MozillaWiki

Privacy/Roadmap 2011

< Privacy
Revision as of 13:25, 18 February 2011 by Dria (talk | contribs)

< Product Roadmaps

File:Privacy-512-noshadow.png Privacy and User Control 2011 Roadmap
Owner: Sid Stamm Updated: 2011-02-18
The vision behind Mozilla's 2011 privacy roadmap is focused on users, calling for increased anonymity on the web, starting with sensible privacy defaults, giving users the ability to make informed choices about disclosing their information, facilitating web transparency so users understand how their data is being collected and used, and allowing for flexibility while maintaining sensible baselines for those who are not interested in privacy.
Draft-template-image.png THIS PAGE IS A WORKING DRAFT Pencil-emoji U270F-gray.png
The page may be difficult to navigate, and some information on its subject might be incomplete and/or evolving rapidly.
If you have any questions or ideas, please add them as a new topic on the discussion page.


Vision:

  • Provide Increased Anonymity -- users who don't want to be fingerprinted should still be allowed to surf the web with reasonable expectations of pseudo-anonymity.
  • Start with Sensible Defaults -- where possible, default to non disclosure of information
  • Provide User-Informed Choice -- provide users contextually helpful, timely, and understandable choices when disclosing information
  • Facilitate Web Transparency -- help sites and service providers be transparent with their data collection and use practices
  • Allow but don't require Flexibility -- provide users flexibility to customize their defaults, but maintain sensible baselines for those less invested in privacy

Operating Principles:

Mozilla uses a set of privacy operating principles as guidelines as we do work to grow the Web. Those principles that specifically relate to privacy in Firefox are:

Transparency / No Surprises
Only use and share information about our users for their benefit and as disclosed in our notices.
Real Choice
Give our users actionable and informed choices by informing and educating at the point of collection and providing a choice to opt-out whenever possible.
Sensible Defaults
Establish default settings in our products and services that balance safety and user experience as appropriate for the context of the transaction.
Limited Data
Collect and retain the least amount of information necessary for the feature or task. Try to share anonymous aggregate data whenever possible, and then only when it benefits the web, users, or developers

Themes and Goals:

Here the concrete goals are segmented into themes. Some goals may potentially fit into multiple themes, but are only identified here under the most relevant one.

Each specific goal relates to either Firefox (product users/web sites) or the ecosystem (standards bodies, other products' users) or both. They are annotated as such.

NOTE: these goals are tentative and more may be added or some may be dropped.

Improve Private & Pseudoanonymous Browsing

Priority Item Bug Status
P1 Incorporate fingerprint-minimizing features into private browsing (Security/Anonymous Browsing). - not started
P2 Explore randomizing non-essential HTTP request data that can be used for fingerprinting - not started
P2 Per-tab/window private mode - not started
P3 Investigate simplifying Private Browsing Mode into profile switching. - not started
P3 Explore potentially using a journaled profile service so all modifications to a profile can be rolled back when user exits private mode - not started

Secure Network Connections

Priority Item Bug Status
P1 Create API for add-ons and components that provides check-point between TLS/SSL handshake and HTTP request, allowing add-ons greater scrutiny of secure connections before they are used. - not started
P2 Help users understand which bits are unencrypted (e.g., identify form fields that will be transmitted in the clear) - not started
P2 Identify and deploy a "safe" mixed-content SSL/TLS mode, displaying "secure" UI indicators to users. (e.g., http images + https html is safe) - not started

Deploy Safe and Rational Defaults

Priority Item Bug Status
P1 Reduce the amount of information sent with the HTTP Referer header bug 587523 not started
P3 Explore turning off more fingerprinting entropy sources - not started

Enable Control of Tracking and Third-Party Sharing

Priority Item Bug Status
P1 Develop "tracking alert" that informs users when an entity is tracking them across sites. - not started
P2 Create API so sites can request third-party cookies (may tie into next goal) bug 422357 not started
P2 Create unified API for sites to request additional potentially privacy-sensitive features like geolocation, a:ping, local storage, etc. - not started
P2 investigate implementing ping attribute for explicit tracking for honest organizations who want to track when users consent. - not started
P2 Geolocation: Disable automated discovery - not started
P3 Geolocation: Let the user pick where they are or lie using a map or other UI (Map could be assisted by automated discovery) - not started
P3 Explore disabling third-party cookie sending by default bug 564877 not started

Enhance User Controlled Disclosure

Priority Item Bug Status
P1 Plugin awareness of users privacy prefs (e.g., clear history) bug 508167 in progress
P1 In-flight as-it-happens control of disclosure (versus a preference pane) - not started
P1 Better site-based data management UI bug 573176 stalled
P2 Improve the geolocation UX so it's better connected to the user (user knows when geolocation data is being used) bug 630614 in progress

Enrich Add-ons

Priority Item Bug Status
P1 Use privacy icons or similar to show what capabilities add-ons have - not started
P2 Migrate as many add-ons as possible to a capabilities manifest system as proposed for Jetpack (add-ons ask for capabilities and that's all they get to do). - not started

Improve Local Privacy

Priority Item Bug Status
P1 Improve the UX on master password so that it is comfortable to be used by default. ("Log-In to your Browser") - not started
P2 Require master password when using Sync to protect locally stored passwords. - not started

Improve User Authentication

Priority Item Bug Status
P1 Improve transparency of authentication state so users know when they're sending credentials to sites (and which ones) - not started
P2 Deploy an API for sites to trigger second-factor authentication (e.g., SMS) through the browser. - not started

Research & Understand Data Sharing

Priority Item Bug Status
P1 Leverage information we have about sites' data sharing habits to publish anonymous statistics on privacy practices (Test Pilot?) - not started
P2 Find a way to visualize and present to users the way a site interacts with other entities (sharing cookies, XHR, etc). This can help them understand data sharing patterns. (beltzner: Privacy Reports) - not started
P2 Use concept series to harness designers' talent in finding a good way to represent data sharing patterns to users. - not started

Roadmap

This is our plan for Product Privacy and Data Control improvements in the upcoming Firefox releases.

Firefox 4

  • extend privacy control to plugins
  • locally encrypt passwords and form data by default
  • put behavioural tracking in user's control (opt-in)
  • reduce browser signature in UA header and other inspectible APIs

Firefox 5

  • consolidate site permissions into single manager
  • provide actionable controls per-site

Firefox 6

Firefox 7

Retrieved from "https://wiki.allizom.org/index.php?title=Privacy/Roadmap_2011&oldid=285728"