Firefox VPN Beta: Browser Only Privacy vs Mozilla's Full VPN

Mozilla’s experiment with a built‑in, browser‑only VPN marks a notable shift in how mainstream browsers are packaging privacy tools: Firefox VPN is rolling out as an invite‑only, free beta that protects only traffic inside the Firefox browser, promises limited telemetry with account‑linked logs deleted after three months, and sits alongside Mozilla’s paid, device‑wide Mozilla VPN offering — a contrast that raises important questions about scope, trust, and the economics of “free” privacy features.

Background / Overview​

Firefox’s new VPN feature is being trialed as an experimental, invite‑only capability embedded directly in the browser. According to Mozilla’s own support documentation, the feature is currently free during the beta period, routes only browser traffic through Mozilla‑managed VPN endpoints, and is available to a randomly selected set of users for a limited time. That documentation also states that Mozilla collects only technical telemetry (connection success/failure, per‑day bandwidth used) and will automatically delete logs linked to accounts after three months.
This build‑in browser VPN is separate from Mozilla VPN — Mozilla’s standalone, subscription‑based product launched in mid‑2020 — which protects all device traffic and is sold on a traditional subscription basis (historically advertised at approximately $4.99/month on annual plans and supporting up to five devices). Mozilla’s paid VPN is a full system client, while the new Firefox VPN is deliberately limited to the browser.
At the same time, the market already includes other browsers offering similar browser‑level privacy proxies: Microsoft Edge ships Edge Secure Network, a Cloudflare‑powered browser VPN that historically offered a free 5 GB monthly data allowance and protects only Edge traffic. That product’s design and policy choices are useful points of comparison for understanding Mozilla’s approach.

---

What Mozilla is shipping — technical summary​

How Firefox VPN works (per Mozilla)​

• Firefox VPN is a browser‑only network tunnel: when activated, Firefox routes web requests through Mozilla‑managed VPN servers so sites see the VPN endpoint IP rather than the user’s real IP.
• The feature is currently in Beta and invite‑only; access is rolled out to a subset of signed‑in Firefox users. Mozilla explicitly says the feature is “free of charge” during testing.

Data handling and telemetry​

• Mozilla’s support page makes two emphatic promises:
• Firefox VPN never logs the websites you visit or the content of your communications.
• Account‑linked logs used to operate the service are deleted after three months. Mozilla also stores aggregated bandwidth statistics for planning but says these cannot be traced to individual users.

Scope and limits​

• Browser‑only protection: traffic from other apps (desktop or mobile) is not routed through Firefox VPN — for device‑wide protection the paid Mozilla VPN subscription remains the option.
• Invite‑only beta: not all users will see the feature immediately. Mozilla’s rollout is controlled and region‑ or account‑gated during the test period.

---

Why one browser‑only VPN and one paid VPN? Understanding Mozilla’s product split​

Mozilla now operates two different VPN products that serve two distinct customer needs:

• Firefox VPN (browser‑only, free beta) — aimed at lowering the friction for users who want a quick privacy boost while browsing: no separate app required, integrated UI, and likely lower operational costs because it handles only browser traffic.
• Mozilla VPN (paid, device‑wide) — a full‑feature product for users who need system‑level protection, persistent device coverage across multiple apps, and features typically expected from paid VPNs (platform clients, multi‑hop, kill switches, broader server choices).

This two‑tier approach makes sense on paper: a free, browser‑only product can onboard mainstream users and demonstrate value (and goodwill) while a paid product addresses advanced needs and generates revenue. But the model introduces friction in the trust conversation — users must distinguish between the limited privacy guarantees of the free tool and the broader protections of the paid service.

---

Comparing Firefox VPN to Microsoft Edge Secure Network​

Similarities​

• Both are browser‑level privacy proxies — they do not protect system‑wide traffic.
• Both are/ were offered with a free tier/experiment: Mozilla’s Firefox VPN is free during beta, while Edge Secure Network provides a small monthly free allowance (historically 5 GB per month) to signed‑in users. Both solutions are positioned for quick, low‑friction protection on untrusted networks.

Differences and practical trade‑offs​

• Provider and infrastructure: Edge’s Secure Network is powered by Cloudflare, which publishes details about its privacy‑proxy platform and network footprint; Mozilla manages its own endpoints for the Firefox VPN (Mozilla’s support says “Mozilla‑managed VPN servers”). The provider choice affects trust calculus for users.
• Data allowance / throttling: Edge Secure Network’s public messaging has included a 5 GB/month free allowance and behavior‑based optimizations (not tunneling streaming video by default to conserve data), while Mozilla’s Beta asserts no speed or usage limits during the testing period; whether Mozilla will introduce caps after beta is unconfirmed. This distinction could be material for users who expect regular, longer sessions under VPN.
• Data retention policies: Microsoft and Cloudflare document their respective telemetry and retention approaches; Mozilla explicitly states account‑linked logs are deleted after three months for Firefox VPN. Users must evaluate whether the retention windows and unlinkability promises meet their privacy expectations.

---

Critical analysis: strengths, user benefits, and realistic limits​

Strengths — why this matters for users​

• Low friction, potentially free privacy: by integrating the feature directly in Firefox, Mozilla removes barriers to trying a VPN: no separate installer, minimal configuration, and a familiar UI. For users who only need to hide their IP while browsing on public Wi‑Fi, this is attractive.
• Separation of scope is transparent: Mozilla is explicit that Firefox VPN only protects browser traffic; it directs users who need device‑wide coverage to Mozilla VPN, avoiding an implicit promise of broader protection. That clarity is a positive change compared to some bundled privacy promises that overstate coverage.
• Short retention guarantees: the stated three‑month deletion policy for account‑linked logs is a concrete, time‑bound commitment that is stronger than “we don’t retain logs indefinitely” language and gives a measurable privacy baseline — assuming Mozilla enforces and audits that promise.

Practical risks and limitations​

• Browser‑only protection is a common user pitfall: many users assume a VPN protects all traffic. Without clear onboarding and repeated, persistent user education, people may mistakenly rely on Firefox VPN while other apps remain exposed on the network. This is an operational risk for privacy‑sensitive contexts (work documents, messaging apps, system telemetry). Mozilla’s documentation is clear, but in‑product messaging must be equally blunt.
• The “free” model’s economics and incentive questions: free privacy tools inevitably trigger scrutiny: who pays for the infrastructure and what tradeoffs are being made? Mozilla’s explanation — “collect only technical data needed to keep the service reliable” — helps, but skeptics will want more: independent audits, transparency reports, and external verification that aggregated stats cannot be re‑identified. Until those audits are public, claims of minimal logging should be treated as promises rather than proven facts. Unverifiable claim: long‑term 'free' status of Firefox VPN remains uncertain until Mozilla formalizes pricing or product plans beyond the beta.
• Trust centralization and jurisdictional questions: routing traffic through Mozilla‑run endpoints places operational trust in Mozilla’s infrastructure and legal jurisdiction. Users in countries with aggressive content rules or with adversaries targeting the VPN operator must weigh that risk differently than users in more benign jurisdictions. The same is true for Cloudflare‑backed Edge Secure Network — the operator matters.
• Feature creep and future ToU concerns: Mozilla’s March 2025 update to Firefox’s Terms of Use sparked a high‑profile debate about licensing and data usage; the company clarified it does not “sell data about you (in the way most people think about ‘selling data’)” and revised the language to emphasize limited data processing for operation of the product. That episode shows that even transparent privacy promises can be undermined by legal wording and commercial pressure; integrated privacy features should be evaluated within that broader governance context.

---

What Mozilla should publish next (and what users should look for)​

For Firefox VPN to move from a promising experiment into a trustworthy, widely used product, Mozilla should publish the following — and users should watch for these items before treating the service as a complete privacy solution:

• Independent security and privacy audits: publish a third‑party audit (similar to Cure53 audits for Mozilla VPN in the past) that inspects both the client behavior and server‑side logging practices.
• Transparent retention and incident reporting: beyond the three‑month deletion pledge, Mozilla should publish a transparency report and the exact data schema retained for troubleshooting (what’s logged, how it’s linked to accounts, and how it’s deleted).
• Clear in‑product UI messaging: the browser should repeatedly and plainly show “Firefox VPN protects browser activity only” to reduce accidental misuse.
• A stable privacy SLA and pricing roadmap: if the feature will remain free, Mozilla should state the long‑term model (donations, sponsorship, freemium upsell to Mozilla VPN), otherwise users should expect eventual caps or subscription prompts. Until Mozilla does this, the future of the free tier is not verifiable.

---

Practical recommendations for Windows users (short checklist)​

• If you’re selected for the Firefox VPN beta, treat it as a convenient layer of protection for web browsing — particularly when using public Wi‑Fi. Do not assume it covers your entire device.
• For device‑wide needs (gaming, system updates, messaging apps), consider Mozilla VPN (paid) or an established full‑feature VPN provider; Mozilla’s paid service is the direct upgrade option and historically listed $4.99/month on annual plans.
• Compare browser proxies: Edge Secure Network offers a similar browser‑only solution backed by Cloudflare and traditionally provides a 5 GB monthly free quota; choose based on trust of the operator and the technical footprint.
• If privacy is your top priority, require evidence: ask for audit reports, retention details, and legal jurisdiction disclosures before relying on browser‑level VPNs for sensitive tasks.

---

The broader market impact and what this means for privacy tooling​

The entrance of browser vendors into the “built‑in VPN” space is a logical evolution: browsers are where identity and content access converge, and integrating lightweight privacy layers removes friction. But the approach fragments user expectations about what a VPN is and amplifies the need for better privacy literacy.

• Browser‑level VPNs are useful for ad hoc protection: quick protection on untrusted networks, concealing IP for casual browsing, and mitigating opportunistic snooping.
• They are not substitutes for full‑device VPNs when you need: app‑level protection, regional server selection, or advanced features (split tunneling, router installs, P2P support).
• The real battleground will be trust and transparency: a browser vendor’s reputation matters; Mozilla’s non‑profit framing helps, but legal language and eventual monetization choices shape long‑term trust. The March 2025 Terms of Use episode is a reminder that even organizations with strong privacy branding can face credibility damage if legal language or disclosures mismatch user expectations.

---

What is verifiably true today — and what remains open​

Verified by Mozilla documentation and public provider statements:

• Firefox VPN is a beta, browser‑only feature that routes Firefox traffic through Mozilla‑managed VPN servers and is being tested via an invite program. Mozilla’s support documentation and in‑product help pages state the feature is free during the test and describe data‑handling promises (three‑month log deletion, no logging of visited websites or content).
• Mozilla continues to operate Mozilla VPN, its standalone, paid, device‑level VPN launched in 2020; that product and its pricing (historically promoted at ~$4.99/month on annual plans) are a separate offering.
• Microsoft Edge Secure Network is a comparable browser‑level VPN, powered by Cloudflare, and Microsoft’s and Cloudflare’s documentation and blog posts describe it as a 5 GB/month free browser VPN that protects only Edge traffic.

Claims that remain open or require third‑party verification:

• Whether Firefox VPN will remain free after beta and whether Mozilla will introduce usage caps or broader monetization is not yet confirmed. Mozilla’s support page frames the free status in the context of the beta; this is a forward‑looking commercial decision that remains to be announced. Treat long‑term free status as speculative until Mozilla publishes a product roadmap.
• Operational fidelity to the three‑month deletion claim: the statement is explicit, but independent auditors or transparency reports are the standard by which such claims become verifiable facts. Users who require provable, auditable guarantees should await third‑party audits. Unverifiable until audits are public.

---

Conclusion​

Firefox VPN is a pragmatic, low‑friction move: it lowers the bar for users to get basic IP‑hiding and encryption inside the browser without the overhead of installing a separate client. For everyday, casual privacy needs — checking email on airport Wi‑Fi, preventing passive IP‑based tracking, or obscuring your origin when browsing — a browser VPN can be a helpful tool.
But the details matter: browser‑only scope, operator trust, telemetry retention, and the durability of a “free” promise are the axes along which users should judge this feature. Mozilla has stated clear, time‑bounded telemetry promises and kept the product scope transparent, which is good. Still, the community’s demand for audits, published logs of deletion practices, and a clear long‑term product model remains reasonable and necessary.
In short: Firefox VPN is a welcome, well‑scoped experiment that will help mainstream users improve privacy with minimal friction — but it is not a panacea. Users who need device‑wide coverage or strong, auditable privacy guarantees should continue to rely on vetted, full‑feature VPN providers or Mozilla’s paid VPN while watching Mozilla’s transparency outputs closely as the beta evolves.

---

Source: Windows Central Firefox VPN — free, private, and probably not available to you yet