I wonder what people think about session replay, ethically. Is it okay to do? Do you think visitors should be informed about it? Would you use a website differently if there was a big red banner saying your cursor movements and viewport are being livestreamed to HQ?
Genuinely curious, because it's not something I think most people are aware of when they browse the web.
I've worked on such a product for ~8 years (one of the most widely adopted ones) and find that most of these sessions are used in practice to fix bugs or improve UX by such a vast majority that even if there's some voyeuristic aspect I don't think it's super important to care about. The product I worked on made no effort to try and bypass ad blockers or browser settings like DNT, and a lot of sophisticated users wouldn't be recorded anyway due to those settings. We didn't even do any fingerprinting and auto-masked all fields. Overall it was less privacy invading than walking in a shop while being recorded by a security camera in my opinion. I don't work in this field anymore but would do it again.
> Genuinely curious, because it's not something I think most people are aware of when they browse the web.
And to be honest, they shouldn't need to be. Browsers shouldn't be app hosts unless the user wants them to be.