fidzu : thunderbird

The Digital Fairness Act (DFA) is a defining opportunity to modernise Europe's consumer protection framework for the digital age. Mozilla welcomes the European Commission's ambition to ensure that digital environments are fair, open, and respecting of user autonomy.

As online environments are increasingly shaped by manipulative design, pervasive personalization, and emerging AI systems, traditional transparency and consent mechanisms are no longer sufficient. The DFA must therefore address how digital systems are designed and operated - from interface choices to system-level defaults and AI-mediated decision-making.

Mozilla believes the DFA, if designed in a smart way, will complement existing legislation (such as GDPR, DSA, DMA, AI Act) by closing long-recognized legal and enforcement gaps. When properly scoped, the DFA can simplify the regulatory landscape, reduce fragmentation, and enhance legal certainty for innovators, while also enabling consumers to exercise their choices online and bolster overall consumer protection. Ensuring effective consumer choice is at the heart of contestable markets, encouraging innovation and new entry.

Policy recommendations

1. Recognize and outlaw harmful design practices at the interface and system levels.

• Update existing rules to ensure that manipulative and deceptive patterns at both interface and system architecture levels are explicitly banned.
• Extend protection beyond "dark patterns" to include AI-driven and agentic systems that steer users toward outcomes they did not freely choose.
• Introduce anti-circumvention and burden-shifting provisions requiring platforms to demonstrate the fairness of their design and user-interaction systems.
• Harmonize key definitions and obligations across the different legislative instruments within consumer, competition, and data protection law.

2. Establish substantive fairness standards for personalization and online advertising.

• Prohibit exploitative or manipulative personalization based on sensitive data or vulnerabilities.
• Guarantee simple, meaningful opt-outs that do not degrade service quality.
• Require the use of privacy-preserving technologies (PETs) and data minimisation by design in all personalization systems.
• Mandate regular audits to assess fairness and detect systemic bias or manipulation across the ad-tech chain.

3. Strengthen centralized enforcement and cooperation across regulators.

• Adopt the DFA as a Regulation and introduce centralized enforcement to ensure consistent application across Member States.
• Create formal mechanisms for cross-regulator coordination among consumer, data protection, and competition authorities.
• Update the "average consumer" standard to reflect real behavioral dynamics online, ensuring protection for all users, not just the hypothetical rational actor.

A strong, harmonized DFA would modernize Europe's consumer protection architecture, strengthen trust, and promote a fairer, more competitive digital economy. By closing long-recognized legal gaps, it would reinforce genuine user choice, simplify compliance, enhance legal certainty, and support responsible innovation.

You can read our position in more detail here.

The post Pathways to a fairer digital world: Mozilla shares views on the EU Digital Fairness Act appeared first on Open Policy & Advocacy.

31 Oct 2025 12:54pm GMT

The Rust team is happy to announce a new version of Rust, 1.91.0. Rust is a programming language empowering everyone to build reliable and efficient software.

If you have a previous version of Rust installed via rustup, you can get 1.91.0 with:

$ rustup update stable

If you don't have it already, you can get rustup from the appropriate page on our website, and check out the detailed release notes for 1.91.0.

If you'd like to help us out by testing future releases, you might consider updating locally to use the beta channel (rustup default beta) or the nightly channel (rustup default nightly). Please report any bugs you might come across!

What's in 1.91.0 stable

aarch64-pc-windows-msvc is now a Tier 1 platform

The Rust compiler supports a wide variety of targets, but the Rust Team can't provide the same level of support for all of them. To clearly mark how supported each target is, we use a tiering system:

• Tier 3 targets are technically supported by the compiler, but we don't check whether their code build or passes the tests, and we don't provide any prebuilt binaries as part of our releases.
• Tier 2 targets are guaranteed to build and we provide prebuilt binaries, but we don't execute the test suite on those platforms: the produced binaries might not work or might have bugs.
• Tier 1 targets provide the highest support guarantee, and we run the full suite on those platforms for every change merged in the compiler. Prebuilt binaries are also available.

Rust 1.91.0 promotes the aarch64-pc-windows-msvc target to Tier 1 support, bringing our highest guarantees to users of 64-bit ARM systems running Windows.

Add lint against dangling raw pointers from local variables

While Rust's borrow checking prevents dangling references from being returned, it doesn't track raw pointers. With this release, we are adding a warn-by-default lint on raw pointers to local variables being returned from functions. For example, code like this:

fn f() -> *const u8 {
    let x = 0;
    &x
}

will now produce a lint:

warning: a dangling pointer will be produced because the local variable `x` will be dropped
 --> src/lib.rs:3:5
  |
1 | fn f() -> *const u8 {
  |           --------- return type of the function is `*const u8`
2 |     let x = 0;
  |         - `x` is part the function and will be dropped at the end of the function
3 |     &x
  |     ^^
  |
  = note: pointers do not have a lifetime; after returning, the `u8` will be deallocated
    at the end of the function because nothing is referencing it as far as the type system is
    concerned
  = note: `#[warn(dangling_pointers_from_locals)]` on by default

Note that the code above is not unsafe, as it itself doesn't perform any dangerous operations. Only dereferencing the raw pointer after the function returns would be unsafe. We expect future releases of Rust to add more functionality helping authors to safely interact with raw pointers, and with unsafe code more generally.

Stabilized APIs

• Path::file_prefix
• AtomicPtr::fetch_ptr_add
• AtomicPtr::fetch_ptr_sub
• AtomicPtr::fetch_byte_add
• AtomicPtr::fetch_byte_sub
• AtomicPtr::fetch_or
• AtomicPtr::fetch_and
• AtomicPtr::fetch_xor
• {integer}::strict_add
• {integer}::strict_sub
• {integer}::strict_mul
• {integer}::strict_div
• {integer}::strict_div_euclid
• {integer}::strict_rem
• {integer}::strict_rem_euclid
• {integer}::strict_neg
• {integer}::strict_shl
• {integer}::strict_shr
• {integer}::strict_pow
• i{N}::strict_add_unsigned
• i{N}::strict_sub_unsigned
• i{N}::strict_abs
• u{N}::strict_add_signed
• u{N}::strict_sub_signed
• PanicHookInfo::payload_as_str
• core::iter::chain
• u{N}::checked_signed_diff
• core::array::repeat
• PathBuf::add_extension
• PathBuf::with_added_extension
• Duration::from_mins
• Duration::from_hours
• impl PartialEq<str> for PathBuf
• impl PartialEq<String> for PathBuf
• impl PartialEq<str> for Path
• impl PartialEq<String> for Path
• impl PartialEq<PathBuf> for String
• impl PartialEq<Path> for String
• impl PartialEq<PathBuf> for str
• impl PartialEq<Path> for str
• Ipv4Addr::from_octets
• Ipv6Addr::from_octets
• Ipv6Addr::from_segments
• impl<T> Default for Pin<Box<T>> where Box<T>: Default, T: ?Sized
• impl<T> Default for Pin<Rc<T>> where Rc<T>: Default, T: ?Sized
• impl<T> Default for Pin<Arc<T>> where Arc<T>: Default, T: ?Sized
• Cell::as_array_of_cells
• u{N}::carrying_add
• u{N}::borrowing_sub
• u{N}::carrying_mul
• u{N}::carrying_mul_add
• BTreeMap::extract_if
• BTreeSet::extract_if
• impl Debug for windows::ffi::EncodeWide<'_>
• str::ceil_char_boundary
• str::floor_char_boundary
• impl Sum for Saturating<u{N}>
• impl Sum<&Self> for Saturating<u{N}>
• impl Product for Saturating<u{N}>
• impl Product<&Self> for Saturating<u{N}>

These previously stable APIs are now stable in const contexts:

• <[T; N]>::each_ref
• <[T; N]>::each_mut
• OsString::new
• PathBuf::new
• TypeId::of
• ptr::with_exposed_provenance
• ptr::with_exposed_provenance_mut

Platform Support

• Promote aarch64-pc-windows-msvc to Tier 1
• Promote aarch64-pc-windows-gnullvm and x86_64-pc-windows-gnullvm to Tier 2 with host tools. Note: llvm-tools and MSI installers are missing but will be added in future releases.

Refer to Rust's platform support page for more information on Rust's tiered platform support.

Other changes

Check out everything that changed in Rust, Cargo, and Clippy.

Contributors to 1.91.0

Many people came together to create Rust 1.91.0. We couldn't have done it without all of you. Thanks!

30 Oct 2025 12:00am GMT

It's no secret that privacy and user empowerment have always been core to Mozilla's mission.

Over the years, we've consistently engaged with policymakers to advance strong privacy protections. We were thrilled when the California Consumer Privacy Act (CCPA) was signed into law, giving people the ability to opt-out and send a clear signal to websites that they don't want their personal data tracked or sold. Despite this progress, many browsers and operating systems still failed to make these controls available or offer the tools to do so without third-party support. This gap is why we've pushed time and time again for additional legislation to ensure people can easily exercise their privacy rights online.

Last year, we shared our disappointment when California's AB 3048 was not signed into law. This bill was a meaningful step toward empowering consumers. When it failed to pass, we urged policymakers to continue efforts to advance similar legislation, to close gaps and strengthen enforcement.

We can't stress this enough: Legislation must prioritize people's privacy and meet the expectations that consumers rightly have about treatment of their sensitive personal information.

That's why we joined allies to support AB 566, the California Opt Me Out Act, mandating that browsers include an opt-out setting so Californians can easily communicate their privacy preferences. Earlier this month, we were happy to see it pass and Governor Newsom sign it into law.

Mozilla has long advocated for easily accessible universal opt-out mechanisms; it's a core feature built into Firefox through our Global Privacy Control (GPC) mechanism. By requiring browsers to provide tools like GPC, California is setting an important precedent that brings us closer to a web where privacy controls are consistent, effective, and easy to use.

We hope to see similar steps in other states and at the federal level, to advance meaningful privacy protections for everyone online - the issue is more urgent than ever. We remain committed to working alongside policymakers across the board to ensure it happens.

The post California's Opt Me Out Act is a Win for Privacy appeared first on Open Policy & Advocacy.

29 Oct 2025 11:53pm GMT