This just leads to a wiki page listing two TRR's, where someone admits that whatever "privacy policies" TRR's provide are not "contracts". Then someone replies that "there are legal contracts between Mozilla and those two listed providers". That does not mean those contracts relate to protecting user privacy. If you dig, there will be nothing there. There is nothing in any contract to protect any user. Neither Mozilla nor TRR's are "on the hook" for protecting user privacy. What I mean by that is that if some user's privacy is breached, there is absolutely zero liability accruing to Mozilla or TRR's.
You, the end-user, will not get to see Mozilla's contracts. Policies are not contracts.
There seems to be some common misunderstandings about "policies" and tech companies are exploiting them. There is nothing legally binding in a policy and in the case the company deviates from the policy, there is no way for an affected user to "enforce" the policy she thought was being adhered to. This is of course assuming anyone outside the company actually discovers that a policy is being violated. Usually policy violations are non-detectable from outside the company.
https://wiki.mozilla.org/index.php?title=User_talk:Wthayer&a...
You, the end-user, will not get to see Mozilla's contracts. Policies are not contracts.
There seems to be some common misunderstandings about "policies" and tech companies are exploiting them. There is nothing legally binding in a policy and in the case the company deviates from the policy, there is no way for an affected user to "enforce" the policy she thought was being adhered to. This is of course assuming anyone outside the company actually discovers that a policy is being violated. Usually policy violations are non-detectable from outside the company.