Yeah I mean I feel like they’re just being overly cautious here (as lawyers often are) when in fact there is no real precedent to support that position. The law perhaps could be interpreted to stretch the definition of sale broadly, but in practice it isn’t right now.

Frankly, I find it offensive that businesses would choose to pass that minute risk onto the customer by weakening consumer rights.

Maybe it isn’t, but I just find it hard to believe the obsession with Merrivius on r/comics is completely natural.

The artist is Merrivius https://www.webtoons.com/en/canvas/elf-comic/list?title_no=983708

Elf girl is bottom left, the artist begins with M. Their comics are really popular on r/comics.

Edit: The artist is called Merrivius https://www.webtoons.com/en/canvas/elf-comic/list?title_no=983708

Shots fired lmao I bet this tanked on reddit, they’re obsessed with their elf girl (and that totally isn’t astroturfed).

Nah it would have cost the city the same regardless, you’re just talking about how much the civils business pays its workers.

Most likely this would have been part of a larger project of installing cycle lanes in various places. But it still would have been expensive, civil contractors are notorious.

Bitwarden is arguably a better choice, although the two options are generally so similar I wonder if they have a mutual owner.

Cool, I’ll give the video a full watch then. I normally don’t like Rossmann videos because he takes 30 min to say what he could have covered in 5-10.

But yeah, they shouldn’t be doing that. That’s selling of data. If they want to sell my data, that I manufactured by my literal blood, sweat, and tears of being alive, they should pay me for it first.

They’re not claiming a right to sell data right now, but they have removed the promise to not sell data.

That promise is a canary statement. When the canary dies it’s an indication of something, usually that it’s time to stop using the product/service.

More specifically, they aren’t claiming the right to sell data however they want. However, they do have to follow all legal requests, and they can bill for this provision. If a government compells them to sell they have to oblige.

Maybe it is kinda the same as when Google decided to get rid of the “don’t be evil” statement…

That was exactly what I was thinking of. Although I think there were even better examples with proper canary statements going away in line with the business’ alleged joining of the PRISM program.

Consideration does not have to just mean monetary payment

Your statement implies there are other forms of payment than monetary.

Firstly, “consideration” in this context means payment.

My statement did not state monetary payments only, just payment generally. I clarified 2 sentences later with “in exchange for a payment (money or otherwise)”. The point I’m making is that “consideration” is a payment in return for something else, and that payment can either be money or any other valuable item or service.

Ahh good ol Rossmann lol. I love him but I hate watching his videos, he goes far too ranty and repeats himself, it becomes hard to extract the real points.

Case in point, the video at your timestamp starts with an After-Before-Whatever rant before getting into any of the meat XD

I think everyone is really missing the points here. It isn’t just bad PR, it’s so bad that it can only be intentional. They didn’t just claim rights and put them back, they removed their pledges to not sell data. The conversation isn’t focused on the net result, the loss of the pledge, it’s diluted elsewhere.

Maybe they’re selling data to governments under law? I’m sure they already have terminology that permits them to do things legally required of them (so they don’t need you to give them further rights), and the general process for the tech industry is to protest against such government interference up until the point a contract is negotiated where the government pays for access. In fact, I think this is generally what’s happened with other businesses when their canary statements have gone away, as was revealed in the Snowden leaks.

Yes exactly. And that is entirely right and proper.

Nothing of what Mozilla should be doing meets that definition. Even if they share data with 3rd parties to process it, and even if they pay the 3rd party for that service, they’re not supposed to get something in return for providing the data. But also, providing data in such a manner does not mean they are selling it.

If they are getting something in return for providing the data, be it payment, other services or even simply a discount, then they’re doing something wrong.

I don’t think I said that? Consideration is any kind of payment, money or otherwise. The terminology of the law also says this, “monetary or other value consideration”. A discount is not really giving money to someone, but it may be valuable consideration (if it is part of a broader deal - a shop shelf discount usually isn’t).

I think you’re both right here. Mozilla has been hunting for money (to keep the lights on), and in doing so diversified into many things. However, when it has come to light that some of these things are grey or even black towards their morals, the right thing to do is to stop doing it. Instead of keeping their actions in line with their morals, they’re trying to change their morals to maintain their income.

Firstly, “consideration” in this context means payment. It’s standard contract law terminology. What that statement means is that Mozilla can’t give data to a 3rd party in exchange for a payment (money or otherwise) from the 3rd party.

Mozilla should still be able to “share” data with no value exchange, or even pay a 3rd party to process the data in some way. In the latter case, Mozilla would be giving the data freely, on top of a transaction where Mozilla provides consideration in exchange for the 3rd party’s service.

The only way, as I see it, that “valuable considerstion” towards Mozilla would occur is if the 3rd party were to give a discount on their service in exchange for the right to exploit the data. Or if Mozilla otherwise straight up sold the data.

I’ve only just started looking into this, but I think it’s all fluff. The claim is that any sharing of data could be considered a sale.

This article says that an overly generalised definition of “sale” was proposed in California law, but that language was removed before the law came into effect. The CCPA webpage also frequently talks about opting out of “sale or sharing”, implying those two are different concepts. Thus Mozilla should be able to share data as needed to perform user-driven functions, while still retaining the pledge not to sell user data.

There could also be more nuance in this. Perhaps Mozilla is concerned about liability based on third party actions - if they share with a 3rd party to perform a service, but that 3rd party doesn’t follow the privacy terms, then Mozilla has an increased risk of litigation.

I haven’t started digging into the actual law itself yet, but the cynic in me wonders if organisations and their lawyers are looking to use this misunderstood news story as an excuse to weaken the privacy rights language. And the effect here is more significant to the user than the mild reduction in risk for Mozilla.

I don’t think that’s the case. This article says that an overly generalised definition of “sale” was proposed in California law, but that language was removed before the law came into effect.

Mozilla is not selling your data, yet, but they have removed their pledge to never sell data.

It’s an intentional gradual change, and they’re playing a sleight of hand trick getting you to talk about whether they actually are selling data right now rather than the canary dying.

It could be a classic case of intentional overreach and then backpedalling to where they wanted to be. They didn’t just remove the canary statements where they plegded not to sell data, they literally gave themselves the right to sell data and then put it back on the shelf - that way you’re talking about the rights being back where they belong but not noticing the dead canary.