Does not explain what the costs of restricting fraud are

[workingjubilee]

This proposal assumes that fraud is something you should prevent!

However, if a website is malicious, defrauding it is of no moral consequence, and indeed, failing to lie to it is possibly more negative of an experience. Meanwhile, a malicious website has no incentive to e.g. use the attestation but not also still try to do its own kind of fingerprinting on the side. This proposal seems to be all carrot and no stick: If I am malicious, why should I not just eat the carrot, and then go on to drink your wine and be merry anyways?

One can assume users would simply try to avoid using a malicious website, but it's very possible for a well-heeled attacker to compromise a website via perfectly legal means and retain a useful website. For instance, one could buy out the website's owner and retain some functionality that users perceive as valuable on that website, but increasingly attack their privacy (and perhaps sanity...) as a means of recouping the investment, dragging out the erosion of the good over time and maximizing extracted profit. Similar issues are fairly common problem with installed apps or even extensions, too, since those often automatically deploy (fairly trusted!) updates, and the permissions often aren't so fine grained that what was reasonable to grant today never becomes a problem tomorrow.