Just mandate an opt-in default. If the "3–10% of people [that] want this", wish to get out of their way and explicitly enable spyware, I believe this is a much more reasonable overall baseline (with respect to the other 90–97%). And considering most web-users rarely clear cookies, the preferences are effectively persistent already: which really appears to be the lobby's primary interest. If people were conditioned by dark patterns to accept, while holding onto cookies, excessive data collection happens without user-awareness and potential for reevaluation.

I'm no fan of browser signaling, because to me it seems like yet another unique identifier: to potentially, and ironically be (ab)used to improve browser-fingerprinting.

that asserts a given browsing session is being run by a human or bot with legitimate intent

How? If an agent browses the web through that session, then how can you reasonably "assert" that?

websites "with strong knowledge of 'personhood'" issue anonymous tokens that browser users and designated bots can present at other websites

What does that mean? Some creepy website that forces one to verify their "personhood" (by scanning one's face for instance), that issues "trust me bro, it's anonymous" tokens to a specific browser. And then the user is expected to present these unique identifiers at other websites, like there's no possibility these can be passed back onto the issuer, and therefore re-identify the session-user?

the way people interact with the web is changing and increasingly may involve autonomous agents.

Yeah, and who is pushing for this change? Right, Google among other AI companies. You just got to love companies creating "solutions" for problems they themselves are, at least in part, responsible for.

Mozilla is committed to defending openness and user privacy on the web

Ah, thankfully we can trust Mozilla to protect the privacy-community's interests... I mean, they certainly haven't made controversial decisions is recent times.

Honestly, the tech seems quite impressive. But I wouldn't touch Amazon-backed smart glasses, which "could also provide health insights, such as detecting dry eyes or monitoring posture", with a ten-foot pole; especially when there's also entirely passive bifocals and progressives.

E2EE isn't really relevant, when the "ends" have the functionality, to share data with Meta directly: as "reports", "customer support", "assistance" (Meta AI); where a UI element is the separation.

Edit: it turns out cloud backups aren't E2E encrypted by default... meaning: any backup data, which passes through Meta's servers, to the cloud providers (like iCloud or Google Account), is unobscured to Meta; unless E2EE is explicitly enabled. And even then, WhatsApp's privacy policy states: "if you use a data backup service integrated with our Services (like iCloud or Google Account), they will receive information you share with them, such as your WhatsApp messages." So the encryption happens on the server side, meaning: Apple and Google still have full access to the content. It doesn't matter if you, personally, refuse to use the "feature": if the other end does, your interactions will be included in their backups.

It turns out reCAPCHA has been a privacy nightmare from the beginning: from silently monitoring user activity in the background, to sending payment information to Google; in order for an AI to assess the data, and return a risk-score to the website. But that apparently wasn't bold enough, and now an effective 2FA is required, which provides additional telemetry to Google (but not to the website or app: which is obviously the privacy concern). So get ready to 2FA with Google upon registration, login, updating your cart, and payment; or to skip the hassle, you should just let an approved "shopping assistant" make purchases for you ("that drive a projected 25% increase in average order value"). I don't even own a modern Android or iOS device, so how am I supposed to solve these?

Isn't it ironic how ICE agents wear masks, while scanning everyone else's faces? Also props to Second Thought for not pushing defeatist mind-poison, because that's exactly what they want: for us to feel powerless, and making it seem "resistance is futile".

Why is this any better than a metal detector?

Asking the real questions here. My guess would be: they didn't have metal detectors, the metal detectors they had reached end-of-life, or preexisting metal detectors failed to integrate into a modern, unified surveillance system. And so the use of AI analytics tools, atop (preexisting) camera systems seemed more hassle-free (a subscription-based software integration) and cost-effective in the short term; that is if the unproven compromise bares any trust...

(1) Offer a solution which exacerbates bot-traffic on the internet, (2) legitimize the need for verification of users as a result, (3) offer the most privacy-invasive "solution" to the "problem" imaginable: problem(1)-reaction(2)-solution(3)... every parasite's favorite paradigm :)

Welp, this was bound to happen, wasn't it? I'm pretty sure they're referring to this application, which I stumbled upon a while back. If I remember correctly, the app "allows" (or implicitly forces) the user to store a government issued identity: able to attest to an age-restricted website, whether or not the user is of age.

It does this, supposedly by "just" sharing an age-bracket with the website; but here's the kicker: the Union, in its generosity, has granted their citizens an in-app option, to withdraw this signal from the websites it has been provided to. What this means in practice, is the app storing one's government-issued identify, also ties back to every account requiring "age-verification"...

So now, every device containing the app, has the owner's government-issued identify on it, together with connections to every age-restricted service. And considering the apps are maintained by the Union, or member states (through their own implementations), creating a backdoor to the application's contents... I mean to "observe app usage", would be absolutely trivial.

Again, I've read it a while back, so some things might've changed, and my memory might be spotty; but I'm quite sure it's along the lines I've described.

It's been like that for quite a while. I remember deleting all big-tech accounts in 2019, and shortly after, Facebook started requiring login for full public page access. Therefore I created a burner account using a 'this person does not exist' picture, which provided me short-lived access after manual review. For account recovery, I was required to supply additional selfies (or even video-selfies?), but at that point I gave up.

It seems the mods have decided otherwise, whereas a dedicated community can set its own rules. Like I said in the body, I'm not interested in constantly being bombarded with political posts; ideally only when I explicitly choose to visit such communities.

Management has lost all moral compass”: Android’s head of security walks out on Google Military AI, surveillance of Europeans, ethical principles cast aside: why he walked away

By Aymeric Geoffre-Rouland Published on 06/12/26 at 3:33 p.m.

René Mayrhofer has been protecting the security of your Android smartphone for nine years. He has just resigned from Google for a reason that directly concerns you: the company has signed an agreement authorizing the Pentagon to use its AI for classified operations, and the man who secured your smartphone believes these tools will “likely be used against” European citizens. “Management has lost its moral compass”: Android’s head of security slams the door on Google

He is the man who protected the security of your Android phone. René Mayrhofer left Google after nine years, in a resignation letter published on his blog titled “Google Management Has Lost Its Moral Compass.

”The trigger: a contract signed in late April between Google and the U.S. Department of Defense authorizing the Pentagon to use the company’s AI models for classified work, including military operations planning and intelligence.

“My decision has become inevitable,” Mayrhofer writes. “I am a pacifist. Actively contributing to harming human beings is not something I can or will condone.”

From the 2018 open letter to the 2026 resignation

Mayrhofer’s career at Google has mirrored the company’s ethical principles. In 2018, following the internal revolt against Project Maven (a drone image analysis program for the Pentagon), Google had published clear commitments: no AI for weapons, no AI for surveillance. Mayrhofer had signed the employee petition that year. Google subsequently withdrew from the contract.

This deal implies that Google products will likely be used directly against me and my loved ones. In this context, I don’t see how I could not resign.

• René Mayrhofer, Director of Android Platform Security (in his resignation letter)

Seven years later, the shift is complete. In February 2025, Google quietly removed from its AI principles the section listing prohibited uses: weapons, surveillance, and technologies likely to cause harm.

The change, announced by Demis Hassabis (CEO of DeepMind) and James Manyika, was not communicated internally, according to Mayrhofer. “None of this is discussed or communicated within the company. Decisions are made at the top, period.” But you can still find the PDF here, on the Wayback Machine.

A European academic speaks out against a loophole-ridden clause

Mayrhofer is not just a Silicon Valley executive. As a full professor at Johannes Kepler University in Linz, Austria, he views the Google-Pentagon contract through a European lens. What alarms him is that the agreement authorizes the U.S. military to use Google’s AI for “any lawful purpose,” with no restrictions on scope. In other words, the only limit is what the U.S. government itself considers lawful.

However, according to Mayrhofer, this administration “has already violated international law on several occasions.” He cites a warning from KU Leuven University in Belgium, which advised its staff against collaborating with U.S. institutions. His fear is that this elastic definition could encompass the surveillance of European citizens.

In 2018, Google committed to never using AI for weapons or surveillance (page 4 of the original AI principles). In February 2025, this section was entirely removed. © Screenshot taken from the Internet Archive (Wayback Machine), version dated January 30, 2025, five days before Google removed this section

He is not alone. In April, Andreas Kirsch, a researcher at Google DeepMind, told Business Insider that he was “incredibly ashamed” of Google’s decision. But Mayrhofer is the most senior executive to have taken this step publicly.

“I am aware that, as a tenured academic in the EU, I am quite privileged. Many others do not have this freedom,” he acknowledges. His notice period runs through August. He announced that he would immediately step away from any work on AI systems that might fall under the military agreement. “I desperately hope that Google’s leadership will rediscover its moral compass,” he concludes.

And the next patent will be about a controller, not actually being plugged into the console, but merely giving gamers the illusion of affecting the gameplay...

Ah, the good ol' revolving door politics

I don’t turn my face towards houses while I’m walking if I notice a doorbell camera

I do that haha... In all seriousness, I've recently quit my job as mailman, in part because of this. Year after year I saw the number of doorbell cameras increase, and so grew my discomfort of my job requiring me to expose myself, to these privacy-hostile situations. The worst case scenarios were semi-detached houses: since the doors to the paired addresses are right beside another. Between the entries there's often (decorative) separation, requiring some acrobatics to shortcut to the next address. If the second address would have a doorbell camera, while requiring me to sidestep between the obstructions, I could either: A) face the door and have my face right up to the camera, or B) turn my back to it and spin back into position. I did the latter, and I HATED having to adapt my seemingly simple job to this extend, just to protect my dignity.

The Netherlands technically requires a sign which indicates camera surveillance, besides having to direct cameras in such a way that they cannot capture the public sphere. But have a guess at how much enforcement there is in this regard...

Great, more hoops to jump thr... I mean... an "advanced flow", for gaining the privilege of installing apps of your choosing

One would almost start to think the lawyers were out for the settlement money...

So that's why Australia initially included GitHub, on the list of "social-media" platforms to be banned under 16?

“Benefiting private economic interests is absolutely one of the leading factors in creating these groups and organizations, and the public is all too happy to carry water for it,”

This sums up any of these private-public partnerships... Asset protection against primarily petty crime (while "shielding" behind terrorism), and increased camera-coverage at no cost to the taxpayer (to more efficiently treat symptoms, instead of recognizing problem causes: as to maintain the dysfunctional system, which disproportionately benefits a few). Respect to Albury for having a functional moral compass.

citing a warning given to parents that submitting a false statement of residency may be a felony.

Couldn't you send a letter to the address with a verification mechanism, instead of defaulting to inquiring mass-surveillance databases? And why are school districts investigating potential felonies to begin with, shouldn't that be handled by law enforcement?

This is the same as if I put a police officer on the side of the road with a pen and a notepad and he writes down every license plate number that drives by

The concept of collecting personal data, for the slim chance of becoming relevant in the future, should not be acceptable to anyone. If license plates are not directly relevant to an investigation, the officer, camera, or whatever else, shouldn't be logging it.