Why wouldn’t we?
Reading beyond the “confusion” headline clears up the confusion.
Useful info from the article you linked:
Several people in the community wanted the organization to consider revising its recent Terms of Use to avoid losing the confidence of its user base altogether.
Mozilla’s new Terms of Use causes confusion among Firefox users
However, the situation is not as alarming as some users might have perceived it. An updated statement from Mozilla clarified the issue. The organization insists that Firefox remains open-source software, these new terms only apply to the official version of the browser, arguably establishing a disconnect between the source code and user experience.
Here’s what it said:
We’ve seen a little confusion about the language regarding licenses, so we want to clear that up. We need a license to allow us to make some of the basic functionality of Firefox possible. Without it, we couldn’t use information typed into Firefox, for example. It does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice.
The new policy merely allows Firefox to function as it always did, to help users visit web pages, allow the browser permission to store your personal information such as form data, or to access a file that you wanted to upload to a website.
Posting a statement from Mozilla regarding this topic is a bit like asking Marlboro for a statement on smoking.
Privacy researcher Sarah Jamie Lewis looked into this and found very clear words about Mozilla’s new ToS and privacy notice:
Also:
Your use of Firefox must follow Mozilla’s Acceptable Use Policy
Source: Firefox: About Your Rights — Mozilla
In their " Acceptable Use Policy" are things like:
You may not use any of Mozilla’s services to:
[…]
Upload, download, transmit, display, or grant access to content that includes graphic depictions of sexuality or violence,
Source: Acceptable Use Policy — Mozilla
That’s non of their business and a pretty ridiculous limitation for browser use.
Mozilla’s services probably don’t include Firefox itself, but all the things they run that connect to the browser.
Will fedora switch to zen or some other browsers
Can I have my say? Fedora should use the DE’s official web browser by default.
Why wouldn’t we?
Reading beyond the “confusion” headline clears up the confusion.
Because Firefox is no longer DFSG compliant? #1099130 - firefox-esr: Please package a fork that respects users privacy - Debian Bug report logs
Fedora is not and never has been a Debian derivative; it’s always been based on RedHat, so Debian’s Software Guidance rules are completely irrelevant except as suggestions that we can follow or not as we see fit. In this case, their rules are completely unenforceable and can safely be ignored. I could easily describe them in derogatory terms, but see no reason to start a flamewar, as I’m willing to assume that whoever wrote that policy did so in good faith.
Putting a camera on a toy drone and viewing it with VLC on Fedora might be against terms
Fedora is not and never has been a Debian derivative
I’m very aware, but I’m also aware that Fedora, like Debian, is one of the more “pure” distros when it comes to software Freedom, so I imagine one distro’s handling of software Freedom concerns is considered when the other distro is making a similar decision.
The last paragraph of that policy says this:
Fedora software in source code and binary code form are publicly available and are not subject to the EAR in accordance with §742.15(b).
Also, that has to do with government regulations, not to do with companies voluntarily changing the license (ToU is a form of license) by which their software is distributed.
One thing about the new ToU that I don’t see basically anyone talking about, but is a big concern, is this:
It also includes a nonexclusive, royalty-free, worldwide license for the purpose of doing as you request with the content you input in Firefox.
OK, lots of people are talking about this, but from a “I don’t want to give Mozilla a license to my content” perspective. A major issue that I don’t see anyone talking about is what happens when you enter information into Firefox that you don’t own, and therefore are unable to give Mozilla a license to. As an example, I do contract work (fullstack software development), and that often includes putting information into Firefox (especially entering things into devtools to test) that I do not own, but rather the company I contract for. Unless I get their legal department to give the OK to give Mozilla a license to whatever code/data/etc I put into Firefox while doing my work, I legally can no longer use Firefox for my work.
(I will add that if I continued to use Firefox, it would be unlikely to have any notable real-world consequences, but it’s wild that it would be technically a breach of contract to use a major web browser in web development work. Like, how did we get here?)
“for the purpose of doing what you request” is the important qualifier here.
If you tell Firefox to upload data somewhere Mozilla does [not] want to be held accountable or liable for that.
As someone with the reflex to defend Mozilla at first:
I use Firefox with custom hardening since a long time.
There are multiple ways, mostly group policies and user.js files
I recently made this group policy, which is in /etc/firefox/policies/policies.json
and applies to every newly created profile
Here it is
{
"policies": {
"Extensions": {
"Install": [
"https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
]
},
"SearchEngines": {
"Add": [
{
"Name": "DuckDuckGo",
"URLTemplate": "https://duckduckgo.com/?t=ffab&q={searchTerms}&ia=web",
"Method": "GET",
"IconURL": "https://duckduckgo.com/favicon.ico",
"Alias": "ddg"
}
],
"Default": "DuckDuckGo",
"Remove": [
"DuckDuckGo",
"Google",
"Bing",
"Ecosia"
]
},
"ExtensionSettings": {
"google@search.mozilla.org": {
"installation_mode": "blocked"
},
"bing@search.mozilla.org": {
"installation_mode": "blocked"
},
"ecosia@search.mozilla.org": {
"installation_mode": "blocked"
},
"amazondotcom@search.mozilla.org": {
"installation_mode": "blocked"
},
"youtube@search.mozilla.org": {
"installation_mode": "blocked"
},
"yahoo@search.mozilla.org": {
"installation_mode": "blocked"
},
"startpage@search.mozilla.org": {
"installation_mode": "blocked"
},
"ebay@search.mozilla.org": {
"installation_mode": "blocked"
}
},
"SearchSuggestEnabled": false,
"DisablePocket": true,
"AppAutoUpdate": false,
"DisableFirefoxStudies": true,
"DisableFormHistory": true,
"DisableTelemetry": true,
"DontCheckDefaultBrowser": true,
"EnableTrackingProtection": {
"Value": true,
"Cryptomining": true,
"Fingerprinting": true,
"EmailTracking": true,
"Exceptions": [
"https://netflix.com"
]
},
"FirefoxHome": {
"Search": true,
"TopSites": false,
"SponsoredTopSites": false,
"Highlights": false,
"Pocket": false,
"SponsoredPocket": false,
"Snippets": false,
"Locked": true
},
"FirefoxSuggest": {
"WebSuggestions": false,
"SponsoredSuggestions": false,
"ImproveSuggest": false,
"Locked": true
},
"Homepage": {
"URL": "https://duckduckgo.com"
},
"HttpsOnlyMode": "force_enabled",
"LegacySameSiteCookieBehaviorEnabled": false,
"LegacySameSiteCookieBehaviorEnabledForDomainList": [
"example.org",
"192.168.*"
],
"NetworkPrediction": false,
"NewTabPage": false,
"NoDefaultBookmarks": true,
"OverrideFirstRunPage": "https://duckduckgo.com",
"PopupBlocking": {
"Allow": [
"http://example.org/"
],
"Default": true,
"Locked": true
},
"PostQuantumKeyAgreementEnabled": true,
"UserMessaging": {
"ExtensionRecommendations": false,
"UrlbarInterventions": false,
"SkipOnboarding": true,
"MoreFromMozilla": false,
"FirefoxLabs": true
},
"ShowHomeButton": true,
"SSLVersionMin": "tls1.2"
}
}
Additionally, users can place a user.js in their profile, which has waaay more options and is really good for hardening, but more complicated to preinstall I suppose.
I think it would be nice to have a systemwide policy with sane defaults for security, search engines and privacy
If you tell Firefox to upload data somewhere Mozilla does want to be held accountable or liable for that.
IANAL, but isn’t that a separate question? Limitation of liability is already provided for in the Mozilla Public License, which isn’t at issue here. Whether Mozilla is accountable for what I do with Firefox is a different issue from whether Mozilla gets a license to the data I upload.
For example, if I upload the same data by making a POST request from the command line with GNU wget
, the GNU project doesn’t require me to grant them a license to that data. Why do Mozilla think they need a license to it?
I don’t understand why Mozilla is saying things like “without the license, we couldn’t use information you typed into Firefox”. Sure, if you use Mozilla services like bookmark sync, search suggestions etc, then you’re giving Mozilla your data and the license terms of that need to be made clear. But if “using the information” simply refers to the normal operation of the browser (like taking the URL I type in, performing a DNS lookup, then an HTTP GET request, then rendering the page) - which doesn’t require Mozilla services - I don’t see how it can be true.
Hopefully this part is just bad drafting by lawyers who aren’t close to the technology, and it doesn’t ultimately matter. But…
I must say that when I first read headlines about these changes, I dismissed them and thought it was going to be a tempest in a teapot. However, when you go into the detail IMO it is concerning to see Mozilla pull back from its promise that “we will never sell your data” (for example in recent changes to the Firefox documentation).
It would be good if the Fedora-provided Firefox ensures that all data collection is disabled by default.