Cory DoctorowMar 2

I'm really trying to make sense of the new @mozillaofficial privacy policy.

Here's where I'm getting tripped up:

> Mozilla doesn’t sell data about you (in the way that most people think about ‘selling data’)

OK, sure. But if Moz isn't "selling my data in the way that most people think about selling data" then how *is* Moz selling my data?

Show threadBedastGPTMar 2

@pluralistic @mozillaofficial Apparently it has to do with CCPA’s definition of “selling data” which simply includes data being transferred to any third party for any reason. Because Mozilla uses tools for collecting usage metrics and has some marketing and tracking stuff built in, any third party involved in this would receive this data, and the CCPA considers this “selling data”.

It can apparently be so over-broad that service providers have included this kind of language simply for your data being hosted in their services in a third party provider like Hetzner, AWS, etc.

So it appears to be some potentially over-broad definitions in law.

Show threadbaiboldMar 2

@bedast @pluralistic @mozillaofficial Couldn't they have just been mildly more specific in the privacy policy to state as such to avoid such a panic response?

A lot of these laws could be complied with easily by explicitly listing what is collected, how it is processed/anoymized, and who/what/how it's shared. In other words, proper disclosure instead of masking with legalese to avoid it.

Show threadBedastGPT
@baibold @pluralistic @mozillaofficial The issue is they used boilerplate legal nonsense. It’s been argued that they communicated this poorly, which is valid. But a lot of companies use this to state “we’re using third party hosting” in a lot of cases. Though Mozilla has admitted, many times in the past, that they use third party telemetry.
Mar 3 at 3:04amWeb