Mozilla’s system only measures the success rate of ads—it doesn’t help companies target those ads—and it’s less susceptible to abuse, EFF’s Lena Cohen told @FastCompany@flipboard.com. “It’s much more privacy-preserving than Google’s version of the same feature.”
https://mastodon.social/@eff/112922761259324925
Privacy experts say the new toggle is mostly harmless, but Firefox users saw it as a betrayal.
“They made this technology for advertisers, specifically,” says Jonah Aragon, founder of the Privacy Guides website. “There’s no direct benefit to the user in creating this. It’s software that only serves a party other than the user.”
Everyone’s up in arms about a literal anonymous counter, but the other option is the current “spy on everything you do”
How is Mozilla getting flak for this outside of a few hardcore nerds that are welcome to use chrome if they so desire…
And I say that as a huge privacy advocate. In the local tin foil hat “privacy matters” nerd and I honestly don’t see the problem.
And quite frankly anyone that’s said it’s a problem has only been able to come up with “it shouldn’t help them count your views “ which is ridiculous, because it’s very anonymous.
Sooo …. Help me out here, what’s the issue?
It isn’t anonymous, it’s slightly obscured.
They use ohttp ( a proxy ) run buy a “partner” they control to do the obscuring.
That should be part of people’s informed threat modeling. Having a tattle tale in the browser reporting web activity to a third party is a big deal.
From what I’ve seen PPA doesn’t depend on OHTTP to do the obscuring. This page mentioned Distributed Aggregation Protocol and differential privacy, that are meant to ensure that it is literally impossible for any one party to see your data. Not just “obscured”, but impossible to access.
But be sure to let us know what data about us a partner could theoretically view, and how, if you disagree.
https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap#name-security-considerations
https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-08#name-security-considerations
Clearly not impossible even according to the standards authors.
I’m still looking for some concise documentation about exactly what Firefox sends, and if I could, I would love to intercept that data so that I can send it myself at a later time, with extra details
There’s no reason why open source software should cater to advertisers.
Advertising is a plague on humanity. If we have to rethink our digital economics to fix it, then so be it.
If people aren’t ready to see an ad or pay to support something. Then maybe they don’t deserve that thing.
Exactly. I am happy to pay a reasonable price for content (I’m paying a bit for Nebula, for example), and my hope is that transitioning advertising to a privacy-friendly system run by clients will encourage more options to pay for content in lieu of ads.
I’d pay a few dollars a month to avoid ads on most sites, and I’m guessing that’s about what advertisers are making from me, but instead the options are:
- pay 10x what they’d make from ads
- see ads and get my privacy absolutely violated
- don’t interact with the thing
So the more we move toward privacy-respecting ads, the more likely we are to see more options than the above. At least that’s my take.
I just sent feedback to google from the “my ad center” page describing the wallet idea to pay the ad price instead of watching the ad. Last time i sent youtube feedback they didn’t come back to me but they did apply the change i was asking for. So we never know.
exactly. If the price was as much as ads pay it would cost users fractions of pennies per view. They just charge paid users so much more then that for the same thing. Since google ads is one of the biggest ads supplier we could technically have a wallet that substracts the ad value to not see it directly with google.
I mean, go ahead, rethink our digital economics. While we wait for that, what do we do in the meantime?
(And of note: Mozilla itself has launched several initiatives there as well (example), but none have panned out so far.)
Yeah it couldn’t happen overnight. I feel like ad blocking is a better solution to invest in up until that point however. We don’t need to enable advertisers.
I would support something like this. Or something like what brave does. Or something like GNU Taler.
Pretty much anything but sending extra tracking data out.
I feel a little worried that I’m not even sure how Mozilla could monetize this. At least when Brave does its ads, people know how Brave makes their cut.
Mozilla doesn’t monetise this; the whole point is to change the ecosystem to enable more privacy. It’s not a moneygrab.
Personally, I don’t have a problem with ads. And if those ads can support further development on an open source product I get to use for free then that’s even better. What I have problem with is privacy intrusive targeted ads. Even before the internet, newspaper, radio had ads. They sure were annoying, but not as bad of a situation as it is now.
Getting shot in the feet is technically better than getting shot in the stomach, but is still a bad option.
This entire thing is just idealism vs pragmatism for the trillionth time. The idealists are mad because they think all ads are bad and we shouldn’t try to work with advertisers in any capacity. They do not believe reducing the harmfulness of ads is a valid approach, because that would be an acknowledgement of ads. Common talking points there are about how this is technically working with advertisers and how the internet shouldn’t have ads in the first place.
The pragmatics also think ads are bad, but believe that an Internet without ads is very unlikely to happen, so they believe attempting to reduce the harmfulness of ads is a valid approach. Common talking points there are about how this isn’t giving advertisers anything they don’t already have and about how this doesn’t matter if you’re using an adblocker.
Like all other debates of this type, this probably isn’t ever going to be resolved to anyone’s satisfaction and we’ve really just been seeing the same talking points over and over again since the beginning. So I hope y’all have fun duking it out, I don’t think I’m gonna bother looking at these pointless PPA threads anymore.
As a privacy enthusiast and pragmatist, I see Firefox as providing no additional benefit to users or advertisers. Considering the laughably small market share of Firefox, I’m not sure how it is expected to woo advertisers over either.
Which of these options look more robust: Google Topics, Mozilla PPA, or advertisers doing AB testing on their own by simply using different links for different audiences?
| Method: | PPA | Topics | Using different links |
|---|---|---|---|
| Corporate creator | - | ||
| Needs users to trust 3rd party? | Yes (Mozilla) | Yes (Google) | No |
| ~% browsers it works on | <3% | >60% | 100% |
| Guaranteed privacy increase? | No | No | No |
If you trust the advertiser, they can do it on their own. If you don’t trust the advertiser, then the additional third party does nothing.
This is a nonsense comparison as these features serve completely different purposes, while only having in common that advertisers currently use user tracking to achieve the same.
Topics data-mines your browsing history for information about your interests and reveals this information to advertisers in order to improve ad selection. It’s meant to replace ad networks tracking each individual user’s visits to connected websites and building that profile themselves. Since this is, in a way, much more powerful than tracking cookies, Chrome has a scary dialog asking for it to be enabled, and I don’t think we’ll be seeing it in Firefox. “Using different links” cannot replace user profiling at all.
PPA doesn’t provide any new capabilities to advertisers. It’s a privacy-preserving way of measuring ad campaign success that is currently done by ad networks tracking individual users from ad impressions to conversions. “Using different links” is also defective, as advertisers need to connect ad impressions to conversions even if they are not immediately connected through a click on the ad.
If these features become generally available, this reduces the leverage advertisers have on legislators to prevent tracking from being outlawed. Mozilla will be hoping Chrome picks up PPA.
You want to legislate telling companies which servers they are allowed to gather data from, making it into a de jure oligopoly rather than a de facto one?!
Wrong.
Not an idealist, I’m not even mad, just calling out the hypocrisy because Mozilla did this quietly, not telling us at all.
“I’m doing this for your benefit, but I’m not telling you about it”, where have we heard that before?
Save me from people “doing things for my benefit”.
Just so funny how you blatantly mis-charaterize this, even using pejoratives to label people who dislike Mozilla’s arguably adversarial approach.
And frankly, they had a chance to develop a fair balance over 20 years ago, and chose to say “fuck all the users” instead. And the website owners keep repeating this. Ok, fine, I will never stop blocking ads - they chose this battleground, not me.
To take your approach to making arguments: how’s the taste of boot today?
Please argue how removing all (non-voluntary) advertising from society right now would do anything other than vastly improve society, and keep calling people like me idealists.
All ad supported services would need to move to a paid only model, locking out those who couldn’t afford to pay.
Or profit margins could just go down. I don’t know why you treat those two concepts as mutually exclusive; it’s been shown that even with expensive products companies will still mine massive amounts of user data and advertise to you endlessly. These parasites aren’t going to turn down extra profit at any avenue, no matter how legally, morally, or ethically questionable.
Many of the non-pragmatists also see this as somehow leaking information about you to advertisers though, rather than only working together with advertisers in the first place. But nobody has been able to mention what an advertiser would be able to know about me.
(Yes, yes, there are also people for whom it is only about working together with advertisers - I’m not talking about you, so no need to let us know.)
It’s not that the ad issue isn’t going to be solved, it’s that ads are here now and we have to deal with them.
They are going to be replaced by direct micro-payments eventually but the puzzle pieces have been slow to get into place (also Google and the whole ad industry haven’t been cooperating for obvious reasons).
One of the major hurdles was the [in]ability to make online payments of a fraction of a cent but the digital Euro aims to make that possible (among other things).
With that and support for direct micropayments implemented in the browser we’ll be able to give a web page owner that fraction of a cent they get from ads now but only IF we want to, and when we do that we cut out all the ad industry as middlemen.
The problem with PPA wasn’t anything to do with the method it uses. Given enough announcement, discourse and investigation by the community; it’s entirely possible that users in general would have accepted it.
However; Mozilla did something very wrong by deploying this without asking the greater community. Point blank. That’s not good faith; and that did not allow for the community to go over the code and suggest fixes and express their concerns with how it works.
Instead Mozilla took the lead and decided it will exist; quietly. Without consulting the community. Given that this is how most companies turn selfish, that alarms MANY people who are knowledgeable about how Mozilla typically operates, and it undermines public trust in Mozilla.
