Firefox makes blocking tracker cookies default

Starting this week Firefox browser users who update to the latest version will find a pro-privacy setting flipped for them on desktop and Android smartphones, assuming they did not already have the anti-tracking cookie feature enabled.

Mozilla launched the Enhanced Tracking Protection (ETP) feature in June as a default setting for new users — but existing Firefox users’ had to manually opt for that settings. But with the new version of the browser (v69.0), the setting is the default for everyone.

The feature aims to stop by default third party cookies that are used to infringe on the privacy of users and track them for a variety of purposes such as, among others ad profiling and cryptomining — a background practice that drains CPU and battery power. Again, Firefox will now block cryptomining by default, not only when user activated.

In a blog post about the latest release Mozilla says it represents a milestone that marks “a major step in our multi-year effort to bring stronger, usable privacy protections to everyone using Firefox”.

“Currently over 20 percent of Firefox users have Enhanced Tracking Protection on. With today’s release, we expect to provide protection for 100% of ours users by default,” it predicts, underlining the defining power of default settings.

Firefox users with ETP enabled will see a shield icon in the URL bar to denote the tracker blocking is working. Clicking on this icon takes users to a menu where they can view a list of all the tracking cookies that are being blocked. Users are also able to switch off tracking cookie blocking on a per site basis, via this Content Blocking menu.

While blocking tracking cookies reduces some tracking of internet users it does not offer complete protection for privacy. Mozilla notes that ETP does not yet block browser fingerprinting scripts from running by default, for example.

Browser fingerprinting is another pernicious privacy-hostile technique that is used to track and profile web users without knowledge or consent by linking online activity to a computer’s configuration and thereby tying multiple browser sessions back to the same device-user. It is an especially pernicious technique because it can erode the privacy that users might be deliberately deploying to try to prevent profiling.

A ‘Strict Mode’ in the Firefox setting can be enabled by Firefox users in the latest release to block fingerprinting. But it is not on by default. Mozilla says a future release of the browser will flip fingerprinting blocking on by default too.

The latest changes in Firefox continue Mozilla’s strategy — announced a year ago — of pro-actively defending its browser users’ privacy by squeezing the operational range of tracking technologies.

In the absence of a robust regulatory framework to rein in the outgrowth of the adtech ‘industrial data complex’ that is addicted to harvesting Internet users’ data for ad targeting, browser makers have found themselves at the coal face of the fight against privacy-hostile tracking technologies. And some are now playing an increasingly central — even defining role — as they flip privacy and anti-tracking defaults.

Even Google has responded to growing pressure around privacy — announcing changes to how its Chrome browser handles cookies this May. Though it is not doing that by default yet.

It has also said it is working on technology to reduce fingerprinting. And recently announced a long term proposal to involve its Chromium browser engine in developing a new open standard for privacy. Though cynics might suggest the adtech giant is responding to competitive pressure on privacy by trying to frame and steer the debate in a way that elides its own role in data mining Internet users at scale for huge profit.