New Firefox Extensions Required to Disclose Data Collection Practices

Posted on By CWS

Beginning subsequent week, all new Firefox extensions might be required to declare their private knowledge assortment and transmission practices within the manifest file utilizing a particular key, Mozilla introduced.

The change is supposed to offer customers with elevated visibility into these practices through the extension set up course of.

The change solely applies to new extensions, and to not new variations of present extensions, and includes the usage of the browser_specific_settings.gecko.data_collection_permissions key when declaring knowledge assortment capabilities within the manifest.json file.

“Extensions that don’t acquire or transmit any private knowledge are required to specify this by setting the none required knowledge assortment permission on this property,” Mozilla explains.

An extension’s knowledge assortment practices will even be displayed on the addons.mozilla.org web page, however solely whether it is publicly listed. Customers will even see the data when navigating to the extension’s Firefox about:addons web page, within the Permissions and Information part.

“If an extension helps variations of Firefox previous to 140 for Desktop, or 142 for Android, then the developer might want to proceed to offer the consumer with a transparent strategy to management the add-on’s knowledge assortment and transmission instantly after set up of the add-on,” Mozilla notes.

Extensions that start utilizing the data_collection_permissions keys might be required to proceed utilizing them for all subsequent iterations. Extensions which can be required to make use of the property however don’t set it accurately cannot be submitted to addons.mozilla.org for signing.

Beginning subsequent yr, all Firefox extensions might be required to make use of the data_collection_permissions keys when declaring knowledge assortment capabilities, Mozilla introduced.Commercial. Scroll to proceed studying.

Associated: Hackers Goal Perplexity Comet Browser Customers

Associated: Chrome 141 and Firefox 143 Patches Repair Excessive-Severity Vulnerabilities

Associated: Browser Extensions Pose Critical Risk to Gen-AI Instruments Dealing with Delicate Information

Associated: Risk Actors Use SVG Smuggling for Browser-Native Redirection

Security Week News Tags:, , , , , ,

Related Posts

Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023 Security Week News
Zero Networks Raises $55 Million for Microsegmentation Solution Security Week News
Virtual Event Today: Cyber AI & Automation Summit Day 2 Security Week News
Adobe Patches Critical Code Execution Bugs Security Week News
Webinar Today: Protecting What WAFs and Gateways Can’t See – Register Security Week News
Virtual Event Today: Zero Trust & Identity Strategies Summit Security Week News