When I first started contributing to what would become Firefox, eight years ago today, it was crystal clear what the mission was: break IE’s monopoly and push the Internet back towards open standards. That was a tough ask, especially after AOL spun out the Foundation and laid off most of the Netscape group. But we carried on, and the world we live in now is very different, with open standards rapidly becoming the building blocks of choice, and multiple browsers (including IE!) pushing the envelope on HTML5 features, JS performance, and user experience. To someone who was there eight years ago, this is amazing, and a validation of the way we attacked the problem.
Last year, after three and a half years as module owner, and almost seven years of living and breathing Firefox, I stepped down from that position in order to focus on what was then called Weave. I didn’t write a lot about the decision at the time, mostly because I wanted to focus on building something worth talking about. But I’m trying to write more, and something I’ve been talking about more lately is why Mozilla is stepping into the services space, so I figured it’d be a good excuse to dust off the old blog.
Admittedly, I was never much of a privacy nerd. While I wouldn’t give up my SIN for a toque (unlike someone I know…), I never really spent a ton of time thinking about which sites had data about me, or how they used it. However, the evolution of Facebook, Google, and even Amazon has changed the game, and with it my thinking on the subject. Much of what we do online today is tracked and used to build a profile of who you are, where you go, and who you know. Beyond that, there’s all of the information we explicitly put online ourselves, on Facebook, Twitter, Yelp, etc. Obviously there’s value there to both sides, the ad networks can market more effectively, and users get ads that are more relevant to their interests. Win-win, right? Well, maybe.
In any exchange, value has to be measured against cost. A friend deleted his Facebook account a year or so ago because he could not effectively measure either, or make an informed decision about whether the value was worth the cost. It’s especially hard to reason about cost in this case, because it’s generally not concrete or measurable ahead of time. But social media and web services can have real-world negative impacts on marriages (and divorces), careers, and even home security. In the most extreme case, Shi Tao, a Chinese dissident, was imprisioned for 10 years when data from his email account was turned over to the authorities.
And, of course, that’s just what happens without things going wrong. Sony is right now dealing with the fallout of a massive security breach, where personal data and credit card information for millions of users was obtained. Facebook made the news last year when apps were leaking user IDs to advertisers, allowing ad networks to directly correlate what they know about you already with who you are on Facebook. And there’s a long list of security and privacy concerns around more or less any major service you’ve ever used. I think we can, and should, expect better.
What we’re trying to build with Mozilla Services is a set of products that aim to let you have your cake (privacy) and eat it too (tasty tasty features). Firefox Sync is our first released product (part of Firefox 4 and up) and uses client side crypto to give users a great user experience without giving Mozilla anything other than encrypted blobs. The encryption keys are never provided to or stored by Mozilla’s servers, so we simply cannot get to your data. It’s a great feature, and I’m very excited to build more awesome, privacy-centric services. It’s a hard problem, both technically and from a UX perspective, but I think it’s important. That’s why I’m here, and that’s why I’m excited about where we’re going now. Expect to see/hear more about the next steps soon!