Transparency Report Reporting Period: January 1, 2023 to June 30, 2023

Government Demands for User Data

In the Reporting Period, Mozilla received the following.

Legal Processes Received User Data Produced
Search Warrants 0 0
Subpoenas 0 0
Court Orders 1 0
Wiretap Orders 0 0
Pen Register Orders 0 0
Emergency Requests 0 0
National Security Requests 1 0-249 0-249

Government Demands for Content Removal

In the Reporting Period, Mozilla received no government request for content removal from our services.

Requesting Country Requests Received Items Removed Items Geographically Restricted
None 0 0 0

Trademark

In the Reporting Period, we received 23 Trademark Takedown Notices and 3 Counter Notices (note that takedown notices can target more than one item).

Mozilla Service Takedown Notices Counter Notices Items Removed
Firefox Add-ons 23 3 104
Pocket 0 0 0
Other Services 0 0 0

Other Takedown Requests By Companies or Individuals

In the Reporting Period, we received 0 private takedown notices invoking laws other than copyright or trademark.

Personal Data Requests

In the Reporting Period, we received 12,238 requests.

Service Received
Mozilla 9,604
Pocket 2,634

Targeted Advertising Disclosures

In the Reporting Period, and during the time we started targeted advertising, we have placed the following targeted advertisements.

Mozilla

Firefox

Mozilla Foundation Ads

EU Monthly Active Users

Service Average MAU in the European Union
Addons.mozilla.org 3,031,122
Hubs <50,000
Pocket 337,992
MDN 3,052,833

Supplement

During the course of this reporting period, Mozilla continued its efforts to protect the security and privacy of our users through public policy. In the European Union, we ramped up our work on the eIDAS legislation, which threatens web security by placing a ceiling on the standards for web certificates. This included amplifying our public campaign to drive awareness of the risks posed by the issue, organizing an event with a Member of European Parliament and our CSO, briefing the US National Institute of Standards and Technology (NIST) delegation, conducting meetings with members of the European Council, Parliament and Commission, and publishing a report on the negative impact of the law on Europe’s cybersecurity. After some positive developments in the Parliament vote, we are currently engaging with EU policymakers during the interinstitutional negotiations to ensure a net positive outcome for web security. We also organized a panel at the Computers, Privacy and Data Protection (CPDP) conference on privacy preserving advertising. We also published our position paper on the Cyber Resilience Act (CRA) and are engaged in conversations to protect the interests of the open source community.

In the United Kingdom, we continued our work on privacy preserving advertising and mitigating online tracking via conversations with the Competition and Markets Authority (CMA). We intend to expand our policy engagements in the United Kingdom in the coming months.

In the United States, we testified at a congressional hearing in DC on data brokers, spoke at an event organized by National Academies of Sciences, Engineering, and Medicine on children privacy, held meetings with the FTC and Congressional Staffers on privacy and advertising, and submitted comments to the US National Telecommunications Information Administration (NTIA)’s request on the intersection of privacy, equity, and civil rights in commercial data collection practices.

Globally, we joined the Steering Committee of the Global Encryption Coalition to defend encryption in the jurisdictions where it is most at-risk, including India. We also worked with local think tanks on the drawbacks present in the latest version of India’s data protection law. We also spoke on a panel at RightsCon 2023 on how privacy and security might look in the federated social media systems with a global perspective. In Kenya, we briefed the Parliament’s Committee on Communication, Information and Innovation on privacy and the importance of implementing Kenya’s data protection law.

Voluntary Threat Indicators & Data Disclosures

Type of Disclosure Number of Disclosures
Cybersecurity Threat Indicator 0
Other Specific User Data Disclosure 0