most people I speak to about this tend to imagine selling data to be like people cold calling you with scams, getting suspicious advertisements that happen to be about stuff you just happened to be saying in the other room (which actually happened), and stuff like that. in Mozilla's case I'm pretty sure it's whatever Pocket is, considering how difficult it is in Firefox to turn that garbage off