[moron4hire]

This is one of the things that drives me nuts when hardcore privacy advocates start wading into browser feature discussions and complaining about things being used to fingerprint users.

I mean, can eye-tracking in a WebXR session be used to identify users? Yes, clearly that is a possibility. But will the addition of eye-tracking increase the identifiability of users? No, not in the least, because users are already identifiable by means that involve core browser features.

But frequently, the "privacy advocates" win and we're left with a web platform that has a lot of weird, missing functionally in comparison to native apps, pushing developers to either compromise on functionality or develop a native app. Compromising is bad for users. And developing a native app could can be bad for the developer, if one considers their existing investment in web technologies. Or both the developer and users, when one considers the vig that app stores charge, or the editorial control that app stores enforce over socially-controversial-yet-not-actually-illegal topics. Or just users when one considers the fact that the app stores just hand app developers a user identity without even making them work for it with fingerprinting.

And often, the voices that are loudest in defence of "privacy" are browser developers that also just so happen to be employed by said app store vendors.