clock menu more-arrow no yes mobile

Filed under:

Firefox is showing the way back to a world that’s private by default

New, 11 comments

Tracking shouldn’t be the norm

If you buy something from a Verge link, Vox Media may earn a commission. See our ethics statement.

Illustration by Alex Castro / The Verge

One of the nice things about looking at the full scope of tech news for the day is that two stories that you otherwise wouldn’t think to connect end up playing off each other perfectly. So it was today with the following pieces of news.

First, Firefox is turning on a controversial new encryption methodology by default in the US. Second, Amazon is expanding its cashierless Go model into a full-blown grocery store.

Here’s where I see the connection: both are about companies tracking your activities in order to gather data they could monetize later. Let’s take them one by one, starting with Amazon.

You likely already know the story with Amazon Go stores: you can walk in and browse around, putting stuff in your cart as you like. Instead of checking out, you just leave. It all works because cameras track your every move and determine what you’ve picked up to charge you later. You can even pick something up, walk around the store with it, then put it back and leave and Amazon will figure that out. I know this because I’ve done it several times just to see.

Nick Statt visited Amazon’s new expansion of that concept and reported an excellent story about how it works as a full grocery store. He also interviewed executives on the details of how it’s all being positioned. Notably, this is an “Amazon Go” store and not just a Whole Foods. For Amazon, they’re two distinct retail models (for now).

Nick explains:

That complexity inherent to the grocery market is why Amazon chose to brand its new store as a Go one, instead of choosing to bring its cashier-less Go model to an existing Whole Foods location. Amazon wants the freedom to sell people products from major brands they might find at a city bodega, a neighborhood CVS, or a Kroger store, and not just the organic and high-end ones Whole Foods sells today. That sets up Amazon to service a wider variety of customers: Go stores for the office lunch crowd, Go Grocery for the everyday residential shopper, and Whole Foods for the organic-minded and more affluent.

But as you are thinking about this whole model I suspect that Amazon’s go to market strategy isn’t top of mind. Instead, there’s either an alarm klaxon going off in your head or — at the very least — a quiet voice saying this: it seems super creepy for cameras to watch your every move as you walk around a store. The follow-up thought is that the convenience of not having to check out is perhaps not worth the tradeoff for the surveillance that’s happening inside these stores.

I hear the same alarm. But I also visited Amazon dot com this week and shopped for all sorts of things. If you think that the surveillance and data collection that happens at an Amazon Go retail location is creepy, well friend, it’s got nothing on what Amazon can glean from what happens on its website.

Keep that tension in your mind as we turn to Mozilla and Firefox. The core thing that Mozilla is doing is trying to encrypt DNS, which stands for Domain Name Service. When you visit a website like, what you’re actually visiting is a much less descriptive series of numbers. DNS is the address lookup that tells your browser that the human-readable domain — — is located at a particular IP address.

For most browsers, that address lookup isn’t encrypted, which means your internet service provider (or anybody else interested enough to snoop on it) could see what websites you’re visiting. Putting DNS behind a secure connection means that it’s less likely that snoops could see where you’re going.

The decision is controversial on a number of fronts. There’s the ever-present concern about protecting kids form predators, of course, but there’s also a large group of security experts who think it’s not actually all that effective.

On the whole, I think that Mozilla’s decision is fundamentally good, even with the above caveats. That’s because it shifts the Overton Window for privacy, just a bit. Whatever you think of its efficacy, the shift helps to change our default assumptions about privacy, Specifically, browsing should be fully private.

If you haven’t connected the DNS story with the Amazon story on your own, let me lay it out more explicitly.

I don’t think we’ve fully grappled with the idea that by default there’s not an expectation of privacy with what we do online. Think about it in other contexts: would you recoil at the idea of a company knowing what books you casually browsed at the library or bookstore? Probably you would, which is why the Amazon Go concept seems so squiggy (technical term).

Until we got on the web, our browsing habits were private by default. Now, they’re not.

For web browsing, I admit that there are contexts where trusted people like parents (or less trusted but still in power over your time, like the company you work for) might have a legitimate reason for gathering information on the websites you visit. But for the most part, what we choose to look at should be our business — whether that happens online, in a library, or in a grocery store. And yet the default assumption online is that certain companies get to gather and use that information.

Specifically your ISP, the company that provides your web browser, or even any company that manages to drop a cookie on a website you happen to visit can all gather data on your web browsing habits.

In a different world, one where we made different choices about how to construct and pay for the web in the early days, the online tradeoffs we’ve all agreed to would seem as bizarre as Amazon Go cameras tracking our every move in a grocery store. In this world, though, why have we accepted one online trade as normal while finding the trade of cameras in a store to be weird?

When it comes to the online world, Mozilla’s solution may not be perfect. But it seems like a step in the right direction to me. As do all the other changes that are coming to web browsers — even Google Chrome is coming around to reducing tracking, as I’ve written about before.

For the past twenty years at least, we’ve been living in a world where the default assumption is that it’s okay for companies to track our browsing habits because we get something in exchange. But if you’re squigged out by having your real-world store browsing habits tracked, sit with that feeling and ask yourself: should you feel differently about online browsing?

Lastly: a quick note that if you’ll be in Austin during SXSW, you can come see a live Vergecast with me, plus other panels and events with Nilay Patel, Ashley Carman, and Dani Deahl. A lot of it is happening at The Deep End, Vox Media’s space at the conference, which doesn’t require a conference pass. It may require a reservation, though, so RSVP here:

If you can make it, please come say hi. I love meeting readers in the real world!

More from The Verge

Bob Iger steps down as Disney CEO, replaced by Bob Chapek. We’ll have much more on this completely surprising story, but for now Julia Alexander’s writeup covers the state of things quite well. The whole mood of media Twitter when this news broke was bafflement, intrigue, and a lot of concern that there’s some bad-news reason for Bob Iger’s sudden decision.

Tesla ignored safety board’s Autopilot recommendations, chairman says. Sean O’Kane reports from Washington, DC.

“What struck me most about the circumstances of this crash was the lack of system safeguards to prevent foreseeable misuses of technology,” Sumwalt said in his prepared remarks on Tuesday. “Instead, industry keeps implementing technology in such a way that people can get injured or killed, ignoring this Board’s recommendations intended to help them prevent such tragedies.”

Tesla Autopilot, distracted driving to blame in deadly 2018 crash. Sean went to DC primarily to report on this finding, which is a gut punch for Tesla. And to me, the most important part is this quote from NTSB chairman Robert Sumwalt: “It’s time to stop enabling drivers in any partially automated vehicle to pretend that they have driverless cars.” Amen.

Uber and Lyft generate 70 percent more pollution than trips they displace: study. Lyft disputes the claims, which from a city-planning perspective are quite damning.

According to the Union of Concerned Scientists, ride-hailing trips today result in an estimated 69 percent more climate pollution on average than the trips they displace. In cities, ride-hailing trips typically displace low-carbon trips, such as public transportation, biking, or walking.


CDC flu pandemic plans hint at the playbook for a new coronavirus outbreak.

Trump’s reckless coronavirus statements put the entire US at risk. Russell Brandom explains why it’s so dangerous for people in positions of authority to play fast and loose with the facts.

This is not a good time to be spreading confusion about public health. Once confined to Wuhan, then to China, the new virus is now spreading internationally, with hundreds infected in Italy, South Korea, and Japan. Preparing for a US outbreak is going to require ample medical resources, robust communication, and, most importantly, the public trust. Instead, Trump has minimized the threat and spread bizarre lies, making it hard for the average citizen to know what to expect. When a US outbreak does happen, that confusion could encourage panic — a panic that could amplify the damage from the disease itself.

Gadget news

Nest cameras were down for 17 hours because of failed server update.

Oppo’s Find X2 flagship phone will be announced next week. Honest admission: I find it increasingly hard to know how to talk about resolution for phone screens. In many cases I don’t care about what the pixel count is, just so long as it crosses Apple’s so-called Retina threshold where you can’t discern pixels at arm’s length.

I bring it up because there’s a small drama with the Samsung Galaxy S20 Ultra, which can’t maintain both 120Hz refresh rates and its full 1440-wide resolution at the same time (likely a battery consideration more than a horsepower one). But as I will note in my review later this week, even with a huge 6.9-inch screen I find 1080p totally fine — or at least worth the trade off for the higher refresh rate.

Maybe Oppo’s schtick with this phone will be having both high refresh rate and high resolution enabled at the same time. That’ll be important for Oppo’s bragging rights, but I am not sure it’ll be important for users.

The HyperBoom is Ultimate Ears’ first speaker suited for big parties. Cameron Faulkner has a good look at this party speaker, which is brave of him because it’s a party speaker with an understated design and our editor in chief Nilay Patel has made it editorial policy that we should mostly cover party speakers with bombastic design, neon lights, and ideally cupholders.

Microsoft’s new Xbox One dashboard now available with updated home screen. My colleague Sam Byford mentioned that this is the first non-baffling Xbox One interface in a long time, maybe ever. Totally agree.

How to make a seamless Instagram panorama. Vjeran Pavic has been doing these great panoramas on Instagram forever and they’ve always made me jealous. He finally wrote up instructions for how to do it.