On leveling the playing field and online tracking

(Please note that this post does not reflect Mozilla’s position or policies.)

Like many parts of our computing systems, some of the core parts of the Web platform weren’t designed with security in mind and as a result, users are suffering to this date.  The web platform has tried to provide a secure sandboxed environment where users can run applications from untrusted sources without the fear of their devices or data being compromised.  But the fact is that if we were to design a second iteration of this platform from scratch, we would probably make vastly different choices when it comes to issues such as execution of third-party code, or persistence of global data exposed to third-parties.

Over the years, browsers have spent significant efforts to restrict the attempts that these third-parties that are present on the Web today can do.  However, these basic foundational problems have remained unsolved in most browsers.  As a result, third-parties have been engaged in activities like collecting the user’s browsing history, personal data, information about their device, and so on, which is a subversion of the built-in protections that browsers provide to prevent the “straightforward” ways of getting this data from the third-party’s own website (aka, their own users).  Safari is the notable exception in at least the area of exposure of global data to third-parties.  I think they got the right defaults from the beginning which was hugely advantageous for both Safari and the browser community at large — for the latter since it showed that the “holy grail” of exposing no global data to third-parties is achievable, not some far-into-the-future dream which will never happen.

What’s worse, the presence and actions of these third-parties is often hidden from the user.  Even when their presence is obvious (e.g. through a visible iframe) their appearance may give the impression that they’re inert until interacted with, which is far from what’s actually going on behind the scenes.  As a result, when the user uses a browser, they often have very little knowledge of the implications of any of the actions they’re taking while browsing, in terms of the presence of these third-parties.  After all, the browser interface has traditionally been designed around the concept of a safe sandboxed environment where the user can navigate from page to page freely (and the browser would intervene if something would go wrong by putting up a prompt).  The whole online tracking ecosystem is fundamentally incompatible with the basic UI principles of browser design IMO.  Not that the problem is on the browser design side.  🙂

One thing that has been interesting is the response of the industry to the norms enforced by the browser.  Safari’s privacy protections have been under attack many times (such as by Google and Criteo).  This pattern of circumvention of browser provider privacy protections shows a will to exceed the limits of doing what’s allowed.  It also demonstrates that the third-party side of the picture here is willing to enter an arms race.

But what about users in this picture?  Right now, they have very little power, if any at all, in this picture.  In social and political sciences, power is defined as the ability to control or shape other people’s behavior.  Users need to have some ability to change the behavior of these third-parties, if we have any hopes of the Web improving.  There are many potential solutions one could think of, and some have been tried, but I think users could use more technical leverage here.  One problem is that most browsers have traditionally been on the side of the third-parties, through not clamping down on the problematic practices hard enough, so the playing field is highly skewed for the benefit of these actors.

I think there is also an equity aspect to this.  Those with technical know-how typically learn enough to protect themselves through installation of tracking protection extensions, and using more privacy friendly browsers.  But based on the public data available we know the reach of these add-ons is quite tiny compared to the population of users who are on the Web.  Furthermore, the situation is astonishingly bad in Chrome-majority Android markets on mobile, where users often stick to the OS-provided browser, contractually required by Google, which currently has no plans to support extensions on mobile, even though they have been shown viable for years by competitors such as Firefox for Android, Yandex Browser (based on Chromium), etc.  So many users there are stuck with a browser that doesn’t even allow them to find a way to protect themselves, unless if they seek a secondary browser, and know which one to pick.  The technical know-how required for this sometimes corresponds to aspects of the individual such as the background of their family, where they came from, their wealth and social class, etc.  Whereas privacy should really be considered a human right, irrespective of any of these factors.  In order to address this aspect, we need protections that work out of the box, don’t need configuring anything, and don’t get in the way of the user, and don’t need educating the user, and don’t put any burden on the user by assuming they’re going to understand or care about the technical details of how online tracking works.

Safari has led the way here in the past few years with ITP, and Mozilla recently announced that Firefox will be changing its approach going forward as well.  We need other browsers to join us in this battle as well, and we need to engage on many fronts and try to win back our users’ privacy bit by bit.  When thinking about the future, one can look at browsers realigning themselves with the user’s privacy expectations as leveling the playing field between the user, the website and the third-party.  We may never find the perfect balance, but we can surely do better than the Web that we have on our hands so far.

Tagged with: ,
2 comments on “On leveling the playing field and online tracking
  1. Colby Russell says:

    >Furthermore, the situation is astonishingly bad in Chrome-majority Android markets on mobile, where users often stick to the OS-provided browser, contractually required by Google

    Mozilla had a ripe opportunity to prevent this. Instead of doing the thing that needed to be done and would have had the highest impact—spinning out its own humble fork of AOSP, coordinating with handset manufacturers to produce hardware that people can actually buy and use, bundling Firefox with it, and *then* after establishing those kinds of relationships with vendors and end users, trying to take on more ambitious goals—Mozilla leadership squandered years and hundreds of millions (billions?) of dollars in engineering on something that anyone outside the Corp’s own echo chamber could have seen was guaranteed to fail. At the same time that the mobile Firefox team was moving away from a Gecko-based UI for performance reasons, Brendan and Andreas were saying that Boot2Gecko is the future. Mozilla advocates were giving demos swiping through janky UIs with glowing commentary and no hint of irony.

    Even all that wouldn’t have been an unrecoverable error, but through the whole process you eventually compromised on the Mozilla principles *and* stratified development by “othering” large parts of the community that weren’t contributing from behind an @mozilla.com address.

    It seems like the only things that Mozilla is good at doing today are things like:

    * making promises that carry a faint whiff of renegade activism
    * PR fluff meant to cash in on goodwill that the project generated last decade
    * adware in the browser
    * features that are the result of the kind of navelgazing that webdevs do to impress other webdevs
    * reactions to criticism like this that are the result of Mozilla’s characteristic persecution complex to see itself as the underdog

    How long ago was it said the first time that Firefox would be taking a stand on third-party cookies? And how long has it been since Apple went and actually did something about it?

    This comment composed in Firefox.

    • ehsan says:

      Dear Colby,

      We have no shortage of bitter users, each with their own pet peeves on what they think Mozilla should have done right. And they all see all Mozilla developers as a uniform entity without independent thought from the Mozilla leadership. I’ve been around the block long enough to have seen this many times, so seeing you being bitter to me on my personal blog about something that was not my decision and has nothing to do with what I’m writing about now isn’t surprising unfortunately. I will as always try to grant the best assumptions and think that the bitterness comes from a good place, from being passionate and caring that we do the right thing, which isn’t a bad thing on its own.

      I know your question at the end is rhetorical and you probably don’t expect a response, but please note that Mozilla developers didn’t sit around and ignore privacy since that initial attempt which failed. We’ve worked on many features in the mean time, some more in the research side of things (e.g. first party isolation, containers) and some which we have managed to ship to our users in Firefox in some form already (e.g., tracking protection). Do I personally think we should have done more? Yes. Have I and many others tried to do more in this space in the past? Definitely. Are we going to act completely differently going forward compared to in the past? You bet!