Hello there! I’m Tony Amaral-Cinotto, a Product Manager on Firefox Relay and our other privacy and security tools.
Working in online privacy and security, it seems like it’s my entire world for most of the day, and it’s easy to forget that for most people out there, it’s just a minor part, if at all. I’m someone who gets excited if a friend comments at dinner that they think their phone is listening to them because of an ad that showed up recently. I love dissecting that and sharing information on how companies use highly sophisticated advertising practices to target them. Or when my mom asks while she’s traveling if it’s safe to connect to her banking website from hotel wifi.
I’m curious how you talk to others about privacy and security, like your friends, family, and coworkers.
Looking forward to learning from you!
I'm not a tinfoil hat wearer, but I think if people realised they could drastically improve their privacy with minimal effort they might think about it.
If the only way to protect your privacy was to buy a new phone or delete your facebook account - nobody's gonna do that. But switching browsers and search engine to Firefox and DDG, there's very little (if any) downside! You don't need to sacrifice functionality by ditching chrome.
I explained this to a mate and he switched straight away. We just need to reassure people that it's easy and that you lose nothing (except the snooping). There are other benefits too!
DDG is not "as good" as google for searching... that's true, but it can sure find "facebook" and "youtube". I'm technical and it's rare that I have to add "!g" to my DDG query to find what I need via google.
Gotta make sure people know that Firefox is independent and protect you against all those ads that read your mind and tracking that the big techs make $$$ from. I also suggested that FF could "showcase" just how much it's helping by making the tracking stats more visible here:
Hi @KERR thank you so much for sharing this insight. I really like the concept of it's the little wins that can have a big impact! It's great to hear that people are listening to these suggestions. Thank you for the recommendation as well about showcasing the privacy protections of Firefox more.
Definitely agree with everything @KERR has written -it's the little changes that have the least tangible effect on everyday life.
Two years ago, I worked in a public-facing technical support and repair role for a long time. Many people used the same password for everything or had "little black books" so talking about OS based password managers like Apple Keychain and Chrome and then third party apps like 1Password, Bitwarden and Firefox Lockwise (as it was then), made a big difference. Customers had no idea it was actually quite easy to use complex passwords for different sites and have their devices store them safely. I think Firefox has a great opportunity to promote secure password generation and make a few tweaks to make the built-in manager even more useful.
Advising people to use Facebook less was just a non-starter because for many, Facebook is the internet.
The one thing people do want is for their data to be available on whatever device is closest to them and in this world of ecosystems and platforms, this has become the assumed standard, when in fact, syncing can be quite hard. When I suggest to friends and family now to use alternate browsers and search engines, they want to be sure that bookmarks, tabs and passwords sync everywhere. Luckily Firefox does that.
It's actually fairly easy to suggest to someone to change to a computer browser but there's a bigger pushback with mobile and I guess the reason for that is that the browser is far more entrenched on mobile. So much so, that all browsers on iOS are skins for Webkit and this reduces what you can do. So if I say someone to use Firefox and uBlock Origin on desktop, they will get a great experience, come to mobile though and iOS doesn't allow extensions. Android does allow uBlock but even when you set Firefox as default browser, apps like News, Maps and others still default to a Chrome window which is really frustrating.
I realise I've gone on a bit! Focussing on the questions:
Sorry this has become a long post and there's lots more to talk about!
I've met several customers who are looking at VPNs and I like to explain it using a similarly of walking to a library.
Without a VPN, you leave home, walk to the library and pick up a book and everyone can see you during that journey. In fact, some might give you a flier for an event on the way or leaflet about a book sale or make a note that you left your home at a certain time and went to the library to build a pattern.
With a VPN, you're doing the same thing but wearing an invisible cloak. You're still leaving home for the library, but no-one can see you make the journey so you can't be ihanded anything and no-one is making notes.
With a free VPN, you have a translucent cloak so most people can't see you but the providers of free VPNs can hand you leaflets when you reach the library or tip someone else that you'll be there, simply because when it's free, you're the product.
I've found that this idea of going from one place to another resonates quite well and obviously you can personalise it by asking the customer a hobby and make it about a music shop or restaurant etc.
@interestintechthat's an interesting idea, you're right it has to be an easy switch and a package with it all built in would help. It's a little outside the scope of Firefox as it's a browser and can't replace the services, but what it can do is say "Hey you want to use ..... then do it on Firefox because ...." The message being Firefox can make your existing existing safer without causing too much change.
Maybe a bundle of add-ons that install in one go? Turnkey solution to making your life more private?
Google, Facebook, Amazon run services that mean different things to different people, but ultimately have the same business model applied in different ways. They all collect data and monetize it by either selling it, or allowing advertisers to target specific profiles. Of course those profiles follow us around which is why we have things like Total Cookie Protection in Firefox. Interestingly, Google does a huge amount of work to protect users with Safe Browsing, Spam protection etc. Gmail is probably one of the best email providers. The reason why Apple are outspoken about privacy is that they make all their money from the hardware you buy along with their services, like iCloud and Music. Compare though iCloud Mail to Gmail. Gmail is far better for identifying phishing, spam etc.
I guess what I'm getting at, is a) follow the money and b) sometimes switching isn't necessarily the best thing to do, just making it more private.
Exactly and it provides a gateway to other Firefox add-ons and products. The bundle would need to be preconfigured so it really is a turnkey. There could be some promotion created and maybe a video to explain what it is, how it works and why it's important or maybe separated into three for easy snack-able consumption.
In a perfect world, you would have a bundle that worked on desktop and mobile. I guess until Apple loosen their grip on the Webkit requirement and whatever Google needs to do to allow more extensions for Firefox mobile, it's bit more difficult.
Some addons that could be handy on mobile:
Adding to the conversation, this article was published today suggesting Firefox mobile is bundled with on-by-default add-ons and settings. Worth a read
Simular to what @KERR said, it would be handy to automatically download those extensions in a package to make it easier to convince your friends and family to easily download it, however I was thinking more of a complete file that deletes Google Chrome, Facebook, etc and installs Firefox, automatically adjusts the settings to your need (set in the installer) and automatically installs/replaces all services with data collection on your computer. Think of it like you go up to your parents, they use all these bad data collection services like Google and Facebook and once they download that ONE SIMPLE file it changes EVERYTHING instantly.
Just a thought about VPNs and pricing.
Many users only really need a VPN when they go on a trip and have to use some kind of public Wi-Fi, be it hotel, cafe, shopping mall or open working space. But unless they are doing this a lot, they don't need to pay for it every month.
I work at home and don't need a VPN unless I'm either travelling for work or going on holiday (vacation).
There needs to be a pricing model alternative where someone can pay for a day or a week at a sensible (not inflated) price rather than signing up for a subscription. I know subs are popular with developers but I think for a VPN that you don't need all the time, there needs to be a better way to engage with customers.
I appreciate this could be difficult with App Store/Google Play policies - I don't know if you can charge a one off fee for the day or week. Another option would be to pay for a voucher code on the FIrefox VPN site and use it in the app.
Then follow up with some ads that target users like me or those who book their package holidays as being the bit the holiday reps forgot to add!
This is really a fantastic suggestion and something we've been doing some research into. I really like the idea of the VPN subscription models matching people's needs instead of forcing longer term subscription. As someone who loves to travel this would personally be great for me 🙂
Hi, Tony ~
Please know that I and, likely others, care about privacy and security. I just don't want to get "buttoned up" so tightly that I cannot move about the web easily. I am cautious and selective with regard to searches. Recently, I find more and more of my sites are not accessible from the Foxfire browser so I end up going to
Safari. Today, a Nespresso customer rep wanted me to download Chrome. I do not want Chrome. I am wondering why this is; why I cannot sign on using the Firefox browser. Any ideas? Another concern, I receive notification of updates but no info re: the purpose for the update. This makes me feel uncomfortable as well as uninformed. How best to resolve this? Kindly respond so I can improve my understanding of changes.
Thank you @Mac6 for sharing this and @KERR for sharing where to submit web compatibility issues. There could be a mix of reasons for these issues including the sites themselves, tracking protection impacting the site and some other reasons. We strive to make sure users have their best experience on the web that is privacy preserving, many times though when we try to ensure users have a private experience on the web, some sites and 3rd parties that sites use do have different things that hamper this. Some of them are legitimate, like preventing fraud, while others might be more nefarious patterns to discourage the use of privacy preserving features.
Firefox has an 'Enable DNS over HTTPS' option in the Network settings options. I would recommend that setting to Firefox users. I've manually changed my default and VPN Network Connections to Cloudflare's IPv4 and IPv6 addresses in as a default. As a Firefox insider do you recommend DNS over HTTPS? Perhaps you'd like to like to talk about any relationship between Firefox and Cloudflare. Does Firefox plan to add other DNS options rather than custom options?
Hi everyone: Thank you so much for your great insights! I've loved so many of the ideas that you've shared including turnkey add on bundles, connecting to everyday behaviors with powerful metaphors, and looking to share changes that are very easy for people to make the switch like switching their browser to Firefox! A lot of the learnings here point to small nudges and encouragement by having your friends, family, coworkers, and connections take friction-less steps that seem small but have very big benefits. I would be interested to continue the conversation and learn more about if you've had any friends, family, coworkers that maybe weren't concerned about their privacy but you were able to get them to take a step towards improving their privacy practices online? How'd you go about that?
Sometimes when I have begun a conversation about these issues, it's started by talking about backups and it's important to use the 3-2-1 model (3 versions, 2 separate ones in your home and 1 online). Of this relates mostly to computer users rather than mobile, but it does open up a conversation. From theew, I ask about mobile and the answer is usually iCloud or Google Drive (or One).
Eventuallly, after talking about damaging or losing a device, we get to data privacy - I appreciate it takes a while but it's the journey that starts people thinking. By starting with "what happens if your computer is burnt/dropped/stolen" people begin to think what is important to them eg pictures, contacts, messages etc.
The next step is to the ask the question, "So if that data is so important to you, then who do you trust to store it safely?" Then we talk about trust, the internet and the services that companies offer. It's then easy to talk about making small changes like using Firefox!
I tell people to use Firefox, Signal, DDG, Proton etc. Some people don't understand the necessity of Online privacy and security. Even though people don't care its my responsibility to spread awareness.
I think it's easier to get someone to use another browser like Firefox than changing their messaging app because people use what their friends and family use. Convincing a whole group to change is a lot harder than an individual.
At the moment, Google is firing on all cylinders in a marketing campaign to make Apple adopt RCS in iMessage. Cleverly, they explain that it isn't Android users who have the issue, but Apple downgrading iMessage to SMS for anyone outside the iOS ecosystem. It seems to be more important in the US, but here in the UK most don't care that much because they use WhatsApp which is cross platform. I use Signal, after iMessage, but trying to get anyone else to is very difficult, even with Meta changing policies all the time and having a pretty poor record with people's data.
So while I have positive results with suggesting Firefox with Mozilla being a non-profit (which interestingly carries more weight than I realised), changing messaging is very difficult.