Firefox 2 privacy concerns

A recent article, raised the question on whether, Firefox 2 new anti-phishing feature may pose a privacy threat.

First, let's understand how the anti-phishing feature works in Firefox 2.

Firefox uses what is called a blacklist, or a list of known scam sites which people have reported previously and have been confirmed by the blacklist provider, in this case Google.

To configure anti-phishing, select Options… in the main menu and go to the Security page. By default the blacklist is in the user's computer. Firefox updates this file about twice an hour. When a site is visited, Firefox looks for the web site address in this file and if present rises an alert.

The enhanced method provides an always updated blacklist but requires Firefox to submit every web address you visit to Google (encrypted via SSL) for it to be checked against the most updated blacklist. And here is where the privacy concerns begin.

So, what exactly is sent to Google? It is explained in the Terms of Service you must agree to enable access to the online blacklist:

If you choose to check with Google about each site you visit, Google will receive the URLs of pages you visit for evaluation. When you click to accept, reject, or close the warning message that Phishing Protection gives you about a suspicious page, Google will log your action and the URL of the page. Google will receive standard log information, including a cookie, as part of this process. Google will not associate the information that Phishing Protection logs with other personal information about you. However, it is possible that a URL sent to Google may itself contain personal information. Please see the Google Privacy Policy for more information.

There it is. In order to know if a certain web site is a spoof, you must share its web address with Google. And since some addresses include some personal information like when logging on to a service, sending email, etc., it is shared as well. Google says it won't associate phishing protection information. Plus, according to Firefox's own Privacy Policy, "Mozilla's third party service providers have entered into a written agreement with Mozilla not to use Personally-Identifying Information for purposes other than to enhance and maintain their service." So as far as word and legal bindings can go, your privacy should be safe.

But if you still don't trust Google and believe it has a hidden agenda and may abuse your personal data in spite of all legal bindings, then you will want to stay with Firefox's default local black list protection. 

Personally I think twice an hour is frequent enough for a local black list and so, I pass on Google's online blacklist. But that's just me.

Note that there is at least an alternative, the Netcraft toolbar which offers similar protection accessing an online blacklist provided by Netcraft. But, again, you must agree to sharing your visited web addresses for verification. And again, in the end it will depend on the provider trustworthiness for you to decide.

There is an ongoing discussion at Mozilla Corporation's Asa Dotzler's blog.