X
Tap here to go to the mobile version of the site.
Your Firefox is out of date and may contain a security risk! Upgrade Firefox

Support Forum

What is Mozilla's unique user identifier data retention policy?

Posted

I recently read in the FF privacy policy that a unique browser ID is sent to Mozilla along with an IP Address every time the browser checks for updates:

"This feature also sends Potentially Personal Information to Mozilla in the form of your IP address and a cookie that contains a unique numeric value to distinguish individual Firefox installs."

http://www.mozilla.org/en-US/legal/privacy/firefox.html

This feature can potentially provide Mozilla with a complete list of IP addresses and locations that a user has employed to access the Internet. Can you please clarify your data retention policy on this? In other words, how long are either the IP address or the identifier stored on your servers?

Chosen solution

Hi! I'm chiming in from Mozilla's Privacy Team.

For FHR pings, we don't retain anything in FHR that's > 6 months (180 days) old. Does that answer your question? Here's a link to the info - it's under "how to turn data sharing on or off".

https://support.mozilla.org/en-US/kb/firefox-health-report-understand-your-browser-perf

Read this answer in context 1
Post a Reply

Additional System Details

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36

More Information

AliceWyman
  • Top 25 Contributor
  • Moderator
191 solutions 1966 answers

You asked about Mozilla's data retention policy related to unique identifiable information. You referenced the Mozilla Firefox Privacy Policy at http://www.mozilla.org/en-US/legal/privacy/firefox.html

You're asking this in the Support Forum, which is basically a help site for using Mozilla products. The people who answer questions here, for the most part, are other Firefox users volunteering their time (like me), not Mozilla employees.

I'm escalating this question to our new HelpDesk.

If you don't get an answer here, I would suggest sending an inquiry to Mozilla. The "For More Information" section of that page says the following:


For More Information
You may request access, correction, or deletion of Personal Information or Potentially Personal Information, as permitted by law. We will seek to comply with such requests, provided that we have sufficient information to identify the Personal Information or Potentially Personal Information related to you.
Any such requests or other questions or concerns regarding this Policy and Mozilla's data protection practices should be addressed to:
Mozilla Corporation
Attn: Legal Notices - Privacy
650 Castro Street, Suite 300
Mountain View, CA 94041-2072
Phone: +1-650-903-0800
E-mail: privacy@mozilla.com 

Was this helpful to you? 12
Reply
John99
  • Top 25 Contributor
  • Moderator
622 solutions 8019 answers

I will follow this with interest. I know I have seen discussions where great lengths have been gone to in collecting useful data from Firefox but ensuring it does not remain in a form that could be personally identifiable.

IIRC part of the reasoning was it must be such that even if it were to be demanded by due process of law it could be disclosed but would not then identify individuals.

As for a users IP Address itself that is being sent all the time by users in day to day use of the Internet.

It my be an off topic question but I am sure one that recent events may have led more Firefox users to think about. We want user of firefox to use Telemetry, FHR and Crash reporting and they may be reluctant if they have concerns about privacy.

Use of such feature helps sumo.
(So if off topic here we could consider asking on another of our fora, but it probably benefits end users more if it stays here and gets an authoritative answer.)

Was this helpful to you? 1
Reply

Question owner

Thanks for the replies so far. I have emailed the privacy department as well. I know there was a lengthy discussion about unique user IDs in the developers forum about the Metrics Data Ping function (although automatic updates are a different feature of the browser, it's still good reading):

https://groups.google.com/forum/#!topic/mozilla.dev.planning/6q4kvRTAcow

While I realize that IP addresses are obviously the basis of the Internet, what UUIDs do is setup lengthy IP chains, so that every location and specific IP address that user has used will be preserved. While one IP makes it very difficult to identify a person, a complete history of IPs is another story.

Was this helpful to you? 1
Reply
John99
  • Top 25 Contributor
  • Moderator
622 solutions 8019 answers

I did not find the blog or bug I was thinking about but I did find this

Usage Statistics (also known as Telemetry). .... if this functionality is enabled, users can disable it in Firefox's Options/Preferences by simply deselecting the "Submit performance data" item.
Usage statistics are transmitted using SSL (a method of protecting data in transit) and help us improve future versions of Firefox. Once sent to Mozilla, usage statistics are stored in an aggregate form and made available to a broad range of developers, including both Mozilla employees and public contributors." 
Was this helpful to you? 2
Reply

Question owner

I'm familiar with the Telemetry data, but right now it seems that there are several systems that Mozilla is using with identifiers. The topic is discussed in more detail here as well:

http://www.wilderssecurity.com/showthread.php?t=320123

Even in the FF browser itself there is a "Data" tab:

https://support.mozilla.org/en-US/kb/advanced-settings-browsing-network-updates-encryption#w_data-choices-tab_2

However, this data tab is still separate from the automatic update opt-in. Also, it still hasn't been confirmed whether or not the UUID is generated per install of FF, or is generated by your computer (in other words, if you reinstall, will you get the same ID?).

Ultimately, I know that Mozilla needs to have this data to determine usage metrics in order to improve their product and their market. What I'm asking for is more transparency with regard to their practices- especially data retention periods. Even Google, the king of data collection, has removed unique IDs from Chrome (they're deleted the first time Chrome checks for an update).

Was this helpful to you? 0
Reply
cor-el
  • Top 10 Contributor
  • Moderator
10751 solutions 96743 answers

Telemetry data seems to be stored in files with a GUID name in the saved-telemetry-pings folder in the Firefox profile folder.

The source code show that different ID is generated for each session;

// Generate a unique id once per session so the server can cope with
// duplicate submissions.
Was this helpful to you? 1
Reply

Question owner

That's some good research cor-el, thanks for that. However, again, Telemetry data isn't my focus- I'm more interested in the automatic update feature. FF's privacy policy does not mention a UUID when discussing Telemetry, and the feature has been confirmed to not disclose any personal info when transmitting usage stats.

However, as of now, it still seems that the auto-update DOES disclose an IP string. I'm just trying to figure out for how long.

Was this helpful to you? 1
Reply
MozStacy 1 solutions 1 answers

Chosen Solution

Hi! I'm chiming in from Mozilla's Privacy Team.

For FHR pings, we don't retain anything in FHR that's > 6 months (180 days) old. Does that answer your question? Here's a link to the info - it's under "how to turn data sharing on or off".

https://support.mozilla.org/en-US/kb/firefox-health-report-understand-your-browser-perf

Was this helpful to you? 1
Reply
John99
  • Top 25 Contributor
  • Moderator
622 solutions 8019 answers

Hi Stacy, I guess Patrick or Rachel from the new HelpDesk must have pinged you.

I suppose that confirms the FHR article

is accurate in that respect. I note a distinct lack of references whilst the article was being written.


On a slightly different subject the article & section mentioned also says

and you can view the comparison data from other browsers that are sharing their data. 

As far as I can see that is not some thing that may be done within FHR as it is currently seen. That data is publicly (once signed in) available though http://telemetry.mozilla.org as I mentioned upthread.

Was this helpful to you? 0
Reply
John99
  • Top 25 Contributor
  • Moderator
622 solutions 8019 answers

I am not sure the questions by the mikey212 the OP have been answered yet. I caused the thread to drift by mentioning FHR.
The original topic seem to be more about the updates i.e.

I recently read in the FF privacy policy that a unique browser ID is sent to Mozilla along with an IP Address every time the browser checks for updates: .... 
.... This feature can potentially provide Mozilla with a complete list of IP addresses and locations that a user has employed to access the Internet. Can you please clarify your data retention policy on this? In other words, how long are either the IP address or the identifier stored on your servers?  ....

.... I'm familiar with the Telemetry data, but right now it seems that there are several systems that Mozilla is using with identifiers. ....

.... However, this data tab is still separate from the automatic update opt-in. Also, it still hasn't been confirmed whether or not the UUID is generated per install of FF, or is generated by your computer (in other words, if you reinstall, will you get the same ID?).

Ultimately, I know that Mozilla needs to have this data to determine usage metrics in order to improve their product and their market. What I'm asking for is more transparency with regard to their practices- especially data retention periods.  ....   
Was this helpful to you? 0
Reply
guigs2
  • Top 10 Contributor
  • Administrator
  • Moderator
123 solutions 1476 answers

Question clarification: There are reports for each install that is correct, but they are new after the 180 day period. This is retained for 180 days.

The only data that is sent is the data listed in the Learn More articles:

Auto Updater info in this article: [also 180 days]

Modified by guigs2

Was this helpful to you? 0
Reply
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.