Mozilla on Tuesday expanded its free privacy-monitoring service with a paid-for tier called Mozilla Monitor Plus that will try to get data brokers to delete their copies of subscribers' personal information.
Mozilla introduced Monitor in 2018 as a way to make people aware when their personal info may have been stolen, leaked, and/or illicitly traded online.
Called Firefox Monitor at launch, and now Mozilla Monitor, it provides a service that's not just similar to the venerable HaveIBeenPwned.com - it uses the HIBP database as its source.
Necessarily alert to revenue diversification opportunities in light of its dependence on Google paying to be the default search service on its beleaguered Firefox browser, Mozilla has taken Monitor beyond HIBP alerts, added data removal, and branded that expanded service Monitor Plus with a subscription fee of $8.99 per month.
The idea being that, for paying users, Monitor will do what it can to scrub their personal info from recognized data brokers that buy and sell netizens' details and records with other businesses, such as those folks' locations and online habits.
While Monitor flags up criminal activity, Monitor Plus deals with removing info from ostensibly legit brokers; we can't imagine the org will have much success persuading underworld fraudsters to remove people's records.
Mozilla joins more than a dozen other companies offering similar data removal services targeting a varying number of vendors, such as Abine's DeleteMe, Optery, and Incogni, among others.
These businesses contact data brokers and ask them to remove personal information from their info stores on behalf of netizens, a time-consuming and onerous process if done manually.
That falls well short of the 549 data brokers currently registered in the State of California's Data Broker Registry, to say nothing of firms not doing business in the state or just operating illegally.
So Mozilla Monitor Plus is an incomplete, temporary fix - sites may reacquire customer data, necessitating follow-up removal requests - in a largely unregulated data broker business that has made few accommodations to demands for privacy.
A decade ago, in 2014, the FTC called on Congress to do something about the data broker industry.
Which saw Facebook's Cambridge Analytica scandal and the implementation of Europe's 2016 General Data Protection Regulation, demands for data privacy and protection began showing results.
A year later, with browser rivals starting to block third-party cookies by default, Google saw the writing on the wall and set about designing its Privacy Sandbox advertising tools for a world grown wary of third-party tracking and data gathering.
Lately, info brokers have received a lot of attention - not enough to merit an actual federal privacy law but more than usual for the intervention-averse US. The Federal Trade Commission recently banned X-Mode Social from sharing or selling location data.
US Senator Ron Wyden called for domestic intelligence agencies to stop buying location data.
The Biden Administration is reportedly working on an executive order limiting data brokers from sharing or selling data on Americans to foreign adversaries.
The most significant development in the US in terms of data brokers has been California's Delete Act, which follows on the heels of the California Consumer Privacy Act and the state's Privacy Rights Act.
Starting January 1, 2026, the California Privacy Protection Agency is supposed to deploy a one-stop data deletion mechanism to allow consumers to request that data brokers stop tracking them and delete their personal info.
By August 1 that year data brokers will be required to process people's deletion requests every 45 days.
So two years hence or thereabout, Monitor Plus and related services may not be necessary for those in California - they'll no longer need to pay to recover the privacy taken from them without consent, at least with regard to third-party brokers.
This Cyber News was published on go.theregister.com. Publication date: Tue, 06 Feb 2024 22:13:06 +0000