this post was submitted on 29 Aug 2023
1061 points (85.1% liked)

Firefox

17952 readers
391 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 year ago (1 children)

The purpose is to make a for-profit browser that respects privacy. They've tried a number of different approaches, and they'll probably try more.

I especially like the idea of replacing ads with non-tracking ads with better clickthrough rate (i.e. higher profit), and share the profit with the sites. Ad recommendations could be made from local data that never gets sent to a server. That's privacy respecting and profitable, but unfortunately they didn't get enough deals made with content creators to be effective.

And what a CEO chooses to do with their money is none of my business, what is my business is the quality of the product that company makes, as well as the quality of the work environment that product is made in. I don't like the direction Brave has gone, so I don't use it. And now that I know iOS Safari has ad blocking extensions, I'll no longer be recommending Brave to anyone (I recommend Firefox everywhere except iOS, and I recommend Safari with ad block there).

[–] [email protected] 5 points 1 year ago (1 children)

You can't respect privacy by violating it. Just because you're ok with the amount of violation doesn't make it ok.

I'm fine with blocking things on someone else's site. I'm not ok with injecting things on someone else's site.

[–] [email protected] 2 points 1 year ago (1 children)

What are you talking about? If the logic and metadata is completely stored in your machine, there's no privacy violation. The ads themselves don't need any PII unless you opt in to some kind of profit sharing system (e.g. you get paid to see ads), and that can simply be handled by the browser itself (i.e. a cryptographic signature that can only be verified client side).

As for not liking injecting stuff into a browser, what about browser extensions show you if another site has a better deal on something? Or accessibility tools that change the styling of the site? Or password managers that inject auto fill buttons? Or addons like RES that add features like previously viewed posts or times you've upvoted a user?

Injecting ads is the same idea, you're removing features you dislike and adding features you do. The unethical part is profiting from sites, which is why those profits should be shared with those sites. I think there's a good case to be made that sites, browsers, and users can all make more with this method and without violating user privacy (the advertiser doesn't need to know anything about you specifically, it just needs to know that the browser can place ads effectively). All data can stay on your local machine and never sent to the browser vendor, website owners, or advertisers.

If Brave got that to work, I'd consider it. I'd prefer it to be an addon to my browser instead. Here's how I'd prefer it to work:

  1. I install an open source, auditable extension that tracks my browsing history locally to serve relevant ads
  2. Sites sign up for the program and provide a tracking key that only tracks that website (unique per site, not part session/user)
  3. Once I hit some amount of ad views on a given site in a given day, ads go away; my browser is 100% in control of that
  4. Profits go to an open, auditable service that distributes a portion to sites, the addon vendor, and users who opt in (with anymore crypto wallets); if users opt out, those profits are donated to a charity instead (again, publicly auditable)

This way, the user:s privacy isn't violated, sites make a profit, the addon maintainer gets paid (ideally a nonprofit org), and users can get some pocket change as well. Everything would be auditable, so nobody can pull a fast one without getting caught.

[–] [email protected] 3 points 1 year ago (1 children)

You let me know when you find a system that analyzes your data locally and chooses an ad to show without letting anyone know anything. Even just delivering the ad is violating a level of privacy because they know it targets you at the very least. But beyond that, targeted ads require statistics to build to know how to target. You need data to build a model. You can't build that without sharing.

[–] [email protected] 1 points 1 year ago (1 children)

I think Mozilla's Pocket does this. Here's an article about it. It's light on details, so maybe there are better sources out there.

[–] [email protected] 1 points 1 year ago (1 children)

I mean, there's a difference between targeted ads which rely on a lot more data versus sponsored content which honestly, I didn't even know what based on preferences. It is fairly hodgepodge and I figured everyone saw the same thing. It never really interested me so I turned it off.

It's light on details as to how much preferences really play into those sponsored articles. Which you can turn off.

But targeted ads that are worth money require a lot more of a model. Advertisers won't pay for potshot ads if they can get better targeting elsewhere. Advertising simply isn't a good model.

[–] [email protected] 2 points 1 year ago

Browsers have access to all of your data and they don't need to guess based on cookies and whatnot if searches are from the same person. So naturally, a browser is the perfect place to mine personal data for advertising purposes. If the browser is open source, the treatment of ads can be audited to ensure no personal data is being leaked.

For example, if you frequently visit gaming related websites, then the browser will know to show you gaming related ads. Google would only be able to do that if you use their search engine or if enough of those sites opt in to sharing data with Google (e.g. amp links, Google Ad integration, etc). So Google's ads (or any other kind, for that matter) are by default less relevant because they have less information than something served by a browser.

The difference between doing it browser side vs server side is where privacy comes in. With server side (e.g. Google's method), your data is sent to Google and they can then do whatever they please with it (depending on jurisdiction and what laws apply). With browser side, your data stays on your machine, so it never needs to go to the browser vendor or advertisers, so it cannot get sold or used for anything outside of the browser. The only thing advertisers and browser vendors would know is how many times an ad was shown and how many times it was clicked on, and that could not be traced to you specifically unless you do something to opt in to that. That's it. No privacy violation.

So since browsers have access to more data than an advertising company would, they can be a lot more relevant. Browser vendors could pay users a bit to allow anonymous usage statistics to refine their model, but I don't think that's necessary.