Posting data to external Analytics server using obfuscated code without user consent


(Mrinal) #1

I have come across a few add-ons that post user data to external 3rd-party analytics websites. The add-ons are obfuscated so it is not clear as what user data they are posting. Besides, the add-on doesn’t even specify anywhere that it is gathering user data (i.e. without user consent). I am not sure if this is even legal in some jurisdictions. They usually hide their access privileges to such analytics site by requiring the end-user to grant (their add-on) permission to access all websites.

Though I have already reported one such add-on to the admins but it seems that no action is being taken in this regard. Legal issues aside, does it even sound ethical that an obfuscated add-on should be allowed to do so without user consent?

The developers claim that they are doing this in good faith, but that is not sufficient to earn the trust from an end user who cannot verify this from their end due to the obfuscation.

How different is this from spying? Is the mozilla add-on hub becoming another distribution channel for spyware? Should Mozilla allow obfuscated add-ons to pass user-data to external websites (which are not required for add-on functionality) without user consent?


(Martin Giger) #2

afaik the extension just needs to have a privacy policy if they have analytics. Obsfuscation is unrelated.


(Mrinal) #3

How does adding a privacy policy increase the accountability of the add-on developer? Privacy policy for add-on is meaningless in this scenario since the data is being shared with a 3rd party who in turn may or may not have a privacy policy of their own. Since 3rd party analytics are independent entities, there is almost no accountability on the add-on developer on how those sites handle user data.

Also, privacy policy would be meaningless if the developers remain vague about what they are transmitting just for the sake of compliance and the user is not given an option to opt out.

Mozilla needs to:

  1. Have tighter control on what maximum permissions are allowed for an add-on to function during the add-on review itself. In the said example, there is no justification for the add-on to request permission to access all websites when it is specifically meant for youtube.

  2. Mandate that add-ons should be designed in such manner that analytics data is shared only when the user explicitly consents for it either through an interface in the add-on option or through a global option in firefox but not by default. This is typical for all reputed software apps.


(Martin Giger) #4

A privacy policy helps in the sense that it lets the user know before installing that the extension does send data to 3rd parties for analytics, instead of the user having to look at network traffic or code to figure that out.