Mozilla, the non-profit that develops the Firefox web browser, has been hit with a complaint by European Union privacy rights group noyb, which accuses it of violating the bloc’s General Data Protection Regulation (GDPR) by tracking Firefox users by default without their permission.
It’s unusual to see a privacy complaint targeting Mozilla, an organization which is more often associated with efforts to bolster web users’ privacy rights, such as siloing cookies to prevent cross-site tracking. However noyb has taken issue with a new feature Mozilla recently deployed in Firefox that it argues turns the Firefox browser “into a tracking tool for websites”.
Mozilla calls the feature at issue “Privacy Preserving Attribution” (PPA). But noyb argues this is misdirection. And if EU privacy regulators agree with the complaint the Firefox-maker could be slapped with orders to change tack — or even face a penalty (the GDPR allows for fines of up to 4% of global revenue).
“Contrary to its reassuring name, this technology allows Firefox to track user behaviour on websites,” noyb wrote in a press release. “In essence, the browser is now controlling the tracking, rather than individual websites. While this might be an improvement compared to even more invasive cookie tracking, the company never asked its users if they wanted to enable it. Instead, Mozilla decided to turn it on by default once people installed a recent software update. This is particularly worrying because Mozilla generally has a reputation for being a privacy-friendly alternative when most other browsers are based on Google’s Chromium.”