How was this principle violated in this case?

I personally feel like it's not treating user's privacy as "fundamental" to increasingly add telemetry like this. In this case correlating downloads to system installs, and to have that on by default.

It's fairly hidden first off (what % of users are going to watch the checksums or read these articles?). You also don't seem to get a chance to opt-out of this until after the installation when you can open settings in a normal use case, yet as explained here[1] they'll be attaching the download token to the install and post-install pings[2] which include system information which seems to enable tracking people via metadata across systems.

The "optional" bit is maybe open to interpretation, but if taken literally it's tracking that's on by default, so the privacy is "optional" here in that sense.

I get this isn't a big deal for a lot of people, but I dislike that Mozilla has a "manifesto" and talks a huge game about empowering users and privacy when they're treating them as secondary priorities rather than actual principles. It strikes me as disingenuous to claim it's a principle then have a bunch of "buts" in there that are increasingly moving away from the alleged principle, even if it isn't nefarious.

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1677497#c0 [2] https://firefox-source-docs.mozilla.org/toolkit/components/t...

I believe you can opt out by having your browser send the Do No Track (DNT) header when you download Firefox. This applies to all analytics on Mozilla.org.

https://github.com/mozilla/bedrock/blob/a8ed6ae9c48c93474fbe...

So non-tracking is optional, while the ‘principle’ says it must not be optional.

Thanks for the info.

It gives Mozilla the opportunity to connect my IP address with my browser with my Mozilla account. Mozilla needs to bow down to the US govt and supply them with this information should they have stored it, if the govt feels they need it.

Could this be considered a GDPR violation? If other posters are correct there is no way to opt out until after the installation and just running the installer already reports back to Mozilla.

Why do you have a Mozilla account?

You log into your mozilla account from your browser through the goddamn internet. They literally have to have your IP address for that and that adds absolutely zero information than necessary. It is just “people want to be outraged over nothing” yet again.

I've used Firefox for years and have never created a Mozilla account.

Then they can’t link your nonexistent account together with your IP?

You don't have to log in there, and when you do at least you know you're doing it and are aware of the tracking consequences.

It's very different from sneaking this in under the radar.

What's a Mozilla account?

If you tell a lie big enough and keep repeating it, people will eventually come to believe it.