Security news that informs and inspires

Mozilla Rally Aims to Give Control of Personal Data Back to Users

A rather large fraction of the world economy is built upon a foundation of personal data, most of which is used for purposes that are entirely opaque to the people who provided it and manipulated, analyzed, and resold by companies that those people will never hear about. Mozilla is launching a new platform called Rally that aims to upturn that model and enable individuals to donate a tightly controlled set of their browsing data to specific projects designed to contribute to the common good of the Internet.

The project has some ambitious goals and achieving them will require the help and good faith contributions of a large swath of Firefox users. Rally is beginning as a function in Firefox and is opt-in only, and individuals can choose which studies they want to participate in. The collected data will be limited to only what is needed to the specific study, and the research partners working with Mozilla will only be able to access the data for their particular studies. The first two studies to utilize Rally are one on engagement with political and COVID-19 news at Princeton University and another at Stanford University on news consumption and how news organizations might be able to build sustainable business models.

Rally is the culmination of a long collaboration between Mozilla data scientists, academics, and folks in the civil society realm who came to realize that they were trying to address the same problems from different angles.

“These communities were reaching out to each other and trying to combine our forces and we realized we didn’t have the right data. At Mozilla, we have this big data platform and we thought there were other use cases for it. We have this big social problem and there was kind of a gap there in how it was being addressed,” said Rebecca Weiss, a data scientist and Rally project lead at Mozilla.

“We’ve kind of been inching toward this for years.”

The data economy at large is built on you, but you don’t get to play in that market at all."

For Firefox users who opt in to a Rally research project, the platform will collect a specified set of data that is germane to the study through a browser add-on. The specific types of data will vary from study to study, but the add-on will collect it passively as the individual wanders around the web. Rally will encrypt the data before it leaves Firefox and the information will be stored in a secure analysis environment. Each research partner only has access to data collected for its specific study, and once a study ends, Mozilla will delete all of the data. Rally will not collect data from Private Browsing windows by default.

Rally takes a novel approach to the collection and usage of user data by giving individuals the ability to consent to the use of their information for specific projects that they see as valuable. In that way it is the inverse of the way that most large platform providers handle user data, which relies on the outdated notice-and-consent model and enables them to use huge amounts of data for purposes that are almost never communicated clearly to their users.

But Rally is not designed to be a replacement for that model. That ship sailed a long time ago. But Weiss believes there is plenty of room and appetite for projects that are committed to ethical use of data for purposes that serve the greater good.

“There’s success on different horizons. The first is can you flip the script on how data is used. The data economy at large is built on you, but you don’t get to play in that market at all,” Weiss said.

“So in the long term how can we change that?”