It's a legally binding contract between Cloudflare and Mozilla. If Cloudflare were to violate it, Mozilla could sue and a judge would determine the penalties for Cloudflare. There should be some rough guidelines written into law as well.
And we're definitely not talking about small amounts.
Cloudflare violating it would result in Mozilla violating the privacy of millions, which can be interpreted as significant damages to the citizens. They're also both situated in California, so privacy will be valued by a judge. Given Mozilla's public image as a privacy-friendly organization, they could also push charges for damaging that image.
That penalty + the damage to Cloudflare's own reputation, I cannot imagine they would survive.
Data from temporary logs will be moved (anonymized) to permanent logs. For me this reads as: once it is there, it is not your data anymore, not from Cloudflare Resolver for Firefox and not PII, so we can do ~whatever we wish.
IANAL but it looks like extreme weasel wording (and not even remotely GDPR compliant), there is nothing to violate.
And we're definitely not talking about small amounts. Cloudflare violating it would result in Mozilla violating the privacy of millions, which can be interpreted as significant damages to the citizens. They're also both situated in California, so privacy will be valued by a judge. Given Mozilla's public image as a privacy-friendly organization, they could also push charges for damaging that image.
That penalty + the damage to Cloudflare's own reputation, I cannot imagine they would survive.