Lightbeam Roadmap
Update: Lightbeam development has stopped until it is rewritten as a Web Extension.
- Show people how and when they are being tracked.
- Enable users who don't want to be tracked to avoid tracking.
- Eliminate advertising as a business model.
Tracking is any technique that can be used to accumulate history (purchases, browsing, messaging) and associate it with a particular person. There are many reasons for organizations to engage in tracking, including behavioral advertising, customized content, conversions, and government surveillance. Many of these reasons are legitimate -- in fact advertising revenue subsidizes almost all free web content. However, a combination of industry and government forces have aligned in a way to incentivize silent, invisible wholesale data collection of personal information. Because typical users don't recognize when or how data collection happens, it essentially takes place without user consent.
In 2013, Edward Snowden's revelations showed that industry and government tracking are intertwined. Although everyone knew this was possible, the Snowden revelation was the first case of documented misuse of advertising tracking for another purpose. This misuse has devastating impact on our economy, reducing trust worldwide in the mechanisms that enable free access to information, freedom of expression, and commerce.
Lightbeam seeks to reverse this loss of trust by making it easy for people to see and control who has access to their personal information. Lightbeam already does a good job at showing users their network connections. We want to make Lightbeam even more powerful by translating this information into a human-understandable format: who is tracking you, and what can you do about it?
Our roadmap for 2014 therefore focuses on three areas: transparency, choice, and accessibility.
The current graph view in Lightbeam displays all of the a user's history since installing the addon in a dedicated tab. It is a powerful view, but it doesn't inform the user which connections are active currently. To address this issue, Lightbeam should have a per-tab sidebar or widget view that shows the user all of the active connections on that page. Knowing which connections are active at any given moment makes Lightbeam data actionable. For example, Lightbeam has a feature that allows a user to block any given site. Choosing to block a site to which there is no active connection will not have an immediate affect. Focusing on current connections also makes it possible to port Lightbeam to mobile, which makes Lightbeam more accessible to more people.
Above is Sabrina Ng's mockups of a widget that may be more useful for mobile devices.
This mockup of a sidebar view may be more appropriate for desktop.
Do Not Track was the first major effort to enable users to opt-out of tracking in 2009. DNT cannot enforce this preference: rather, it is a way for users to declare their preference by sending an HTTP header in every request they they prefer not to be tracked. Around the same time the FTC investigated collection of user data by advertising platforms and asked the industry to come up with a self-regulatory mechanism, called AdChoices. Participation in AdChoices is voluntary: as of 2014 March 114 companies participate in this program.
Neither DNT nor AdChoices is guaranteed to work. Hence, Lightbeam should provide a way for users to avoid being tracked. Lightbeam does provide a way to block all communication with a given site. However, in the current implementation, the user must first initiate a connection to that site and then manually select each site to block. A more user-friendly approach would be to detect tracking sites automatically, then allow the user to block traffic from tracking sites.
Note that a sidebar or widget view is crucial in implementing this feature: blocking content from loading may break how websites are rendered, and without an accurate view into current active connections (or blocked sites) the user will be at a loss to understand problems.
Our deliverables for this capability are:
- The ability to identify tracking domains automatically based on one of the below.
- The ability to block traffic to tracking domains.
Note that if a domain has publicly declared that they obey DNT (or implements Tracking Preference Expression), we should provide the option to selectively enable traffic to those tracking domains.
- TrackingObserver from Roesner and Kohno makes progress in classifying tracking domains by the shape of their network graph. For example, if third-party content from a particular domain is included across many first-party sites, the domain has the capability to track.
- Use of automated crawl data (whether through existing Talos performance tests, Sauce testing, or other automated harness) may also be useful in constructing a global view of tracking domains.
- Use of third-party reputation data such as Web Ranking may help us classify tracking sites. For example, a site that sets many cookies but has low ranking may be a tracking domain.
- Use of third-party APIs or lists for determining tracking data, similar to how Firefox consumes Safe Browsing data to identify phishing and malware sites.
Currently Lightbeam is implemented as a Firefox addon. This limits the accessibility of Lightbeam to Firefox users, because first they must discover it before installing it. In particular, for users who have enabled Do Not Track in Firefox, they should be able to take advantage of Lightbeam's blocking functionality without having to install an addon.
Lightbeam's main source of information comes from the Firefox event, "http-on-examine-response" and its blocking mechanism uses nsIContentPolicy. The fact that Lightbeam is implemented at the addon layer means that other addons may interfere with its operation, which may lead to inaccurate detection of third-party connections and an overall confusing user experience. If Lightbeam were implemented natively, we could improve its performance, stability, and accuracy.
Lightbeam's current UI may be too complex. To improve the UI, we will:
- Simplify textual descriptions.
- Automatically filter information that is most important (related to the sidebar view)
- Introduce simple indicators (such as a audio indicator, or a ok-or-not score) for when the user is being tracked.
We track our progress through github milestones. To see the milestones for the next few releases, please visit https://github.com/mozilla/lightbeam/milestones.