Mozilla has rolled out a new data consent experience in Firefox Nightly 139, giving users clearer, more consistent information about what personal data browser extensions wish to collect — right at the point of installation.
The feature represents Mozilla’s latest step toward tightening privacy safeguards and simplifying developer compliance. While the company is not changing its data collection policies or expanding what extensions can access, the mechanism for informing users and collecting their consent is being overhauled to remove ambiguity and standardize privacy prompts across all add-ons.
Previously, Firefox extensions could ask for data access post-installation through custom, developer-built interfaces. This led to inconsistent practices and sometimes buried privacy disclosures. The new system integrates consent prompts into the native extension installation flow. Developers must now declare any data their extensions intend to collect or transmit in the manifest.json file, using predefined categories. These categories are then surfaced during installation, allowing users to make informed decisions before proceeding.
Mozilla
Firefox’s extension ecosystem is vast, with thousands of add-ons that augment user experience by adding features like ad blocking, password management, and social media integration. The new system improves transparency for all users — technical or otherwise — by clearly delineating data requests such as location, browsing history, search terms, and cookies at install time.
For end users, this means:
- More visibility: Users will immediately see what data types an extension wants to access before it's installed.
- Stronger privacy controls: Extensions can only collect “required” data if the user explicitly consents to it during installation. Optional data can be granted or revoked anytime from the add-on’s settings.
- Clear “no data” indicators: Extensions that collect no data will be marked as such, reducing confusion and building user trust.
This update also addresses technical and interaction data — a category that includes device specs, extension usage, and error reports. While this data can only be collected optionally, Firefox now gives users the ability to opt in or out of sharing it during installation.
Mozilla
From a privacy standpoint, this shift is significant. Instead of relying on vague descriptions or after-the-fact prompts, users gain agency at the earliest and most crucial point: installation. Moreover, Mozilla's standardized taxonomy for data types — ranging from biometric data to personal communications — helps users better understand what they’re consenting to.
The implications are particularly important as extensions often operate with elevated privileges and deep access to browser internals. A poorly vetted extension with opaque data practices can easily become a surveillance vector.
The feature is currently available for testing in Firefox Nightly, Mozilla's development branch. Feedback from developers during this phase will help fine-tune the categories and ensure that the system can serve as a drop-in replacement for existing, custom-built consent workflows. A wider rollout to the stable Firefox channel is expected in the coming months.
Leave a Reply