Mozilla is planning to collect domain-level browsing history on an opt-out basis

I've said it before that I generally prefer opt-in. However, if they stick to the principles outlined in the second document (categories 1&2 may default on, categories 3&4 default off) I certainly wouldn't call that syping on people. I understand that the developers of such a huge project need data how their software is used - provided that this cannot be used to identify a specific person. And it's important that anyone can always opt-out.

 

I have just read it again, and perhaps it's indeed not THAT bad.

 

Does anyone seriously believe it will end there? Today there will be an opt out. Tomorrow when everyone's forgotten about it...

 

No. For starters they can't always opt-out and be assured it will stay that way. The opt-out model is dodgy at best and no one should have to opt out of anything because by default it makes YOU do the work and makes YOU responsible to know it even exists, among other things. Again, what they're counting on is that being opted in by default will mean the majority of people (Average Joes) will be unaware so they can happily get on with their data mining.

Imagine how much of your day will be tied up circumventing the ridiculous opt-out situation if everyone forced you to do it? Unfortunately this horrible model is increasingly being forced on the public both online and off. When most people don't know about it or just accept it if they do, then the door is wide open for the harvesters to come right on in.

 

If someone argues that opt-in can't be used because it will result in "biased" data, it is very likely that they will eventually also argue for elimination of opt-out too. Since allowing people to opt-out *also* results in "biased" data. If they argue that opt-in is not necessary because of the supposed privacy protection offered by a differential privacy scheme, they are even more likely to eventually force telemetry on everyone. Because they've already dismissed individual level privacy concerns, and ignored or dismissed the group/society level privacy concerns too.

 

Again, I also would definitely prefer opt-in. But the assumption that they are also planning to eliminate opt-out is counting eggs before they are hatched.

Rather than condemning all kinds of data collection wholesale, it would be useful, IMO, to discuss what differential privacy really is and what its possible drawbacks are. An interesting and balanced article is this one by Matthew Green, a well-known cryptographer at Johns Hopkins University. He also talks about Rappor - and he thinks positive about it.