I understand that some users are alright giving their browsing history to ISPs (it does, even with TLS 1.3 and DoH and so-on due to correlation but it's out of place here) but this is HN where I would believe that most have very basic security principles applied and we are also talking about tech, so it's relevant (VPN isn't for privacy, it's for basic security, it's unsafe to let ISPs resell history with identity attached).

If we don't point it out, how can we expect a change and respect users that don't want to be KYCed when browsing a website?