Hi,
It's very concerning to me that you have not answered the obvious
question: what domains are collected? All of the ones visited while the
browser is running? The ones visited while Hello is open? The ones
visited while shared through Hello? What about the ones that someone
shared with you through Hello, rather than that you shared with someone
else?
What about Private Browsing mode, have you disabled collection there?
On 04/04/2016 10:01, Romain Testard wrote:
We would use a whitelist client-side to only collect domains that are
part of the top 2000 domains (Alexa list of top domains). This prevents
personal identification based on obscure domain usage.
Mathematically, the combination of a set of (popular) domains shared
could still be uniquely identifying, especially as, AIUI, you will get
the counts of each domain and in what sequence they were visited / which
ones were visited in which session. It all depends on the number of
unique users and the number of domains they visit / share (not clear:
see above). Because the total number of Hello users compared with the
number of Firefox users is quite low, this still seems somewhat
concerning to me. Have you tried to remedy this in any way?
The beginning of your message mentioned that you were interested in
different "types" of sites. I don't think it would be necessary to
optimize Hello for one shopping site over another, or for one search
engine over another, or for one news site over another. So, why don't
you categorize the domains in the whitelist according to broad
categories ("news", "search", "shopping", "games", or something like
this) on the client side, and then send that information instead? If the
set of domains is limited (which it is) then this should not take that
long, and get you exactly the information you want, and limit the
privacy invasion that the current collection scheme represents.
6 months also seems incredibly long. You should be able to aggregate the
data and keep that ("60% of users share on sites of type X") and throw
away the raw data much sooner than that.
Finally, I am surprised that you're sharing this 2 weeks before we're
releasing Firefox 46. Hasn't this been tested and verified on Nightly
and/or other channels? Why was no privacy update made at/before that time?
~ Gijs
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
