Mozilla: Moving Persona servers outside the US to escape surveillance won’t work, but changing the law will

Mozilla: Moving Persona servers outside the US to escape surveillance won’t work, but changing ...

Last week, media reports emerged discussing the US government’s involvement in broad surveillance of phone and Internet traffic via top secret programs. Mozilla today responded by calling for a “thorough investigation” of these surveillance activities and addressed worries regarding Mozilla Persona, noting that leaving the US is not an option, and it wouldn’t work anyway.

For those who don’t know, Persona is Mozilla’s answer to social networking logins offered by the likes of Facebook, Twitter, and Google+. The company revealed the BrowserID service in February 2012 and then launched a beta of the renamed Persona in September 2012. Developers can implement the service for authentication across smartphones, tablets, and desktop browsers.

Mozilla noted that it does store some user data, but only that which it needs to provide the features it validates with users and developers. As for calls to move Persona servers outside of the US to escape the now-revealed surveillance activity, the company said this:

We don’t think that would help, and even if it did a bit, we think we can be much more productive by focusing on other areas. First, it’s not clear to us that other governments have any less intrusive surveillance activities. Second, as a US company, Mozilla is subject to US Laws, wherever we host our servers. Third, we’d rather not engage in an arms-race with US government agencies. We’d rather focus on efforts to change the Law to respect user data wherever it lives.

Mozilla’s declaration is in part a direct response to a blog post titled “Mozilla needs to move Persona out of the US” that received a lot of attention on Hacker News yesterday. The most upvoted comment, however, from Persona developer Dan Callahan, said Mozilla is looking to get rid of the Persona servers altogether because the service “is designed to let you choose who you trust, and anything that requires centralization is considered a bug.”

Callahan listed four points of temporary centralization, each of which he said can be replaced independently:

  1. The JS polyfill. Until we stabilize the API, we ask that you link directly to
  2. The interface. Once browsers have native support for Persona, that will supersede both the polyfill and the interface. This is all based on what Mike Hanson called Locally Isolated Feature Domains (LIFD):
  3. The Fallback IdP. If your email provider doesn’t support Persona, Mozilla will certify your identity after you click a confirmation link sent to your email address. If your email provider does support Persona, it automatically supplants Mozilla’s fallback.
  4. The Hosted Verifier. Until we stabilize the data formats, we recommend that sites POST identity assertions to for verification. The assertions necessarily contain your email address and the site you’re logging into. We want this to go away soon, and François Marier has suggested a pretty slick way to get us there. Until then, we’ve got a strong privacy policy in place and we limit the data we log.

Just under three months ago, Mozilla updated Persona’s privacy policy to specify which data it collects and which it doesn’t. Today, Mozilla launched a campaign called StopWatching.Us, sponsored by a broad coalition of organizations, calling on citizens and organizations from around the world to demand a full accounting of the extent to which users’ online data, communications, and interactions are being monitored.

See also – PRISM: Here’s what you need to know about the US Internet monitoring scandal and NSA whistleblower is revealed: ‘I can’t allow the US to destroy privacy and Internet freedom’

Top Image Credit: Chris Chidsey

Read next: Microsoft joins Google in calling for increased transparency of government data requests