Mozilla will require creators of Firefox extensions to openly disclose which user data they collect or share with third parties. The new rules will take effect on November 3, 2025, and will become mandatory for all developers in the first half of 2026.
Developers will now be required to add a separate browser_specific_settings.gecko.data_collection_permissions parameter to every manifest.json, listing the categories of information collected. These include: names, email addresses, search queries, as well as data about visited websites and browser activity. If the extension does not track the user at all, that must be stated as well.
Mozilla explains that the browser will automatically read this data from the manifest and show it to the user during installation, along with the list of requested permissions. The same information will appear on the extension’s page on addons.mozilla.org, as well as in the “Permissions and Data” section on the Firefox about:addons page.
The user will be able to either consent to data collection or decline it—similar to how permissions to access various browser features are currently granted.
At present, the new requirements apply only to new extensions, and developers of existing add-ons are not required to comply until their products are updated to use the new framework. Add-ons with incorrect (or missing) data about information collection will not be accepted by moderation — they will be returned with an error and an explanation.
Mozilla says these changes are another step toward greater transparency and user security. In this way, Firefox is moving toward a model where users know in advance what data about them the extension developer is interested in collecting, and can decide for themselves whether they want to install such an add-on.