application-services icon indicating copy to clipboard operation
application-services copied to clipboard
verified publisher icon mozilla

Bug 1972437: Add metrics when deleting undecryptable logins

Open skhamis opened this issue 6 months ago • 2 comments

Before we call delete_undecryptable_records_for_remote_replacement for logins, we should add metrics so we can track how many are actually being deleted (and also eventually have confidence in removing said logic once that number goes ~0).

Pull Request checklist

  • Breaking changes: This PR follows our breaking change policy
    • [ ] This PR follows the breaking change policy:
      • This PR has no breaking API changes, or
      • There are corresponding PRs for our consumer applications that resolve the breaking changes and have been approved
  • [ ] Quality: This PR builds and tests run cleanly
    • Note:
      • For changes that need extra cross-platform testing, consider adding [ci full] to the PR title.
      • If this pull request includes a breaking change, consider cutting a new release after merging.
  • [ ] Tests: This PR includes thorough tests or an explanation of why it does not
  • [ ] Changelog: This PR includes a changelog entry in CHANGELOG.md or an explanation of why it does not need one
    • Any breaking changes to Swift or Kotlin binding APIs are noted explicitly
  • [ ] Dependencies: This PR follows our dependency management guidelines
    • Any new dependencies are accompanied by a summary of the due diligence applied in selecting them.

skhamis avatar Jun 20 '25 21:06 skhamis

Data Request

  1. What questions will you answer with this data? How many unencryptable logins were detected and deleted and if it's an ongoing issue.

  2. Why does Mozilla need to answer these questions? Are there benefits for users? Do we need this information to address product or business requirements? Some example responses:

The benefits for the users is we're able to understand the severity of the issue and see the trends in unencryptable logins to better understand if we need to make additional changes.

  1. What alternative methods did you consider to answer these questions? Why were they not sufficient? No alternatives.

  2. Can current instrumentation answer these questions? No.

  3. List all proposed measurements and indicate the category of data collection for each measurement, using the Firefox data collection categories found on the Mozilla wiki.

Note that the data steward reviewing your request will characterize your data collection based on the highest (and most sensitive) category.

Measurement Description Data Collection Category Tracking Bug #
We've detected undecryptable login records and they haven't ran a deletion before. Since we're counting deleting logins that can't be decrypted, I've kept it at technical Category 1 “Technical data” https://bugzilla.mozilla.org/show_bug.cgi?id=1972437
  1. Please provide a link to the documentation for this data collection which describes the ultimate data set in a public, complete, and accurate way.
  • Often the Privacy Notice for your product will link to where the documentation is expected to be.
  • Common examples for Mozilla products/services:
    • If this collection is Telemetry you can state "This collection is documented in its definitions files Histograms.json, Scalars.yaml, and/or Events.yaml and in the Probe Dictionary at https://probes.telemetry.mozilla.org."
    • If this data is collected using the Glean SDK you can state “This collection is documented in the Glean Dictionary at https://dictionary.telemetry.mozilla.org/"
  • In some cases, documentation is included in the project’s repository.

This collection is documented in the Glean Dictionary at https://dictionary.telemetry.mozilla.org/

  1. How long will this data be collected? Choose one of the following:
  • I want to permanently monitor this data. (Sammy Khamis, Sync Engineer)
  1. What populations will you measure?

All channels in all countries in all locales, for Firefox iOS and Fenix

  1. If this data collection is default on, what is the opt-out mechanism for users? Standard Firefox telemetry controls

  2. Please provide a general description of how you will analyze this data. Via graphs in Looker/Redash.

  3. Where do you intend to share the results of your analysis? Internally to monitor logins sync health.

  4. Is there a third-party tool (i.e. not Glean or Telemetry) that you are proposing to use for this data collection? If so: No.

skhamis avatar Jun 20 '25 22:06 skhamis

@travis79, can I ping you for a data-review? I was trying to add data-reviewer but wasn't letting me some reason -- thanks!

skhamis avatar Jun 20 '25 22:06 skhamis