Transparency Report Reporting Period: July 1, 2023 to December 31, 2023

Government Demands for User Data

In the Reporting Period, Mozilla received the following.

Legal Processes Received User Data Produced
Search Warrants 0 0
Subpoenas 1 0
Court Orders 1 1
Wiretap Orders 0 0
Pen Register Orders 0 0
Emergency Requests 0 0
National Security Requests 1 0-249 0-249

Government Demands for Content Removal

In the Reporting Period, Mozilla received no government request for content removal from our services.

Requesting Country Requests Received Items Removed Items Geographically Restricted
None 0 0 0

Trademark

In the Reporting Period, we received 16 Trademark Takedown Notices and 2 Counter Notices (note that takedown notices can target more than one item).

Mozilla Service Takedown Notices Counter Notices Items Removed
Firefox Add-ons 16 2 59
Pocket 0 0 0
Other Services 0 0 0

Legal Removal Requests By Companies or Individuals

In the Reporting Period, we received 0 private legal removal requests invoking laws other than copyright or trademark (note that takedown notices can target more than one item). Where takedown requests are made pursuant to national laws removal might be limited to the relevant jurisdiction.

Personal Data Requests

In the Reporting Period, we received 6,912 requests.

Service Received
Mozilla 5,262
Pocket 1,589
Fakespot 61

Targeted Advertising Disclosures

In the Reporting Period, and during the time we started targeted advertising, we have placed the following targeted advertisements.

Mozilla

Mozilla Foundation Ads

EU Monthly Active Users

Service Average MAU in the European Union
Addons.mozilla.org 2,787,000
MDN 2,773,086

Policy Supplement

During the course of this reporting period, Mozilla continued to protect the privacy and security of our users through public policy interventions. In the European Union, we refocused our efforts on the eIDAS legislation as the law entered its final stages in the legislative process. Article 45 in the law threatened encryption and web security by limiting standards for web certificates and taking away the independence of browser root store programs. Our efforts in H2 2023 focused on amplifying our policy focused campaign to drive awareness of the risks in Brussels, organising the cybersecurity community to highlight technical concerns, convening an industry open letter, conducting meetings with members of the European Council, Parliament and Commission, and engaging with civil society allies. Through these efforts, we were able to help persuade the European Parliament to introduce a cybersecurity clarification to Article 45 as part of its adopted public position on the legislation which will largely mitigate the security and privacy risks. We also reiterated our concerns on the Cyber Resilience Act (CRA) and engaged in conversations to protect the interests of the open source community. We also were quoted in media about browser support for global privacy control in Germany and ran a campaign on France’s efforts to make browsers the vectors of website blocking.

In the United States, we called for reform of Section 702 of the Foreign Intelligence Surveillance Act (FISA) and organised a builders letter in line with our long-standing advocacy on the issue. We also submitted comments on the FTC’s Notice of Proposed Rulemaking for the Health Breach Notification Rule (HBNR) and applauded the Consumer Financial Protection Bureau (CFPB) for taking on the data broker ecosystem. Finally, we also weighed in with our thoughts on the state privacy proposals in Massachusetts and Maine.

Globally, we wrote about the efforts of the Five Eyes against encryption and the threats it poses to democracy and also gave a talk at the Chaos Communications Congress on the privacy connotations of digital identity systems around the world.

Voluntary Threat Indicators & Data Disclosures

  • 0 Cybersecurity Threat Indicator Disclosures
  • 0 Other Specific User Data Disclosures