Mozilla debuts two new tools to inform shoppers amid growing threats to privacy:

Annual Consumer Creep-O-Meter provides a high-level, annual benchmark; Digital Privacy Footprint Quiz provides a personalized privacy score


(SAN FRANCISCO, U.S. | WEDNESDAY, OCTOBER 18, 2023) -- The state of consumer privacy in the U.S. in 2023 has reached “Very Creepy” levels, the nonprofit Mozilla announced today, debuting its first-ever Annual Consumer Creep-O-Meter.

Inspired by the iconic Doomsday Clock, which has symbolically gauged the risk of global catastrophe since 1947, Mozilla's Creep-O-Meter measures threats to personal privacy posed by technology year-over-year. This year’s score is 75.6 out of 100, or Very Creepy.

To determine the score, Mozilla researchers examined five years of data from *Privacy Not Included (*PNI), a buyers guide focused on privacy, not price or performance. The score is an aggregate of Mozilla’s own research and analysis and consumer reviews from 2023 and late 2022. Since 2017, *PNI researchers have vetted over 500 gadgets, apps, cars, and more for security and privacy features and how they handle consumer data.

The scale can be expressed in numbers, words, or emoji. It ranges from 0 (Not Creepy) to 100 (Super Creepy), with A Little Creepy, Somewhat Creepy, and Very Creepy inbetween.

Mozilla today also launched a tool that enables individual consumers to gauge their personal privacy. The Digital Privacy Footprint quiz asks consumers which popular gadgets and apps they use — such as the Apple Watch, Ring Security Cam, and Amazon Echo Studio — and assigns a custom score indicating how well or poorly their personal data is protected. (Mozilla doesn’t record scores or collect any personal data through the quiz).

Says Jen Caltrider, *PNI Program Director: “We’ve entered the ‘Age of Creepy,’ defined by a growing loss of privacy, corporations that know more about us than we know about ourselves (or at least think they do) and a sense that there is really nothing we can do about it.” But Caltrider stresses that consumers do have power, and it’s more important than ever for people to demand better from companies and to push elected officials for stronger protective laws.

We’ve entered the ‘Age of Creepy,’ defined by a growing loss of privacy, corporations that know more about us than we know about ourselves, and a sense that there is really nothing we can do about it.

Jen Caltrider, *PNI Program Director


The Annual Consumer Creep-O-Meter also outlines big trends, winners, and losers:

Data collection is becoming more invasive and widespread. Many companies have recently ramped up their collection of valuable personal data for targeted advertising or AI training. Indeed, every car brand Mozilla reviewed this year failed to meet minimum privacy and security standards.

A majority of products reviewed are untrustworthy. Half of all products reviewed in 2023 and late 2022 earned a *PNI warning label. More than 90% now include microphones and/or cameras. And 40% of all mental health apps in the guide have gotten worse on privacy since 2022.

Security does not equal privacy. While more companies are meeting Mozilla’s Minimum Security Standards by using encryption and providing automatic software updates, they’re also collecting, sharing, and selling consumer data like never before.

Very few ‘dumb’ devices. More products than ever lack an “offline” mode. For example, the Verizon GizmoWatch is a kids’ product, but all of its features require an internet connection, leaving consumers no chance to opt out. In the past, people could buy some connected devices and turn off their connectivity to protect their data.

BetterHelp and Nissan are some of the worst offenders. Among the worst products are the mental health app BetterHelp, which shares data with advertisers, social media platforms, and sister companies; and car manufacturer Nissan, which collects intimate personal information including sexual activity and health diagnosis data without specifying its methods.

Transparency is lacking. It took Mozilla researchers almost five hours to read the privacy paperwork for the Meta Quest Pro VR Headset. Meaningful consent is becoming increasingly difficult for consumers; for instance, Subaru seemingly treats any passengers in connected cars as having consented to their vast data collection policy. Toyota gives its car buyers more than 10 different privacy policy documents to wade through. Most consumer agreements are awash in legalese and ambiguity, leading researchers to conclude that companies use these policies as a shield for themselves rather than as a resource to help consumers.


About *Privacy Not Included
*Privacy Not Included is a buyers guide focused on privacy rather than price or performance. Launched in 2017, the guide has reviewed hundreds of products and apps. It arms shoppers with the information they need to protect the privacy of their friends and family, while also spurring the tech industry to do more to safeguard consumers.

Press contact: Kevin Zawacki | [email protected]