Mozilla details anti-tracking policies released with Firefox 63

The measures aim to mitigate the ‘harmful’ effects of ad tracking in the latest Firefox release

Firefox icon

Mozilla has published its revamped privacy policy for the Firefox internet browser, detailing a recently-implemented set of anti-tracking measures for the first time.

In a wiki document, the firm has outlined how it blocks cookie-based cross-site tracking of user activity, as well as websites tracking users through unintended identification techniques such as 'browser fingerprinting'.

Mozilla's anti-tracking mitigations, first announced in August as part of a three-pronged approach to bolstering user privacy, were released with version 63 of the Firefox browser in October last year.

"This document describes the online tracking practices that Mozilla believes, as a matter of policy, should be blocked by default by web browsers," the company said. "These practices are potentially harmful to users and cannot be meaningfully understood or controlled by users."

By default, the firm will block cookies and other forms of identifiers that are used by third-parties to build profiles of users by tracking their activities across several sites and platforms. Firefox is also planning to block URL-enabled tracking, in which the URLs to certain sites are decorated with identifiers.

Unintended identification techniques, such as browser fingerprinting which is used to identify a user based on the properties of the browser, the device or network, will also be blocked, possibly in future releases.

'Supercookies' will similarly be in Mozilla's line of sight, referring to a collection of techniques that involve storing trackers in parts of the browser that aren't cleared when users conventionally delete browser data.

To enforce its new policies the firm will rely on a Tracking Protection list, curated by third-party organisation Disconnect, to classify existing trackers.

"This is about more than protecting users - it's about giving them a voice," said Mozilla's vice president for Firefox Nick Nguyen, announcing the move in August.

"Some sites will continue to want user data in exchange for content, but now they will have to ask for it, a positive change for people who up until now had no idea of the value exchange they were asked to make."

Elsewhere, despite touting its own pro-privacy credentials, Firefox users have, untilnow, experienced a flaw that allows third-party extensions to operate in its private browsing mode by default.

The company will finally address the oversight, according to a Mozilla bug report page, by disabling extensions by default and making users opt-in to activating their extensions.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

What is DevSecOps and why is it important?
Security

What is DevSecOps and why is it important?

30 Oct 2020
Weekly threat roundup: NHS COVID-19 app, Nvidia, and Oracle
Security

Weekly threat roundup: NHS COVID-19 app, Nvidia, and Oracle

30 Oct 2020
Ryuk behind a third of all ransomware attacks in 2020
Security

Ryuk behind a third of all ransomware attacks in 2020

29 Oct 2020
REvil hacking group says it has made more than $100m in a year
Security

REvil hacking group says it has made more than $100m in a year

29 Oct 2020

Most Popular

Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020
What is Neuralink?
Technology

What is Neuralink?

24 Oct 2020
Hackers demand ransom from therapy patients after clinic data breach
Security

Hackers demand ransom from therapy patients after clinic data breach

27 Oct 2020