If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Figure out privacy policy referred to by the "Camino. Legal. Rights" page

RESOLVED WONTFIX

Status

Camino Graveyard
Product Site
RESOLVED WONTFIX
8 years ago
4 years ago

People

(Reporter: Smokey Ardisson (offline for a while; not following bugs - do not email), Assigned: Smokey Ardisson (offline for a while; not following bugs - do not email))

Tracking

Details

(URL)

Attachments

(4 attachments, 4 obsolete attachments)

65.58 KB, text/plain
Details
14.83 KB, text/plain
Smokey Ardisson (offline for a while; not following bugs - do not email)
: review?
Samuel Sidler (old account; do not CC)
Details
12.55 KB, patch
Details | Diff | Splinter Review
10.27 KB, patch
Stuart Morgan
: feedback+
Details | Diff | Splinter Review
Bug 522756 comment 2:

> That page has the Fx 3.0.x about:rights text, modified for Camino.  There's no
> non-Firefox app privacy policy, so that page needs that one bit clarified, but
> we can do that elsewhere
SeaMonkey has a very long copy of the Firefox document (http://www.mozilla.com/en-US/legal/privacy/firefox-en.html), marked as draft: http://www.seamonkey-project.org/legal/privacy
Created attachment 409478 [details]
First draft of changes and corrections

Ugh.  This sucks.  Like "Why didn't I let philor blow my head off with his shotgun" sucks.

I've gone through and made repetitive s/foo/bar/g changes to the Mozilla Firefox policy, I've started fixing factual errors in the Mozilla Firefox policy, I've fixed some typos in the Mozilla Firefox policy, I've deleted things from the Mozilla Firefox policy that don't apply to Camino 1.x or 2, and I've made a few Camino-specific changes to the text.  I've also marked a bunch of FIXME areas where either we need to investigate the text for factual accuracy or whether it applies to Camino, or where we need to make a decision on what to replace something that doesn't apply to Camino with.

Since I found crap the MoFoCo people missed, there are probably still errors or missing changes that I missed.
Attachment #409478 - Flags: superreview?(stuart.morgan+bugzilla)
Attachment #409478 - Flags: review?(samuel.sidler)
Created attachment 409479 [details] [diff] [review]
Worthless diff for reference

Here's a pretty worthless diff of the Mozilla Firefox policy with the draft. 

I recommend you instead grab the relevant <div>s from http://www.mozilla.com/en-US/legal/privacy/firefox-en.html and paste them into your favorite editor.  If your favorite editor doesn't have character-level diff support, use FileMerge, which doesn't seem to understand UTF-8 files are UTF-8 but otherwise does a nice job of following changes and highlighting them.
Also, please do not let any "press" ever read this document. 

We should see if we can replace most of the generic and ambiguous-by-design "Mozilla" usages with "the Camino Project" and a statement at the beginning that MoFo is the legal representative of the Camino Project, or something like that.

One can dream, right? :P
Created attachment 409529 [details]
Talkback incident

Regarding the Talkback section, here is a complete Talkback incident from 1.6.10 (thanks bug 520424!).

I don't see my name anywhere (my Unix shortname does show up in a few places, but not my name), nor do I see a list of "the processes you were running at the time of the crash"; there's a list of loaded shared libraries, but to me that's certainly not the same thing.

Comment 6

8 years ago
(In reply to comment #5)
> I don't see my name anywhere (my Unix shortname does show up in a few places,
> but not my name)

The bonjour name is there, which for a lot of people probably still contains their full name.

Comment 7

8 years ago
Comment on attachment 409478 [details]
First draft of changes and corrections

Bleh. Thanks for wading through this mess.

Random collection of notes:
- I agree we probably want to say "Camino Project" most of the time.
- "This privacy policy explains how the non-profit Mozilla Foundation collects and uses information" seems like a very inaccurate description of the document, since AFAICT only the crash reporting and update checking meet that description
- The "Types of Information" section doesn't seem to know what it is supposed to be about, since the intro says "Camino sends certain information to the websites that you visit" but then says that "Mozilla does not collect" personal information in one of the bullet points. Not really related.
  - Similarly, "Aggregate Data" is a type of information Camino sends to websites? Really?
- In the "changes" section at the end we'll need to rewrite the part about how we sent change announcements. The Camino blog, maybe?

Structurally, the document seems like it would be a lot clearer and more useful if we rearranged it as:
1) Intro, followed by definition of terms
2) Information collected by Mozilla/the Camino Project (the crash report and autoupdate stuff)
3) Information sent to third-party services (the Safe Browsing and cert stuff)
4) Information sent to visited websites (request headers, cookies)
5) Wrap-up (changes, contact)
Attachment #409478 - Flags: superreview?(stuart.morgan+bugzilla) → superreview-
(In reply to comment #7)
> - The "Types of Information" section doesn't seem to know what it is supposed
> to be about, since the intro says "Camino sends certain information to the
> websites that you visit" but then says that "Mozilla does not collect" personal
> information in one of the bullet points. Not really related.

I suppose that is to emphasize that MoCo doesn't ask for this, most private, of information types?
Created attachment 409847 [details]
Second draft, with fixes and incorporating(?) Stuart's changes

Here's another draft that tidies up some things I missed before, most of the uses of Mozilla (limited to where we send stuff to Mo{Fo|Co} servers and policies/agreements from/with Mo??), and I think implements Stuart's suggestions from the previous review.


I'm going to pull out the FIXMEs currently in the document as items below:

1) <strong>FIXME</strong> Camino Crash Reporter also sends the time since (i) the last crash, (ii) the last install, and (iii) the start-up of the program.

Do we send all of these? If not, will we?


2) You may completely turn off the secure website certificate verification feature <strong>FIXME</strong>in Camino’s preferences under the encryption tab.

Should I add this to the hidden prefs page? Or just mention the pref name here and link to the hidden prefs page where we describe how to use about:config (I can add an anchor for the paragraph with the instructions)? Or?


3) While it is possible that a third party service provider may determine the actual URL from the hashed URL sent, <strong>FIXME</strong>Mozilla’s third party service providers have entered into a written agreement with Mozilla not to use any data or other information about or from users of Camino  for purposes other than to provide and maintain their service.  In addition, in no event will these third party service providers correlate any Camino user data with any other data collected through other products, services or web properties of that provider.  These third party service providers may inform you about additional notices regarding their applicable privacy policies.  <strong>FIXME</strong>(For example, see <a href="http://code.google.com/apis/safebrowsing/Firefox3_privacy.html">Google Safe Browsing Service in Mozilla Firefox Version 3</a>.)

Are these agreements with Google between MoFo or MoCo? Do they cover us? Does Google have a generic agreement associated with the Safe Browsing API that guarantees these things (and a link we could use)?  If no to all of the above, can we get one? 


4) <strong>FIXME</STRONg>Each of our third-party providers are under licensing agreements with Mozilla and will not release Potentially Personal Information to the public.  These third party providers only use this information in conjunction with the phishing protection service they are providing.

(This is from the "Report Phishing Page" section) Ditto FIXME 3, basically.


5) <strong>FIXME?</strong>To find out more about how Mozilla uses this information on its own websites, see the <a href="http://www.mozilla.org/about/policies/privacy-policy.html">Mozilla Privacy Policy</a>.

(This is from the "info sent to visited websites section) Is it OK to just use  MoFo as the example and link to the Mozilla.org website privacy policy?


6) <p>If you have questions about this privacy policy, please contact <strong>FIXME</strong> Mozilla at: <em>privacy at mozilla dot com</em>.</p>

What address is volunteering for this nightmare?
Attachment #409478 - Attachment is obsolete: true
Attachment #409847 - Flags: superreview?(stuart.morgan+bugzilla)
Attachment #409847 - Flags: review?(samuel.sidler)
Attachment #409478 - Flags: review?(samuel.sidler)
Created attachment 409848 [details] [diff] [review]
Slightly less worthless diff for reference

Here's a diff between the first draft and second draft, so you can perhaps see what changed/moved/etc.
Attachment #409479 - Attachment is obsolete: true

Comment 11

8 years ago
(In reply to comment #9)
> 1) <strong>FIXME</strong> Camino Crash Reporter also sends the time since (i)
> the last crash, (ii) the last install, and (iii) the start-up of the program.
> 
> Do we send all of these? If not, will we?

I'll look over everything later, but quickly: we only send (iii); we'll send (i) someday if I add the breakpad support, but we could always update the text at that point.

Updated

8 years ago
Attachment #409847 - Flags: superreview?(stuart.morgan+bugzilla) → superreview+

Comment 12

8 years ago
Comment on attachment 409847 [details]
Second draft, with fixes and incorporating(?) Stuart's changes

Sorry I didn't get to this last night after all.
sr=smorgan with minor changes:
- Put Camino 2's block first in the crash reporting section, since it'll be the one relevant to most people.
- Typo; s/are/as/ in "such are the URL of the site"

(FIXME responses to follow in a moment)

Comment 13

8 years ago
(In reply to comment #9)
> Or just mention the pref name here
> and link to the hidden prefs page where we describe how to use about:config

I'd vote for this one. We don't want people reading the hidden prefs page to get the idea from it being list that it's good to turn off (or even just clutter the page with it)

> (This is from the "info sent to visited websites section) Is it OK to just use 
> MoFo as the example and link to the Mozilla.org website privacy policy?

I'd axe this; it's not really relevant to what information Camino sends, and I don't think a random example will provide much value given that the content and location of privacy policies vary wildly.

> What address is volunteering for this nightmare?

Can we make a new privacy@cb.o? Or maybe just axe it, and people can contact us about privacy the same way they contact us about everything else. I'd favor the latter, since it's not like it's going to be answered by different people than anything else anyway.


Leaving the contractual questions for someone with a clue ;)
Created attachment 410709 [details]
Third draft, sr comments and some FIXMEs fixed

This has Stuart's changes incorporated.  Sam, you were on point for the safe browsing negotiations; can you weigh in/figure out the last two FIXMEs (items 3 and 4 in comment 9)?
Attachment #409847 - Attachment is obsolete: true
Attachment #410709 - Flags: review?(samuel.sidler)
Attachment #409847 - Flags: review?(samuel.sidler)
Created attachment 410710 [details] [diff] [review]
Diff again, for reference

Here's a diff between the second draft and third draft, so you can perhaps see what changed/moved/etc.
Attachment #409848 - Attachment is obsolete: true
I've added "your email address" back in crash reporting section to reflect bug 529989, and updated the date.
Depends on: 529989
No longer depends on: 529989
Summary: Figure out privacy section on "Camino. Legal. Rights" → Figure out privacy policy referred to by the "Camino. Legal. Rights" page
Created attachment 601752 [details] [diff] [review]
2.1 changes

For 2.1, the only "required" change I'm aware of is that we now send "InstallTime" to crash-stats.

In light of the recent hubub over Address Book stealing on iOS and warnings about how Mac apps have unrestricted access to Address Book data, I worked up a section that explains the three ways we use Address Book data.
Attachment #601752 - Flags: review?(samuel.sidler)
Attachment #601752 - Flags: feedback?(stuart.morgan+bugzilla)

Comment 18

6 years ago
Comment on attachment 601752 [details] [diff] [review]
2.1 changes

Seems reasonable to me... except that the Mac OS X version of the Address Book hand-wringing is asinine, so I'm not convinced we should feed the troll. "Apps that you install on your local computer can read, steal, and delete every file on your entire system... and also *read your contacts OMG*!"

If we are going to say something about Address Book use, this text is good, but I really don't think we should. It feels like debating with birthers to me.
Attachment #601752 - Flags: feedback?(stuart.morgan+bugzilla) → feedback+
(In reply to Stuart Morgan from comment #18)
> If we are going to say something about Address Book use, this text is good,
> but I really don't think we should. It feels like debating with birthers to
> me.

Fair enough.  I pushed just the other change.  If we ever do need something, we have it written in the attachment here.
Attachment #601752 - Flags: review?(samuel.sidler)

Comment 20

4 years ago
Given the current state of the Camino project, we won't be fixing these website bugs. Mass changing our Product Site bugs (search on "camino-website-bugs").

RESOLVED -> WONTFIX.
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.