While it was kinda lame for Mozilla to add it with it already opted-in the way they did
That’s really the rub here. Reading the technical explainer on the project, it’s a pretty good idea. The problem is that they came down on the side of “more data” versus respecting their users:
Having this enabled for more people ensures that there are more people contributing to aggregates, which in turn improves utility. Having this on by default both demands stronger privacy protections — primarily smaller epsilon values and more noise — but it also enables those stronger protections, because there are more people participating. In effect, people are hiding in a larger crowd.
In short, they pulled a “trust us, bro” and turned an experimental tracking system on by default. They fully deserve to be taken to task over this.
I suspect every security baseline is going to include guidance for removing recall. There’s just no reason for this sort of malware on a system.