Closed Bug 1467957 Opened 6 years ago Closed 6 years ago

Penalize the phone-home add-on developer who didn't write privacy policy

Categories

(Firefox :: Untriaged, defect)

60 Branch
defect
Not set
normal

Tracking

()

RESOLVED INVALID

People

(Reporter: u608644, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0 Build ID: 20100101 Steps to reproduce: So I downloaded "google_notrack-0.1-an+fx.xpi" from your add-on webpage and I found out that this add-on phones home in background. Such add-on SHOULD write a clear privacy policy to let users understand what the add-on do. WHERE(server location, domain name), WHEN, and WHAT(what data) is extremely important, and these add-ons are clearly violating GDPR law. You reviewers should test them in a first place. Add a "XHR" check to automated review system, and "if there's phone-home server", switch to manual review. Actual results: The add-on, "google_notrack-0.1-an+fx.xpi", is connecting to https://addons.dirtylittlehelpers.com/, and uploading responded data and unique machine ID. Expected results: Force the developer who're making phone-home app to write a clear privacy policy
Yet another example: "trace-1.9-an+fx.xpi" $.ajax({ url:"https://absolutedouble.co.uk/trace/app/errorscript.php", type:"POST", data:dataStr,... } });
https://github.com/mozilla/addons/issues appears to be the place for these types of bugs.
Flags: needinfo?(jorge)
This sounds more like a review issue, so please send an email to amo-admins AT mozilla DOT org with the details.
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Flags: needinfo?(jorge)
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.