Changes to Firefox’s add-on policies that were announced on Wednesday, focus on privacy and security and will go into effect on December 1, 2021.
The open source browser Firefox is making some policy changes for add-on developers.
No big deal, Philipp Kewisch, the add-ons product operations manager at Firefox’s parent Mozilla, said in a blog announcing the upcoming changes on Wednesday. The organization is mostly clarifying their add-on policies to make them easier for developers to understand — although there are a few small changes in the works.
“While this has resulted in a substantially rewritten and reorganized document, the policy changes are modest and unlikely to surprise anyone,” he said.
According to Kewisch, only a few changes are likely to require action from add-on developers, with most of them centering around user privacy and security:
- “Collecting browsing activity data, such as visited URLs, history, associated page data or similar information, is only permitted as part of an add-on’s primary function. Collecting user data or browsing information secretively remains prohibited.
- Add-ons that serve the sole purpose of promoting, installing, loading or launching another website, application or add-on are no longer permitted to be listed on addons.mozilla.org.
- Encryption – standard, in-browser HTTPS – is now always required when communicating with remote services. In the past, this was only required when transporting sensitive information.”
The section on cookie policies has been removed, he said, meaning obtaining user consent before accessing cookies is no longer a requirement.
Add-on developers might also benefit from reviewing several other changes that were primarily focused on making the policies more clear, he said:
- “If your add-on collects technical data, user interaction data, or personal data, you must show a consent experience at the first run of the add-on. This update improves our description of these requirements, and we encourage you to review both the requirements and our recommended best practices for implementing them.
- There are certain types of prohibited data collection. We do this to ensure user privacy and to avoid add-ons collecting more information than necessary, and in this update we’ve added a section describing the types of data collection that fall under this requirement.
- If your add-on makes use of monetization, the monetization practices must adhere to the data collection requirements in the same way the add-on does. While we have removed duplicate wording from the monetization section, the requirements have not changed and we encourage you to review them as well.”
Firefox has published a complete preview of the policies that will go into effect on December 1st, 2021. In addition, the organization has provided direct access to a forum thread for developers who have questions about the updated policies or who would like to provide feedback.