Vienna-based privacy non-profit noyb (None Of Your Business) has filed a complaint with the Austrian Data Protection Authority (DPA) against Mozilla, the developer behind Firefox, for rolling out a new feature called Privacy-Preserving Attribution (PPA) without obtaining explicit user consent.
Noyb claims that, despite the reassuring name, this feature allows Firefox to track user behavior across websites. "In essence, the browser is now controlling the tracking, rather than individual websites," the group stated.
The organization also accused Mozilla of following Google's footsteps by activating the feature without informing users. Similar to Google's now-abandoned Privacy Sandbox, PPA in Firefox version 128 was introduced as an experimental feature to enable websites to track ad performance without relying on third-party cookies.
Google's Privacy Sandbox aimed to replace cookies with browser-based APIs to help advertisers measure users' interests and deliver targeted ads, essentially turning the web browser into a middleman that categorizes users based on their online activity.
Mozilla, however, describes PPA as a non-invasive alternative to traditional cross-site tracking. According to the company, PPA allows websites to gauge how their ads perform without collecting data on individual users. This concept is reminiscent of Apple's Privacy Preserving Ad Click Attribution, designed to measure ad effectiveness without compromising user privacy.
Here's how PPA works: Websites that serve ads can ask Firefox to remember those ads in the form of an "impression" which includes details about the ad, such as its destination website. If the user later visits that site and takes an action (such as making a purchase), Firefox generates a report. The report is encrypted and submitted anonymously using a process called the Distributed Aggregation Protocol (DAP). The results are then combined with other reports to create a summary that protects individual privacy.
The encryption and aggregation are powered by a technique known as differential privacy. This method ensures that any shared data is obscured by random noise, preventing anyone from pinpointing individual users.
"PPA is enabled in Firefox starting in version 128," Mozilla noted in a support document. "A small number of sites will test this feature and provide feedback to guide our standardization plans."
The company emphasized that PPA doesn't share users' browsing activities with anyone. Advertisers only receive aggregated reports answering basic questions about their ads' effectiveness.
However, noyb contends that PPA, even in its limited scope, breaches the European Union's General Data Protection Regulation (GDPR) because it's enabled by default without asking for users' consent. "While this is less invasive than typical tracking, it still violates user rights under the GDPR," the group argued, adding that PPA simply adds another method for ad targeting without replacing cookies.
Noyb also highlighted concerns about Mozilla’s attitude towards transparency, pointing to a developer's comment suggesting that users wouldn't be able to understand how PPA works. "It's a shame that Mozilla believes users are too dumb to say yes or no," said Felix Mikolasch, a data protection lawyer at noyb. "Users deserve the right to make a choice, and PPA should have been turned off by default."
