[hackuser]

Congratulations; I hope this gives us a safe, effective, open location service.

The privacy policy[1] could be clarified for less technical readers, and even for others. I infer that collected data is anonymous because you write,

1) We receive publicly observable data about WiFi access points and cell towers around you, your estimated latitude and longitude, and the date -- Not associated with anything else, that may be anonymous data -- though you could guess my home network or home location by the most common/strongest wifi signals. If you track data by submitter, you also would have a good idea of their travels.

2) we may receive certain temporary data such as your IP address. This data is deleted after being used as follows ... -- You seem to be implying that you do receive non-anonymous data, and delete it after innocuous uses.

3) You can send us data anonymously or under a nickname -- Which implies anonymity is possible.

If what I infer is correct, why not restate it directly and unequivocally with something like the following:

Unless you choose otherwise, the data you send will be anonymous and not associated with you in any way. We will not record who you are or what phone sent the data. We do receive some non-anonymous data, but we delete it within X hours/days after using it as follows ...

And add more detail after that.

[1] https://location.services.mozilla.com/privacy

EDIT: Clarify a bit, and a correction to #1

[cpeterso]

Good questions! The stumbler reports Wi-Fi and cell tower locations and an optional nickname. The location data is stored anonymously. The nickname and just the number of reported networks is stored separately, solely for display on the leaderboard [1] or other gamification in the future.

The IP addresses are just a fact of life of web server logging. They are not stored in the location or leaderboard databases.

[1] https://location.services.mozilla.com/leaders

[hackuser]

> Good questions!

Thanks! My post's intention was to suggest that Mozilla revise the privacy policy to clarify it for everyone. What are your thoughts?

[justcommenting]

"fact of life of web server logging" = screw you, we're not even going to consider deleting our logs even as we talk a good line about how much we respect your privacy

edit after downvote: also, mozilla engineering PMs will intimate on hackernews that it won't internally correlate and potentially sell any of the location and other information it most obviously could correlate about people, even though it has already announced its intention to advertise.

[crankycoder1975]

We don't correlate your location data to ads. As a Canadian, that would actually be illegal and a violation of the Privacy Act.

We never got authorization from individuals to do that correlation.

We aren't perfect, but I think we do a pretty good job of respecting and protecting your privacy at Mozilla.

[justcommenting]

thank you for these clarifications.

one industry norm that makes these things tough (again, not Mozilla's fault) is that at least under US law, Mozilla could change its privacy policies at some point in the future and do a lot more than it currently does.

and... my parent comment was brash and probably deserved the downvote it received.

[lxt]

Selling user data would be completely against our mission and values, and I think it would be extraordinarily hard for such a change to make it through the internal immune system for such things. I think Mozilla is less likely to do bad things with your data than just about any other company (or government for that matter) out there.

(Disclosure: I work for Mozilla. I am helping write an updated set of privacy guidelines for engineering teams, to be as explicit as possible about how careful and respectful we need to be with data.)

[sp332]

"2) we may receive certain temporary data such as your IP address. This data is deleted after being used as follows". So yes, they do say they delete it. Also, Mozilla has a better track record with respecting user privacy than anyone else in this space. (And where is their intention to advertise?)

[justcommenting]

i agree that Mozilla has a better track record than most large tech companies in most areas, but that also sets a pretty low bar. i'm more of the opinion that if Mozilla really were as committed to user privacy as they claim to be, they might not respond so flippantly to questions about server logs. If it wanted to, Mozilla could even stop logging "certain temporary data such as your IP address."

regarding Mozilla's intention to advertise: http://www.zdnet.com/mozilla-clarifies-defends-firefox-ad-po...

[crankycoder1975]

Monitoring server logs is how we detected and implemented protection from a botnet scouring the database for SSID information.

[justcommenting]

there are indeed many useful ways that server logs can positively contribute to improving user privacy; i just thought the attitude of "well of course...that's what everyone else does" (even though that's true!) was dismissive of good-faith privacy concerns.