If there was a group/vendor you could trust to develop such a universal engine to rule them all, that could work out. But, alas, no big tech company could ever be trusted with such a task (they would try to push their agenda, e.g. by preventing ad blockers).
Whoa, slow down there. You can't just go around asking people to read first-party sources and think critically on their own about an issue without getting their opinion from their feed or influencer of choice. That's an unreasonable and insane expectation! /s
The first-party source is Mozilla themselves skirting around saying, but very heavily implying they are now selling unspecified data about me to unspecified actors, in a legally binding way, then walking it back with a pinky promise that is not legally binding, so doesn't actually mean anything.
And here's another credible source explaining Mozilla's mistake in making this decision based on language that was only present in a draft version of the CCPA, as opposed to the final version, but which also made it to Wikipedia: https://news.ycombinator.com/item?id=43276624
Most of the conversation on this topic never moved past the first misunderstanding, just a bunch of irrational kvetching at Mozilla by people who read an (incorrect) summary of the situation.
Why do you trust everything the allegedly bad guys say? By reading it and thinking critically as you said we all should, I can easily see that they are following the pattern that many bad guys follow: write some legalese allowing them to do bad stuff, then write some non-binding non-legalese saying they won't. Then only point at the latter to silence complaints. And then, the next step in the pattern is to actually do the bad stuff, while continuing to point at the non-binding non-legalese.
Whereas you seem to be taking what they said at face value, which is not critical thinking.
Not much changed on Mozilla's side, only the law (e.g., CCPA, GDPR), because technically speaking (as far as CCPA is concerned), Firefox has already been “selling” users' data.
Furthermore, at this point, that legalese talks about features that the user expects. Otherwise, in the EU, Firefox would be forced to ask for explicit consent. GDPR is so strong that when Firefox will actually sell your data, you'll know it because in the EU it will have to tell users exactly how or why.
Note that Mozilla was already hit with a privacy complaint in the EU due to PPA [1] because it's opt-out instead of opt-in. Whether they'll be found guilty by EU's DPAs, it really depends on whether they actually anonymize that data, as they claim to do, or not. Note here that the GDPR doesn't accept pseudo-anonymization as being valid anonymization.
Of course, it may take a while to find the outcome of such complaints, just note that as far as the GDPR is concerned, that Privacy Policy of theirs doesn't count for squat. It really doesn't matter what they claim in their Privacy Policy, unless they are lying, i.e., if they actually “sell the data” of users in a way that users don't expect as part of the service, then the GDPR asks for explicit consent (opt-in).
Technically speaking, they've already sold user data since 2006 because they've been installing Google's Search as the default, used, for example, for search suggestions. So everything you type in that address bar, goes to Google, and they get paid for it. Of course, search suggestions are part of the service that the user expects, but note that the user's search history can also be used for user profiling by Google. So as far as the CCPA is concerned, that's selling user data. And, very importantly, Firefox has been funded by ad-tech since 2006, much like all Chromiums and even Safari.
What's actually new is that Mozilla wants to diversify. Which is good, as the Search deal is in jeopardy and those hundreds of millions of $ they need to fund the browser aren't going to come from donations. So they would like an alternative to cut the middleman, i.e., Google. If that alternative is also privacy preserving and at the very least opt-out (though I'd prefer opt-in), then that's even better than the status quo.
People unhappy with this deal are people that hate advertising, or any reasonable monetization strategy, as if a viable browser with an independent engine could be funded via the donations of people that ad-block YouTube instead of paying for Premium.
---
TLDR:
1. Nothing actually changed, and that Privacy Policy doesn't count for squat.
2. Results matter, not words, results such as that wonderful offline translation feature, which is a great showcase of privacy preserving AI tech that only Mozilla pulled ;-)
PS: Isn't it odd that whenever the underdogs get boycotted, the winners are always the Big Tech solutions that are far worse in every aspect?
First of all, while many valuable perspectives are offered here, the legal nuances of the CCPA are complex and usually best assessed by those with formal legal expertise. It seems to me that individuals without legal training are the primary source of the allegation, so I believe that allegation itself needs to be taken with a grain of salt, as those making the accusation are quite possibly missing key legal context. This isn't intended as an insult, rather, just an objective observation from my perspective. Please ask a lawyer or law school friend to review all of this, including both the blog post and other HN post I linked above, as well as the links in that HN post, which include a law blog citing the drafting error. I encourage everyone with legal expertise to review these points and share additional insights. I am offering numerous, reputable, cross-checked sources for my position, something I haven't seen or heard from the people arguing for your position. If you have more information to share, please do share it. I want to have as holistic an understanding as possible here, after all.
Second, Mozilla as an entity has a lengthy track record of being the only big good guy in the "browser wars" for a long time. The entire ethos of Mozilla - both the foundation and the corporation (not the same business entity, another detail the many voices weighing in on this subject aren't even aware that they didn't know, but which is directly relevant to the legalese of the CCPA) - was to preserve a free, open-source, less untrustworthy major browser, in the face of IE and Chrome, both products of companies have taken a more opaque approach to their proprietary code and have been involved in decades worth of controversial experiments on (and changes to) user privacy, unlike Mozilla. Microsoft and Alphabet (Google) want to hide their code from you because their code contains a bunch of functionality that is optimal for the business' interests, but malicious from the perspective of end users who value privacy, freedom, and their right to determine what code runs on their own machine.
This brings me to my third point, that Mozilla's Firefox is COMPLETELY open source. If Mozilla was trying to slurp up user data to sell it, they wouldn't keep their product open-source, because the community would just strip out all the bits they don't like. Contrast to Alphabet (Google), who are literally deprecating Manifest V2 to prevent the community from developing ad blockers that actually block all ads, or Microsoft's documented historical practice of waging war on open standards through "Embrace, Extend, Extinguish". Lengthy, obvious, and well-documented patterns of abuse like that exist for both Microsoft / Alphabet (Google). Contrast to the lengthy pattern of standing up against that very same abuse from Mozilla. Keeping Firefox open source is antithetical to the interests of an entity which was trying to surreptitiously slurp up user data the way Microsoft and Alphabet (Google) do. While each organization has merits of their own, the availability of transparent, open source code (specifically, for the final product - not just an open core like Chromium) can help ensure that power users and developers like us have ways to verify and challenge any potentially problematic practices - something that Mozilla has remained committed to, but which Microsoft and Alphabet (Google) had never fully embraced to begin with.
Fourth, If you've read Firefox's blog posts, if you've read the discussion I linked to above, if you've read the articles about the CCPA drafting error, if you've read the Wikipedia article, confirming that it did contain the incorrect draft language, if you understand that lawyers interpret everything legalistically (not the way ordinary people do), I believe this all paints a picture of an honest misinterpretation on Mozilla's part of the obligations the CCPA might put on them, in the least generous interpretation of the draft language of the CCPA. This does make me sympathetic to the possibility that Mozilla made an honest mistake, but sympathy and trust are not the same, which brings me to my fifth point below.
I'm not "trusting" anything Mozilla says. I'm reading into, understanding, and verifying all of it. And again, even if Mozilla was trying to do such a thing, their current open-source architecture makes those efforts completely irrelevant to developers like myself and many others here who can read, understand, and make modifications to, and rebuild from source. Given the established track record of Mozilla and the documented shortcomings with proprietary browsers in this regard, one might consider whether some of the criticisms (that are encouraging people to trust a narrative that results in a snap judgement against Mozilla without reading into the details) could be influenced by broader competitive dynamics. Nonetheless, it’s important to evaluate each claim on its validated merits.
This brings me to addressing your concerns directly: you make a perfectly valid argument in favor of remaining vigilant, and I support this! Keeping an eye on Firefox source code modifications, monitoring the situation over time, and so on. These can be done while simultaneously assuming Mozilla made a genuine mistake here, and isn't secretly plotting against our interests. The narrative that Mozilla has suddenly turned evil is broadly inconsistent with Mozilla's lengthy track record of standing AGAINST such abuses from Microsoft and Alphabet (Google). That narrative alone is also NOT a reason to spread FUD about a browser that, as of this moment, remains WAY more trustworthy than the "main" alternatives that most uninformed users would migrate to, should they leave Firefox.
A good-faith, open, evidence-based discussion is key to ensuring our whole community understands these complex issues, and I'd accordingly invite you to share more evidence to support your interpretation, which I will read and consider in good faith.
