<html><head></head><body><div class="ydpbdc77141yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div></div>
<div>I recently did a side-by-side comparison of several mainstream (and some emerging browsers e.g. Brave) and found Firefox to be the least intrusive of the better browsers. </div><div><br></div><div>Using a network traffic monitor, I peeked under the hood to see what the browsers were secretly doing in the "background" and lo-and-behold, Chrome was so aggressive that it looked like a data-harvesting malware, even with add-ons and extensions disabled. I did some research on it and noted that users who had raised similar issues (several years earlier) had apparently been stonewalled for some reason. This led to a prompt and permanent uninstall of Chrome on that device.</div><div><br></div><div>Surreptitious data harvesting is problematic because it enhances online risks (e.g. risk of "spear phishing" attacks, as well as theft of business trade secrets - including theft by inference). This should be of concern to emloyees, enterpreneurs and government workers. So why aren't users switching in droves to less intrusive browsers? </div><div><br></div><div>I have two hypotheses about this:</div><div><br></div><div>1. Privacy awareness campaigns don't appear to be strategically contextualized and/or targeted. For example, the word "privacy" has a personal activity context connotation and may not trigger alarm bells in official contexts. I think words like "spying" or "snooping" or "stealing" need to be used a lot more as they convey, with far greater clarity, the idea of surreptitious activity and/or motives, while instilling a sense of urgent need for action.</div><div><br></div><div>2. Alternative browsers have to overcome network effects (and build their own). This requires long-game strategies that, on casual inspection, don't appear connected to browser adoption / lock-in. The strategy has to align with (and leverage) anthropological insights as well.</div><div><br></div><div>Let's use Chrome as an example:</div><div><br></div><div>Chrome users are locked-in to Google's strong network effects, which exist at the Android ecosystem level (developers, tech support, advertisers and end-users). </div><div><br></div><div>Google works hard to grow/maintain its dev community by offering a vast array of tools as well as monetization opportunities. Google's secret value proposition across all their products is... wait for it... "success".</div><div><br></div><div>Once onboarded, cool, proprietary (but apparently inconsequential) features tempt devs to tailor their webapps towards Chrome as the "main" browser and, slowly but surely, dev lock-in creeps in. The difference between Google and Microsoft in terms of dev lock-in strategy is that Google's approach is more subtle: it doesn't cause hard breaks in functionality on different browsers (which would be a big no-no for devs - it only degrades it.. quietly passing the UX pain to end users as "punishment" for using the "wrong" browser).</div><div><br></div><div>This leads to "works best on Chrome" advisories on millions of help pages / documentation, which in turn *heavily* influences end-user (and tech support's) preferences and more importantly, perceptions about quality and performance advantage. It's like a massively viral reverse ad campaign where the advertisers pay you to advertise *your* product.</div><div><br></div><div>Humans are creatures of habit and consistency. So the browser you use more frequently (or at work) is likely the one you'll want to use on your personal devices. Soon the user starts "advising" others on which browser is "best" (more free marketing). This reinforces the user's own perception of preferences, boosting perceived loyalty and making it even harder to switch even when the browser has issues the user doesn't like (cognitive dissonance). </div><div><br></div><div>I noticed this effect on myself when switching from IE (after almost two decades) to Chrome, and a few years later, from Chrome to Firefox. Switching is hard.</div><div><br></div><div>To get users to change their browser habits, it makes sense to target the dev & support ecosystem agressively with a different value proposition (i.e. "success"). This could mean being more flexible and pragmatic on certain core philosophies like FOSS, which pushes poor/hungry/enterpreneurial developers into the arms of monetized platforms. Food is no longer FOSS (unfortunately)... people need money to eat, and bills have to be paid. FOSS values are noble and important, but they become elitist when implemented as universal dogma without regard to economic context (e.g. for devs in low income countries).</div><div><br></div><div>Legal and policy tools have to be leveraged as well. Google rode on antitrust regulations, for example, to penetrate Microsoft's IE moat and give chrome a chance on the PC (they then cheekily went on to do what Microsoft had been penalized for doing, with their inbuilt OS integrated apps). </div><div><br></div><div>Slightly off-topic, but might be of interest to some. </div><div><br></div><div>Good day & brgds,</div><div><br></div><div>Patrick.</div><div><br></div><div>Patrick A. M. Maina</div><div>[Cross-domain Innovator | Public Policy Analyst - Indigenous Innovations]</div><div><br></div><div><br></div><div><br></div>
<div id="ydpbdc77141yahoo_quoted_0247858455" class="ydpbdc77141yahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
<div>
On Wednesday, June 5, 2019, 5:40:42 AM GMT+3, Alice Munyua via kictanet <kictanet@lists.kictanet.or.ke> wrote:
</div>
<div><br></div>
<div><br></div>
<div><div id="ydpbdc77141yiv3092818497"><div><div dir="ltr"></div><blockquote type="cite"><div dir="ltr"><a href="https://blog.mozilla.org/blog/2019/06/04/when-it-comes-to-privacy-default-settings-matter/" rel="nofollow" target="_blank">https://blog.mozilla.org/blog/2019/06/04/when-it-comes-to-privacy-default-settings-matter/</a></div></blockquote><blockquote type="cite"><div dir="ltr"><div dir="ltr"><div><br></div><div><p>What if I told you that on nearly every single website you visit, data about you was transmitted to dozens or even hundreds of companies, all so that the website could earn an additional $0.00008 per ad! This is a key finding from a <a href="https://weis2019.econinfosec.org/wp-content/uploads/sites/6/2019/05/WEIS_2019_paper_38.pdf" rel="nofollow" target="_blank">new study</a> on behaviorally targeted advertisements from Carnegie Mellon University and it should be a wake-up call to all of us. The status quo of pervasive data collection in service of ad targeting is untenable. That is why we’re announcing some key changes to Firefox.</p>
<p>Today marks an important milestone in the history of Firefox and the web. As of today, for new users who download and install Firefox for the first time, <a href="https://blog.mozilla.org/blog/2019/06/04/firefox-now-available-with-enhanced-tracking-protection-by-default" rel="nofollow" target="_blank"><b><i>Enhanced Tracking Protection will automatically be set on by default</i></b></a>, protecting our users from the pervasive tracking and collection of personal data by ad networks and tech companies.</p>
<p>It seems that each week a new tech company decides to decree that privacy is a human right. They tout how their products provide people with “choices” to change the settings if they wish to opt into a greater level of privacy protection to exemplify how they are putting privacy first. That begs the question — do people really want more complex settings to understand and fiddle with or do they simply want products that respect their privacy and align with their expectations to begin with?</p>
<h2><b>Privacy shouldn’t be relegated to optional settings</b></h2>
<p>When thinking about consumer privacy online, I’m reminded of the <a href="https://www.anderson.ucla.edu/documents/areas/fac/accounting/save_more_tomorrow.pdf" rel="nofollow" target="_blank">behavioral economics studies</a> which led to 401K plans (US retirement savings plans) moving from voluntary enrollment to auto-enrollment. Not too long ago most defined contribution retirement savings plans in the US required employees to sign-up and volunteer to start participating. Participation rates were very low. Why was that? Was it because people didn’t care about saving for retirement? Not at all! There were simply too many barriers to aligning with people’s expectations and desires and the benefits of saving for retirement aren’t felt immediately.</p>
<p>We are in a similar position with respect to software privacy settings. Pervasive tracking is too opaque and potential privacy harms are never felt immediately. The general argument from tech companies is that consumers can always decide to dive into their browser settings and modify the defaults. The reality is that most people will never do that. Yet, we know that people are broadly <a href="https://www.usenix.org/system/files/conference/soups2017/soups2017-samat-awareness.pdf" rel="nofollow" target="_blank">opposed</a> to the status quo of pervasive cross-site tracking and data collection, particularly when they learn the details on how tracking actually works.</p>
<p>We also know that traditional privacy features such as <a href="https://www.forbes.com/sites/kateoflahertyuk/2019/05/30/google-just-gave-2-billion-chrome-users-a-reason-to-switch-to-firefox/#3f5c9ae1751f" rel="nofollow" target="_blank">Chrome’s Incognito mode</a> are failing to live up to consumer expectations. The feature might keep your spouse from knowing what you’re thinking about getting them for your anniversary by erasing your history, but it does not prevent third-party tracking. Our research shows that Firefox users are seeking out privacy protection, particularly through the use of Firefox’s Private Browsing mode. In fact, nearly 25% of web page loads in Firefox take place in a Private Browsing window. The good news for these users is that Firefox’s Private Browsing mode has long put users first by blocking tracking. The bad news is that this generally isn’t true for many popular browsers, which allow tracking even in private browsing/incognito mode. A <a href="https://www.blaseur.com/papers/www18privatebrowsing.pdf" rel="nofollow" target="_blank">recent study</a> found that users don’t understand this and think their data is being protected, when it is actually not.</p>
<p>As was the case with retirement savings plans, what this shows us is that the burden needs to shift from the consumers to the companies whereby the complexity of privacy settings shouldn’t be placed on users to figure out. The product defaults should simply align with consumer expectations. That is the approach we are taking in Firefox.</p>
<h2><b>Enhanced Tracking Protection by Default</b></h2>
<p>As stated above, new Firefox users will have strong privacy protection from the moment they install. We also expect to deliver the same functionality to existing users over the coming months. Because we are modifying the fundamental way in which cookies and browser storage operate, we’ve been very rigorous in our testing and roll-out plans to ensure our users are not experiencing unforeseen usability issues. If you’re already using Firefox and can’t wait, you can turn this feature on by clicking on the menu icon marked by three horizontal lines at the top right of your browser, then Content Blocking. Go to your privacy preferences and click on the Custom option on the right side. Mark the Cookies checkbox and make sure that “Third-party trackers” is selected. To learn more about our privacy and security settings and get more detail on what each section — Standard, Strict, and Custom — includes, visit <a href="https://support.mozilla.org/en-US/kb/content-blocking" rel="nofollow" target="_blank">here</a>.</p>
<div id="ydpbdc77141yiv3092818497gmail-attachment_12202" style="width:610px;" class="ydpbdc77141yiv3092818497gmail-wp-caption ydpbdc77141yiv3092818497gmail-aligncenter"><img class="ydpbdc77141yiv3092818497gmail-wp-image-12202 ydpbdc77141yiv3092818497gmail-size-large" src="https://ffp4g1ylyit3jdyti1hqcvtb-wpengine.netdna-ssl.com/wp-content/uploads/2019/06/ETP_EN_Custom_PC_Cropped-600x508.jpg" alt="" width="600" height="508"><p id="ydpbdc77141yiv3092818497gmail-caption-attachment-12202" class="ydpbdc77141yiv3092818497gmail-wp-caption-text">For existing users, go to your privacy preferences and click on the Custom option, ark the Cookies checkbox</p></div>
<p>If you are new to Firefox, we’d love for you to give it a try. Download the latest version <a href="https://www.mozilla.org/firefox/new/" rel="nofollow" target="_blank">here</a>.</p>
<p>When it comes to privacy, <b><i>default settings matter! </i></b>We hope that the actions we are taking can ultimately compel change in the industry. Afterall, consumers deserve better.</p></div></div>
</div></blockquote></div></div>_______________________________________________<br>kictanet mailing list<br><a href="mailto:kictanet@lists.kictanet.or.ke" rel="nofollow" target="_blank">kictanet@lists.kictanet.or.ke</a><br><a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet" rel="nofollow" target="_blank">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>Twitter: <a href="http://twitter.com/kictanet" rel="nofollow" target="_blank">http://twitter.com/kictanet</a><br>Facebook: <a href="https://www.facebook.com/KICTANet/" rel="nofollow" target="_blank">https://www.facebook.com/KICTANet/</a><br><br>Unsubscribe or change your options at <a href="https://lists.kictanet.or.ke/mailman/options/kictanet/pmaina2000%40yahoo.com" rel="nofollow" target="_blank">https://lists.kictanet.or.ke/mailman/options/kictanet/pmaina2000%40yahoo.com</a><br><br>The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.<br><br>KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.<br></div>
</div>
</div></div></body></html>