While Google asserts that the API would primarily combat social media fake engagement, non-human traffic, phishing campaigns, bulk hijacking attempts, and other malicious activities, many internet users are voicing concerns about the potential implications of this proposal. Critics argue that the proposal could effectively introduce a form of digital rights management (DRM) to websites, potentially limiting users’ freedom and control over their web experiences.
The Android Play Integrity API, which already performs similar device checks to prevent access from rooted devices, serves as an example of how such verification mechanisms can be implemented. However, some fear that expanding this approach to the broader web ecosystem could lead to unwarranted restrictions and privacy concerns.
