From:  Monica Chew <mmc@mozilla.com>
Date:  21 Jun 2013 23:39:29 Hong Kong Time
Newsgroup:  news.mozilla.org/mozilla.dev.privacy
Subject:  

Re: partial third-party cookie blocking

NNTP-Posting-Host:  63.245.216.66

Hello Bil,

> I suppose it depends on which "nothing" you're looking at.  If
> Mozilla simply leaves the cookie policy alone, all sites continue to
> work and users can still choose to block third-party cookies if they
> accept its given compatibility challenges.  As a user, that's the
> default setting I want - a browser that works out of the box.

You are right that leaving everything alone means that no browser changes will break the web. However, by now I think it is clear that a substantial minority (11%) of users do care about tracking [1], and further more hardly any users (< 1%), even technological enthusiasts, know about or can manage their cookie settings effectively [2]. Going back to the CA analogy, accepting all CA authorities by default would certainly not break the web in the sense that pages will render effectively, but I am willing to bet that most people on this list would think that enabling all CA authorities by default is not a good idea [3]. I think the point of this effort was to move the ecosystem so that all users benefit, not just technology enthusiasts and privacy geeks.

[1] https://dnt-dashboard.mozilla.org/
[2] http://monica-at-mozilla.blogspot.com/2013/02/writing-for-98.html
[3] https://www.google.com/search?q=diginotar+revoke

> I know the thought is to block advertisers from tracking users, but
> there's two problems with this approach, 1) there are
> non-advertising use cases that this breaks, and 2) advertisers are
> already moving to other state mechanisms, which leaves only the
> non-advertising use cases to bear the brunt of this feature.
>  Granted, the Cookie Clearinghouse will help to some extent, but
> it's reactive and the earliest we'll see it in Firefox is toward the
> end of the year.

The current, experimental policy is only on by default in Nightly and Aurora users (0.1%), and so does not break the web for the vast majority of Firefox users who are on stable or slightly behind [4]. From my reading of Brendan's blog post the plan is to try out the Cookie Clearinghouse before progressing the new policy, so there shouldn't be a time when the false positive case you mention breaks the web for stable Firefox users.

[4] http://en.wikipedia.org/wiki/Template:Firefox_usage_share

> > We shouldn't let fear prevent us from experimentation, even if that
> > experiment fails
> 
> Can you share the criteria of what constitutes failure for this
> feature?

I think that some reasonable success criteria would include:

- Cookie Clearinghouse is able to come up with well-defined criteria for the lists and a reasonable way to maintain them
- Firefox is able to consume the lists with negligible performance overhead
- The lists function as intended (< x% for some small x false positives or negatives for stable Firefox users)
- To your point about user confusion, in the case of false positives or false negatives, the UI is sufficiently enlightening for enough people to report the false positive or negative into Cookie Clearinghouse

Thanks,
Monica