–Anonymous commenter
“Do you think other browser makers collect this type of data?”
Slide 8
Slide 8 text
Not an ethicist
Slide 9
Slide 9 text
How To Be Perfect
Slide 10
Slide 10 text
How To Be Perfect
Slide 11
Slide 11 text
Practical Ethics
Slide 12
Slide 12 text
Standard Disclaimers
This is what we do. It’s not perfect.
This approach is open source so you can steal it and make it better.
Give us your feedback so we can make it better too.
Slide 13
Slide 13 text
Lean Data
Collect only what you need
Keep it for the minimum amount of time
Don’t violate user expectations
Slide 14
Slide 14 text
Classes of Data
Slide 15
Slide 15 text
Category 1: Technical Data
Examples: OS, available memory, version number
Generally okay to collect, opt-out
Slide 16
Slide 16 text
Category 2: Interaction Data
Examples: # of tabs, session length, config settings, feature use
Generally okay to collect, opt-out.
Slide 17
Slide 17 text
Category 3: Web Activity Data
Example: browsing history
Stickier. Usually no, but may be possible with mitigation.
Slide 18
Slide 18 text
Category 4: Highly Sensitive Data
Examples: email, username, identifiers
Assume no. Maybe opt-in with advance notice, user consent, and secondary opt-out.
Slide 19
Slide 19 text
Collecting data is simple
1. Request for collection
2. Review by data steward
https://github.com/mozilla/data-review
Slide 20
Slide 20 text
What is a Data Steward?
Slide 21
Slide 21 text
“Case Law”
Precedent
Allows reasoning about data collection
Suggests alternatives
Slide 22
Slide 22 text
Privacy Preserving Data Collection
Slide 23
Slide 23 text
Experiments
Slide 24
Slide 24 text
–Rebecca Weiss, Director of Data Science
‘By not performing A/B tests before we release new features and
products, we are guilty of administering massive uncontrolled
experiments upon our users.
The only outcome measure that we can observe as a result of
these experiments is “how many users have we driven away
since we released that feature?”’
Slide 25
Slide 25 text
No content
Slide 26
Slide 26 text
No content
Slide 27
Slide 27 text
No content
Slide 28
Slide 28 text
Case Studies
Slide 29
Slide 29 text
No content
Slide 30
Slide 30 text
How’d that happen?
Good intentions, road to hell, etc
No data collected
No one felt empowered to say no
Slide 31
Slide 31 text
What did we learn?
More formal process
Definition of red flags
Deeper engineering review
Documented escalation paths
Slide 32
Slide 32 text
No content
Slide 33
Slide 33 text
“Burn it all. Burn it to the ground.”
Slide 34
Slide 34 text
Fin
We can all do better.
Learn from your mistakes.
Steal these ideas.
Steward your users’ data wisely.
Come ask questions.