Closed
Bug 957816
Opened 12 years ago
Closed 12 years ago
Privacy-Technical Review: UP Engagement Test
Categories
(mozilla.org :: Security Assurance: Review Request, task)
mozilla.org
Security Assurance: Review Request
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: Mardak, Assigned: curtisk)
References
Details
Initial Questions:
Project/Feature Name: UP Engagement Test
Tracking ID:
Description:
We're extending the existing UP study that was deployed to Test Pilot users to now modify the recommendation box on nytimes.com by indirectly calling NYTimes' API through a Mozilla "headliner" server. We replace the existing recommendations with other articles from nytimes and measure view counts and click rates.
Additional Information:
Key Initiative: Services: UP
Release Date: 2014-01-15
Project Status: ready
Mozilla Data: Yes
Mozilla Related:
Separate Party: No
|
Assignee | |
Updated•12 years ago
|
Assignee: nobody → curtisk
|
|
Assignee | |
Updated•12 years ago
|
Group: mozilla-corporation-confidential
|
|
Assignee | |
Comment 1•12 years ago
|
||
What's the status here? Is this far enough along that we can look at the technical parts of this?
Flags: needinfo?(edilee)
|
Reporter | |
Comment 2•12 years ago
|
||
The code has already been looked through by Mark Goodwin in bug 947367 for security with comment: "This is low risk; no user data, limited impact on other systems. I've had a look at the code and have no concerns." Is that enough to clear the Privacy-Technical review too?
Flags: needinfo?(edilee)
|
|
Assignee | |
Comment 3•12 years ago
|
||
If this really is not collecting any data on users then we're done.
|
|
Reporter | |
Comment 4•12 years ago
|
||
The closest thing to collecting data is that there's a cache of articles by interest, but there's no cache by user (not even interests from the user as those get cached independently of a user request), correct?
Flags: needinfo?(oyiptong)
|
||
Comment 5•12 years ago
|
||
There is no user data being collected for the content portion.
The request for content is stateless. The server does not store any personal information from the user.
Flags: needinfo?(oyiptong)
|
|
Assignee | |
Comment 6•12 years ago
|
||
OK, now I am thoroughly confused, so we're not storing any information server side, but are we storing preference, local, or other user data on the client side? Data we did not gather before? Or what is the decision making process for giving a user content they are interested in?
|
|
Assignee | |
Updated•12 years ago
|
Flags: needinfo?(edilee)
|
|
Assignee | |
Updated•12 years ago
|
Flags: needinfo?(oyiptong)
|
|
Reporter | |
Comment 7•12 years ago
|
||
(In reply to Curtis Koenig [:curtisk] from comment #6)
> OK, now I am thoroughly confused, so we're not storing any information
> server side, but are we storing preference, local, or other user data on the
> client side? Data we did not gather before?
The data is pretty much the same as the first study that we've released where it calculated interests based on history. In this study 2, the add-on uses those interests to personalize content.
Also, is this privacy review for just the headliner server code? As that's what I was referring to in comment 2.
If it's also looking at the client code, the add-on is additionally deriving data from existing browser data (similar to how we processed history to generate interests). In particular, the add-on analyzes the history urls of nytimes to extract various query parameters, e.g., ?src=, &ref=; and the non-title portion of the path to get the section, e.g., technology, business.
Flags: needinfo?(edilee)
|
|
||
Updated•12 years ago
|
Flags: needinfo?(oyiptong)
|
|
Reporter | |
Updated•12 years ago
|
Flags: needinfo?(curtisk)
|
|
Reporter | |
Comment 8•12 years ago
|
||
curtisk, is there any other information you need for the privacy-technical review?
Here's the relevant changes from v2 to v3 (engagement study):
https://github.com/Mardak/profile/compare/fps-v2+...fps-v3
In particular these lines add a bool if we have user selected interests, a list of cleansed nytimes visit data, a cleansed nytimes subscriber/not user data:
https://github.com/Mardak/profile/compare/fps-v2+...fps-v3#diff-96b8a9e0a9317af4ccbaf692621001deR103
There's this line that records a bool if personalization is happening:
https://github.com/Mardak/profile/compare/fps-v2+...fps-v3#diff-4ae0a5fbcf2351097caa8e6c7d392df4R74
|
|
Assignee | |
Comment 9•12 years ago
|
||
I think we're good here, I don't see where we are gathing any specific data that can be tied back to a user. This is using history links to compare what a user has read in order to make a prediction about other articles the user might be interested in as well. It also appears that most of the work is happening client side (not server side) so the user should also have control of that data source.
If I am misinterpreting this please correct me.
Flags: needinfo?(edilee)
|
|
Reporter | |
Comment 10•12 years ago
|
||
Yup, sounds good. The analysis for personalization is done on the client side while the server is a relatively user-dumb endpoint that knows how to fetch articles from nytimes.
Status: NEW → RESOLVED
Closed: 12 years ago
Flags: needinfo?(curtisk)
Resolution: --- → FIXED
|
|
Reporter | |
Updated•12 years ago
|
Keywords: privacy-review-needed
|
|
Reporter | |
Updated•12 years ago
|
Flags: needinfo?(edilee)
You need to log in
before you can comment on or make changes to this bug.
Description
•