out of their way to make sure we know it applies to Chrome. (Which to be clear, is to their credit)

@mttaggart

i'm hoping this doesn't apply to forks like librewolf or waterfox

@big_louse It explicitly does not.

@mttaggart Click the link. It explicitly lists it. They make zero distinction between webapps and native apps (or Chrome).

@Schouten_B Yeah I see it now. I just missed it because I too am sleepy.

Ope! Got one browser that does.

Thanks to @Schouten_B for uncovering the license language in the extended Google Terms of Service for Chrome.

@mttaggart Any thoughts on Librewolf?
https://librewolf.net/

@deFractal Sorry, I have none. Unlike many here, I do not require my browser to be FOSS. I use Vivaldi quite happily, and have never felt the need to explore the Firefox forks.

Talk to me when Servo makes it into something.

@mttaggart OK, fair enough, so, if I may ask, what is the best alternative to Mozilla/Firefox before I advise my friends to switch from Google Chrome to FF?

@maniandthenonos Ain't no best. As this entire conversation demonstrates, browsers are an intensely personal choice. For some, it's a value statement. For others, the choice is purely pragmatic. There have been several mentioned in this thread that prioritize different aspects (privacy, openness, compatibility, etc.). I personally like using Vivaldi, but that's a non-starter for a lot of of people due to its Chromium base. Shop around!

@mttaggart My priority criteria are full @ublockorigin compatibility and support for all my user scripts and user styles for anything requiring more something more complex than uBlock Origin filters. Tab containers are also important.

Essentially, I care about ensuring I can eat my cake and still have it: block each part of every site that doesn't serve my purpose, and still make the parts which do serve my purpose work despite that.

@mttaggart For all the shit that Brave gets, not even Brave has this in there TOS

@mttaggart why the hell do THEY need to use information that should only go between me and a website? FF worked for tens of years without this, what "basic functionality" are they talking about at this point?

@mttaggart we're not a lawyer but we have for sure worked on this sort of thing, and that would be quite a radical interpretation compared to any we've seen before... it's conceivable that something in the digital markets act or digital services act creates a new requirement we're not personally aware of, but our best guesses are >

@mttaggart > that it's one of two things:

1. Mozilla's lawyers overthought it and came up with something weird and unnecessary and are now regretting they didn't loop in the PR team

2. the company needs this permission because it intends to use this permission, because it intends to use browsing data in all the ways everyone is concerned about

@mttaggart We might need a description of said "basic functionalities". For instance, is spying on us to display targeted ads a basic functionality?

I'm not convinced one bit.

@mttaggart

> We need a license to allow us to make some of the basic functionality of Firefox possible.

Which basic functionality, exactly?
How, exactly, would it be impossible without the license?

> Without it, we couldn’t use information type into Firefox, for example.

Use *how*, exactly?
Can we please be more specific here, @mozillaofficial ?

@saphkey @copiesofcopies @mttaggart So are all software companies that upload content violating laws by not having this language? Or liable for some lawsuit? FTP software for example?

@rspfau @saphkey @mttaggart I’d call this a conservative approach to address a possible risk. What I will say is that GDPR pretty clearly applies to personal data “processed” by an app, so they might be trying to ensure they’re getting express permission to process personal data contained in user content.

@rspfau @copiesofcopies @mttaggart The lawsuit environment in USA is quite insane. People file lawsuits over any small thing.
And lawsuits are expensive. Often it just turns into a battle of attrition by money.

A terms of use document is cheap way to stand stronger in those battles.
Its not something that is required, but one day you might wish your company had one.

Just go have a look at the page, its mostly just textbook things like "You Are Responsible for the Consequences of Your Use of Firefox",
if you eat Firefox you are responsible for your tummy-ache
https://www.mozilla.org/en-US/about/legal/terms/firefox/

@rspfau @copiesofcopies @mttaggart In this article, Mozilla just put an update at the top to elaborate a bit:

UPDATE: We’ve seen a little confusion about the language regarding licenses, so we want to clear that up. We need a license to allow us to make some of the basic functionality of Firefox possible. Without it, we couldn’t use information typed into Firefox, for example. It does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice.

https://blog.mozilla.org/en/products/firefox/firefox-news/firefox-terms-of-use/

@saphkey @rspfau @copiesofcopies @mttaggart

@stinerman
Has anyone forked the sync host software? I know there's Pocket, or used to be, but I'd love to send my bookmarks elsewhere.
@TruelyNotARobot @_tissa_ @mttaggart

@copiesofcopies @mttaggart
There is no "them" involved in uploading, this is not Gmail, Firefox is software running on your local machine.

Unless you are predicting that Firefox will become a cloud service, running in your Chrome browser...

@leeloo @copiesofcopies @mttaggart They ARE a cloud service, including but not limited to Firefox Sync, the ReadItLater watchamathing (Pocket), Firefox Relay and a VPN.

Still my browser.

@jandi @copiesofcopies @mttaggart
We are talking about Firefox, not Pocket, Sync or all the other things Mozilla is doing.

Firefox is not a cloud service running in your Chrome browser.

@leeloo @jandi @copiesofcopies @mttaggart
If they were serious and sober at #Mozilla, you could install your Sync instance on your NAS since 15(!) years - and use it with Thunderbird, Nandroid, whatever.
What we have is a failed proof of concept of self hosting.
What we could have had, is a blooming garden of free modules for Sync.

@blausand You could easily self host Firefox sync 1.1 and there were multiple alternative implementations of the server. Only the new sync 1.5 made things so complicated that it got impossible for most users to self-host.

@saphkey @rspfau @copiesofcopies @mttaggart And yet there is no explanation of why they need to "use information typed into Firefox".

@mttaggart Like others, I'm trying to figure out what features this could possibly support. The only thing I can think of is the Firefox Sync, so I guess Firefox can use my passwords now? And for Select->Right Click->Translate to English? They get a license to whatever I'm trying to translate

@buherator They are in adtech, just not as a primary revenue stream. But leaving that aside, compare their Terms with browsers supported by similar models, like Brave or Vivaldi. You'll find this language much more expansive.

@mttaggart the clarification doesn't clarify anything 😞 it is still understandable as "whatever you do with and whatever is passed through the software is ours to do whatever we want"

@c0rb34u It scopes the "license" clause to only the data enumerated in the Privacy Policy. That clause by itself reads as greater than that set, which is problematic.

@eldersea @mttaggart If you send a message to your doctor, they have "oyalty-free, worldwide license to use that information"

@jbowen @mttaggart insanity. if they don't backtrack this, it's off to another browser.

@mttaggart the clarification is in a blog post, that may not be legally binding. so in my eyes any clarification outside of the ToS is worthless.

If #Mozilla wants to offer AI services or collect and use their users data, this should be a separate opt-in ToS in my opinion, not the terms of the base application.

But TBH #Mozilla is doing too much dumb management decisions these days, so I'm considering to stop recommending it. (colorways, firing #rust and #servo teams, ads for temu and so on)

Found another! Arc has worldwide license language.

But its language is clearly-scoped and explains the purpose.

https://start.arc.net/terms-of-use

@mttaggart
Oof, mutual arb, too.

@mttaggart @neil Seems like there been an update? https://socel.net/@9x0rg@mamot.fr/114074347639524428

@TheVampireFishQueen @mttaggart

Personally, I see no value in the statement in that toot!

@neil @mttaggart Agreed but I think they are just really really bad when it comes to communication and PR.

@mttaggart @neil @TheVampireFishQueen One @lilianedwards and I did a piece of theatre at #Gikii on this few years back - in the context of the Databox project, a self hosted personal data store - if data never left the device what licence if any did (commercial) SW supplier need, and what GDPR obligations did they have. Not sure we ever actually got to a satisfactory conclusion!

@TheVampireFishQueen @mttaggart I genuinely think that the whole thing is poor communication and writing rather than intentional problem causing.

@neil @mttaggart Also agree, I don't think they plan to sale everyone data (atleast not so blatantly), have exclusive rights to any material you upload via Firefox or ban adult content.

Any of that would kill them over night.

@TheVampireFishQueen @neil There are a couple of weirdnesses here that I am willing to chalk up to carelessness. But when writing your contracts, that's uh, not awesome as a defense.

But we must consider the alternative, which is that the vagaries in this policy are wiggle room they wanted for one reason or another.

@mttaggart (Note there has been an update to the top of the blogpost here to clarify this in more detail now: https://blog.mozilla.org/en/products/firefox/firefox-news/firefox-terms-of-use/)

@Schouten_B @mttaggart It's not about privacy. The language relates to copyright, and it grants Mozilla exactly the uses it states. The broader rationale for it doesn't really matter.

@jens @mttaggart Of course the rationale does matter 🙂. It's about preventing liability. The Chrome terms of service have an even more vague (and probably worse? Hard, not a lawyer) terms.

@Schouten_B @mttaggart Licensing terms do not require a rationale, they require the correct language. The language in these terms is unambiguous with regards to those terms.

The specifically worded rationale is fluffy. "As indicated by the user's behavior" (TL;DR) is wide open to interpretation with respect to which behavior implies what intent or requirements. In other words, Mozilla has all the legal leeway to grant itself semi arbitrary uses.

So, no, the abstract "privacy" rationale is...

@Schouten_B @mttaggart ... a smoke screen at best.

It's "will nobody think of the children??!" in techbro lingo. Creepy as fuck, and very much a reason to treat Mozilla as the enemy in the battle for the open web.

@jens @mttaggart Not really as it very clearly state only to facilitate your navigating of the web, and it explicitly does not allow Mozilla to collect that information.

'including processing data as we describe in the Firefox Privacy Notice' (which describes in excruciating detail what can be done)

@Schouten_B @mttaggart The precise wording is "to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox"

"indicate" is not "state" or "give consent to". "use" may mean simply starting the browser without interacting with it. "experience" is, by the very nature of the word, subject to interpretation.

This collection of words may mean that by starting Firefox, I "indicate" that I opt into AI training, which an assistant..

@Schouten_B @mttaggart ... can use to enhance my "experience" of search results, without my ever agreeing to this specific use of any data I upload.

It's beautiful, really, if one admires manipulative language which gives you near arbitrary leverage.

@Schouten_B @mttaggart Note also that the privacy notice is referred to as "... including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate ..."

So a) it includes processing data as described in the privacy notice, b) it also includes acting on my behalf to *help* me navigate, not to translate my express navigation instruction into practice, but c) the key word is the first, "include".

It's pretty standard US legalese to list...

@jens I'd like to believe you are smarter than this. But I understand that this topic makes people emotional.

@Schouten_B @mttaggart ... known uses ahead of time (done here), but keep the door open for other uses.

The next part about the copyright license notably does not explicitly refer to any specific such use, but stands alongside the previous listed uses. Which is great, because you *infer* it refers only to those, but that's not actually stated there.

Plus, they're open to amendment anyway.

@Schouten_B @mttaggart Oh, I am smart enough to read the ways this can be interpreted, Bas. That's precisely the problem.

@jens @mttaggart The first sentence already excludes Mozilla from processing that data in any way. But Firefox can mostly do whatever locally as long as it's not sending anything based on your data (as described in the privacy policy) to Mozilla or its partners. 'Legitimate interest' (as described in the larger document), is also a fairly well established term in the GDPR.

@Schouten_B @mttaggart Which first sentence does that magic thing?

@Schouten_B @mttaggart And you shouldn't mix "legitimate interests" in the GDPR context with copyright licenses. PII is not the same as copyrightable information and vice versa.

@jens @mttaggart 'including processing data as we describe in the Firefox Privacy Notice', i.e. the processing of data is described in the privacy notice, the next sentence explicitly applies to content you 'upload or input information through Firefox', the only way I can reasonably interpret that is as distinct from data being processed as described in the Privacy Notice.

(Note the legal bases section in the pirvacy notice also distinguishes more scenarios)

@Schouten_B @mttaggart Read my previous reply. You need to read the actual words of that, not the connections your brain wants to make.

@jens @mttaggart I guess I'm not sure what you are concerned about then. What do you think this paragraph gives Mozilla the right to do that you feel is a source of concern?

@jens @mttaggart No you're right, a lot of this is about 2001/29/EC and 2001/84(?)/EC. But they have exemptions for things like network transport and 'providing critical services', and such as well, even if we didn't use the phrase legitimate interest yet then.

@Schouten_B @jens Sorry to hop in, but since I've been poring over this for a day now, I think I see where you both are coming from.

The language seems to distinguish what you are licensing and what is covered by the Privacy Policy. That distinction lies in the "as well as" clause. Bas, your gloss is that because they only claim to process data listed in the Privacy Policy, whatever may be in the "as well as," (maybe nothing, maybe something someday) is out of Mozilla's reach. Jens, I think you're reading that to mean the "as well as" data can be processed, uncovered by the Privacy Policy.

Let's leave aside the blog update, which is for all intents not part of the contract.

Functionally, I suspect Bas is close to correct for now. However, it's difficult to imagine that, in drafting, no one read this with the suspicions voiced over the last 24 hours by the public. If we assume the vagueness is intentional, there is a space created for more opt-out (we hope) shenanigans down the road.

@mttaggart @jens Do you have a suggestion on how you'd reword it that you believe will take away the ambiguity while also protecting from litigation?