[lawrenceyan]

Only if the user doesn't understand how cryptographic signing and verification works. Otherwise, they'll know that doing things this ways actually creates stronger guarantees of privacy than what previously was done.

[josteink]

But now Google gets to track my requests where they previously couldn’t, because my request goes to their server.

That’s a massive loss of privacy right there. How is that even debatable?

Also given how Google works, I think it’s reasonable to assume that enabling this additional Google-tracking was the primary intention behind AMP.

[lawrenceyan]

Once they've been encrypted, it's all just gibberish to the intermediaries. If you truly do see this as a massive loss of privacy, then why are you not outraged at Comcast and others that regularly act as middlemen with your encrypted data today?

[josteink]

They see the URL I’m requesting. It’s trivial for them to request that same content.

My isp cannot do that because the url is part of an encrypted transfer, but a transfer google now has allowed themselves to snoop into.