Get rid of dark patterns

[dpifke]

The average user has no idea what "DNS" or "Cloudflare" are, nor the privacy impact of this setting.

The opt-out is labelled "disable protection," which seemingly forces them into uninformed consent. If I were a non-technical user, I would have no clue that clicking "OK, got it" means that Cloudflare, a company unrelated to Mozilla, now gets to know about every web site I visit.

Further, there is no link to Cloudflare's privacy policy or the Mozilla/Cloudflare TRR agreement. Firefox's Cloud Services Agreement makes no mention of DoH. The user should be prompted to read the resolver policy before "agreeing" to it.

May I suggest better text? Something like:

Your privacy matters. When you type a URL into Firefox, the Domain Name Service (DNS) is used to find the network address associated with the domain name. Your DNS operator—normally your internet service provider or your company's network administrator—is able to see what websites you are visiting. If you enable this setting, Firefox will securely route your DNS requests whenever possible to a service provided by Cloudflare, instead of the service provided by your network operator, which prevents them from snooping on these requests. Cloudflare's agreement with Mozilla (the maker of Firefox) about what they can do with your data can be found here.

Yes, use Cloudflare instead of my network provider No, continue to trust my existing network provider

[selenamarie]

Thanks for filing an issue. We're planning to share more about the process we went through to produce the text we are using in a blog post, but I'll briefly share here: We did rounds of UX research for the text we're using with people who use Firefox. We solicited their feedback on various messages and the text we are using is the result of that process.

The dropdown links to https://support.mozilla.org/en-US/kb/firefox-dns-over-https which in turn links to the TRR agreement. We'll be updating our privacy notice to reflect DoH shortly.