[asow92]

Apple may revoke my certificate whenever it’s abused beyond its intended purpose. Hell, they could go further than that and only allow pasteboard access without a prompt iff the data matches a certain predicate that they approve. That would be fine by me.

[gls2ro]

Revoking the certificate _after_ an app developer already gathered and sold PI is a good action. But it is reactive. The user damage is already done.

But trying to deter such app developer to gather as much PI as possible is even better as it is preventive.

[asow92]

Honestly, I’d prefer if we didn’t need the paste prompt all together. I just want a way to universal link into my app on the very first launch. The pasteboard and fingerprinting gave us that, but apple has given us no feasible alternative.

This is like chrome saying you can’t go to anything other than the root path of a site the first time you go there.

[ImPostingOnHN]

the same goes for punishing criminals, but the idea of pre-crime is worse

[eropple]

Punishing criminals before they offend and setting clear boundaries beyond which you need user permission to act? Totally the same thing.

[ImPostingOnHN]

requiring people to prove their innocence or requiring people to prove their innocence?

totally different things.

[eropple]

Requiring a user to agree to what an application wants to do isn't a requirement to prove innocence. It's a requirement to obtain consent that is verifiable by the operating system in which the user has placed trust.

Why is the open and clear obtaining of consent so clearly anathema throughout this thread?