Closed Bug 335136 Opened 19 years ago Closed 19 years ago

Commerical plug-ins that raise privacy concerns can be installed without disclosure

Categories

(addons.mozilla.org Graveyard :: Public Pages, defect)

Product:
addons.mozilla.org Graveyard
Component:
Public Pages
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 335708

People

(Reporter: registrations, Assigned: morgamic)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8) Gecko/20051107 Firefox/1.5 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8) Gecko/20051107 Firefox/1.5 As demonstrated from the URL and plug-in mentioned, the maker offers a plugin for a commercial service that will insert web-bugs into e-mails that are being sent out via this service (amongst other things). From the website "privacy disclaimer" "Use of Web Beacons JKN web pages may contain electronic images known as Web beacons - sometimes called single-pixel gifs - that allow JKN to count users who have visited those pages and to deliver co-branded services. JKN may include web beacons in email messages in order to count how many messages have been opened and acted upon. Web beacons are not used to access your personal information on the JKN sites and services; they are a technique we use to compile aggregated statistics about JKN Web site usage. Web beacons collect only a limited set of information including a cookie number, time and date of a page view, and a description of the page on which the Web beacon resides. Third-party relationships JKN allows you to receive specific messages by subscribing to third party relationships. When you subscribe, the email address you enter is released to the provider with whom you chose to create the relationship. Users that sign into jkn.com to read published messages can be tracked by the provider who published the message. More specifically, the provider can see when the subscriber received and read the message. If a your email account bounces the notification email, then all providers that are trying to publish the user a message will be able to review the user’s bounce history. " Although I cannot and do not object to commercial enterprises making firefox plugins (hurrah! a demonstration of the growing audience!), I do object that they are able to be installed via the mozilla site *without* users knowing what they agree to. There is currently no entry on this in the policy document, but I think there should be a policy on this. For instance: 1. Commercial plug-ins should require disclosure of service and privacy details *before* installing the plugin. 2. Perhaps an additional criterion on the site to distinguish plug-ins that are tied to a commercial enterprise, from non commercial ones. Reproducible: Sometimes
Target Milestone: 1.0 → ---
Version: unspecified → 2.0
(Don't _think_ the commercial nature matters here, from the description. Reporter: if you disagree, please feel free to reopen and mark this a dep of 335708 and 336033 instead of a dup.) *** This bug has been marked as a duplicate of 335708 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.