> under the conditions of it staying in its browser sandbox so
I consider fingerprinting my browser, by running programs and measuring the timings and characteristics of the browser to be a side-channel attack on the browser sandbox.
> Otherwise software has a right to monitor its own operation.
If websites would only "monitor its own operation", we would hardly have any discussion.
> if you think it's "malware" then just stop being a customer.
Easier said than done, when >90% of websites do this. Show me a mainstream corporations website, that work without Javascript. You can hardly pay for a train ticket and make an appointment to government services, without these crap.
Also there must be some rules what software vendors are allowed to do, since the average user can hardly reverse-engineer all the websites they (need to) visit. This is what regulations like GDPR try to enforce.
> and re the photography example, afaik model release forms work similarly in the EU and US, right?
It's not about contracting a model, it's about doing a random photoshot in public. People have the right to their own picture here, irregardless of who takes that picture and who posses it.
I consider fingerprinting my browser, by running programs and measuring the timings and characteristics of the browser to be a side-channel attack on the browser sandbox.
> Otherwise software has a right to monitor its own operation.
If websites would only "monitor its own operation", we would hardly have any discussion.
> if you think it's "malware" then just stop being a customer.
Easier said than done, when >90% of websites do this. Show me a mainstream corporations website, that work without Javascript. You can hardly pay for a train ticket and make an appointment to government services, without these crap.
Also there must be some rules what software vendors are allowed to do, since the average user can hardly reverse-engineer all the websites they (need to) visit. This is what regulations like GDPR try to enforce.
> and re the photography example, afaik model release forms work similarly in the EU and US, right?
It's not about contracting a model, it's about doing a random photoshot in public. People have the right to their own picture here, irregardless of who takes that picture and who posses it.