I agree with you in so far, that you would probably have 1000 times less users if you would cater to people like me.
But it still feels wrong to me. Instead of giving company A their email, you are suggesting people give company B full access to all their browsing data. The "Trust us we are the good guys" approach just does not click with me.
Understood, though just to be clear, email field identification happens client side, so we don't get your browsing history. More fundamentally though, we make a browser, and our privacy policy is to never create search or browsing histories.
I said you get access to peoples browsing data. Your extension can access everything on every page people visit. And can send that data eveywhere.
That you promise to behave well does not change that. It is the "Trust us" argument again. If we could trust companies, we could give them our real emails.
> If we could trust companies, we could give them our real emails.
I'm assuming you realize that there is more than one company, and that one can trust different companies to different extents. I trust DDG more than I trust most other companies. I trust DDG more than I trust Amazon, and I've given Amazon my email--a decision I sometimes regret!
If the approach DDG proposes would be to "Trust us with your email rather than company B", that would be a fair argument.
But DDG proposes "Trust us with all your browsing data, including your private emails, your bank statements, all your passwords, everything you read and write rather than manually type the temp email". To me that seems pretty extreme.
That is not exactly what they propose. That is, however, the proposition, because of the way browser makers bundle permissions.
I suggest that DDG proposes, "Trust us with access to many things, most of which we promise we won't even look at, none of which we will ever keep." Given that the extremeness is the result of browser makers, I think DDG has earned my trust. Your mileage may vary.
Right. The idea would be that users might not want that subset of functionality at all. In those cases, why not degrade gracefully?
"Why do you need my house keys to deliver mail?"
"So we can put packages inside the house in case it's raining hard and you are not at home."
"That's OK, I have a good porch and would rather you put everything not fitting in the mailbox there"
"Studies show that users prefer dry packages and may be concerned with theft. We need this in order to provide secure delivery in all conditions, take it or leave it"
Wouldn't that require making and maintaining separate versions of the app for every possible subset of permissions? That sounds like a nightmare not just for DDG but also for new users that have to figure out which version they need to install.
But it still feels wrong to me. Instead of giving company A their email, you are suggesting people give company B full access to all their browsing data. The "Trust us we are the good guys" approach just does not click with me.