To disable it in about:config
browser.search.serpEventTelemetry.enabled = false
browser.search.serpEventTelemetryCategorization.enabled = false
People really need to kill that notion that telemetry is automatically bad. If the information they are collecting is minimal, as non-identifiable as possible and actually being used to help develop the browser, it’s a good thing.
Yes, turbo nerds in the back, specially being opt-out, opt-in telemetry is pretty much useless for trying to understand the majority of your user base.
There is an actually moral alternative to opt-out that doesn’t have the poor-sampling problem of opt-in: ask for consent explicitly.
It’s the ideal solution morally-wise, but it still samples out a ton of users precisely because people are used to the idea of telemetry = bad
I wonder why users would have such a bias, other than their experience over the last 25 years.
I’m a developer. I side with the users on this.
Syncthing is one of the best examples of telemetry done well. On first startup, they ask if you agree to enable telemetry, they show the data that will be send and inform users that the collected data can be viewed at https://data.syncthing.net/
Yeah I normally opt out of all tracking or telemetry, but when it’s a project that I feel like I can trust and want to make better I make sure to turn it on.
That must be why Mozilla and Microsoft famously serve the needs of their users so well.
Read what I said again. It is not automatically bad, and it doesn’t mean it can’t be poorly used or poorly understood by the ones collecting it. It just means that it is an effective way to understand how your users are using your product.
Putting Mozilla (which from what I can tell is doing as much as they can trying to collect this telemetry data in a way that can’t be used to identify its users) in the same domain as Microsoft, which collects pretty much everything it can to sell to third party advertisers is ridiculous as best and disingenuous at worst.
They have much in common when it comes to telemetry, in that they both collect quite a lot of it and spend much time and effort to analyze all that data so as to improve the user experience.
I hadn’t really considered the advertising angle, but now that you mention it I’m sure advertisers would also find all this thoroughly privacy-respecting anonymized data to be of interest when they’re considering the idea of paying for promotion through Firefox Suggest. Mitchell Baker may no longer be in charge of it, but there must still be some highly placed people over there who are fully on board with her vision of turning Firefox into a better advertising platform.
So which organisation with many userse serves the needs of their users better without collecting data?
Most free software does not have telemetry, and when it does it’s almost always opt-in. Firefox is the one major exception to that rule.
Hmm, so what user-facing free software is at Firefox’s scale? I think Ubuntu has telemetry, for example (though I think they even have fewer users).
Ubuntu telemetry is fairly minimal, as of last time I used it a few years ago. Not remotely comparable to what firefox does. They just want to know what hardware you have, there’s no user behaviour tracking, and it’s fully opt-in (you have to deliberately turn it on when installing). KDE and Gnome have a little something like that as well now, I think. Almost everything else does not.
Debian has a list (last updated 2023-10) of software among the 97000 packages they distribute which have been found to violate user privacy by “phoning home” for telemetry or other purposes:
- gnome-calculator - fetches currencies
- Firefox - multiple issues
- Thunderbird - opt-out telemetry that is not yet patched for Debian
- Chromium - phones home in various ways
- syncthing - version check and lots more
- cura - phones home in various ways, patched out in Debian
- azure-cli - collects “anonymous” telemetry by default
- glances - connects to several online services to discover public IP
- webext-bulk-media-downloader - loads the website and sends version info
- Golang - planning on implementing enabled-by-default telemetry
there’s no user behaviour tracking
I mean, that depends on how you define user behaviour. It tracks which packages are frequently installed, for example, or how often people install Ubuntu in the first place. All of which I think is pretty legit, in my opinion, since that only involves aggregate user statistics that help prioritise work and detect common problems - but that’s essentially what Firefox is doing too.
Debian is a great example of relatively commonly used free software that doesn’t really collect data btw.
Canonical apparently turned on enabled-by-default telemetry for new installs in 2018 which records basic system hardware stats and such. It’s not that much compared to what Firefox sends, but adding it still did damage to their reputation.
Another thing Ubuntu has in common with Firefox is a continuing long-term decline in market share. As they do things like adding telemetry, flirting with the idea of putting advertising in the package manager, insisting that everyone use snap, et cetera, users have started to go elsewhere. As I did.
In the case of Ubuntu though, the company’s main business is in serving their corporate customers. If it’s little-used by the rest of us the company might still do well, as I hope they continue to do. Firefox does not share that advantage.
Never mind the controversy about telemetry in general, which I suppose has its uses even if it’s too often over-used. This telemetry in particular — collecting data about how many times you searched for things involving shopping, travel, real estate — is ridiculous, and cannot be justified by vague platitudes about enhancing the browsing experience.
collecting data about how many times you searched
I don’t think this stores how many times you specifically have searched for something - just how many times something has been searched for in general. In other words, nobody will be able to tell anything about you from this data.
(Which is very different from e.g. the data Google collects about you and shares with its partners.)
This measure is not linked with specific individuals and is further anonymized using a technology called OHTTP to ensure it can’t be connected with user IP addresses.
it’s kinda ridiculous to see them emphasise this but get called out as if they are doing so. if anything they seem to be taking the most privacy focused approach I’ve come across, going forward as a decent example. Also makes me appriciate that they look for other feedback than user comments cause that seems like a notoriously unreliable source of info for data-driven decisions
Speaking of large numbers of user comments, I was just reading the hacker news discussion. Whatever you think of that site, it’s full of the sort of people who used to be the core of the Firefox user base. People who would help their friends and family get it installed. Web developers who made sure their site works with more than one browser engine. People who know enough to be offended by changes like this one. People who Mozilla needs to reach if it wants to have a future in the web browser market.
Comments elsewhere are similarly negative. I encourage everyone who cares about Firefox to turn off all the telemetry, or perhaps even consider moving to one of the forks such as Librewolf. If they notice enough of a drop in incoming data collection after this latest move, perhaps there’s still a chance that Mozilla will get the message that they need to change course before it’s too late.
I think I share your view about course correction needed but if anything this seems to be a step in the right direction, I really do not see how Mozilla is being unreasonable (with this feature). To have a chance at the market outside of core geeks some telemetry is needed, and if we truly think that anonymoused (not connected to session, IP, or user, only distinguishable from others by timestamp of when data was recieved) counters based on a few narrow categories, then I think the userbase is a part of the problem.
should we really protest when they are doing it right? are we not being unreasonable if we take the stance that no telemetry is allowed?
the only step in a more privacy-direction I can see this feature taking is if it is opt in by default, but this being so incredibly trivial non identifiable info, I think maybe it’s better for all parties for those to just use Librewolf then
MOZILLA COME ON
don’t say you’re adding telemetry then end with a paragraph about “making the internet safer” >_>While I do think this is wrong, security != privacy
As a LibreWolf user I found the serpEventTelemetryCategorization to be disabled by default
But serpEventTelemetry was still enabled
Is this just me or can anyone else back me up?
Confirmed. I just turned it off. It’s possible that LibreWolf never sends telemetry regardless of how this is set; I have no idea.
It might be worth creating an issue
deleted by creator