Mozilla Corporation (Moco) has decided to use AWS instead of in-house servers for most of its services.
Prominent examples of services which are hosted in AWS (or likely to be hosted in AWS, by end of 2015) are: [1] Firefox Crash Reports [2] Firefox Health Report [3] Firefox Auto-Update services [4] irc.mozilla.org [5] Firefox Downloads (FTP, HTTP(S)) [6] Telemetry [7] Services powering daily automatic submissions such as Blocklist Ping, Addons Ping, Addons update checks (Please note that the SSL endpoints of these services will be hosted in AWS as well. AWS, in theory, has full access to the certificates, IP addr of the client and any other information submitted by Firefox) In addition to these, Google Apps handles the mail services for mozilla.com, Okta (a third party service hosted in AWS) handles SSO for Moco employees. Given that cloud service providers such as Amazon are required to "co-operate" with US Govt agencies in secrecy and that any terms of contract between Amazon and Moco are irrelevant in this case, what steps are being taken by Moco to protect the privacy of non-American citizens ? _______________________________________________ governance mailing list [email protected] https://lists.mozilla.org/listinfo/governance
