(1) Offer a solution which exacerbates bot-traffic on the internet, (2) legitimize the need for verification of users as a result, (3) offer the most privacy-invasive “solution” to the “problem” imaginable: problem(1)-reaction(2)-solution(3)… every parasite’s favorite paradigm :)

I would say the feature is quite easily avoidable, as it only seems to require one manual visit, for it to show in the suggestions; which I believe are sorted based on interactions with pages (so just interact more with pages, you want to be suggested more strongly). I would personally advise against using the feature, primarily because it ties all browsers, on multiple separate devices, to a common Mozilla account. So why broaden your attack surface, for advantages easily reproduced manually? Is the little bit of added convenience, worth the (potential) trade-off?

I’m a European, and yet I wrote this; but I would agree many people (regardless of whether or not European) have progressively been accustomed, to having their personal identify tied to their devices (often for the sake of convenience, or out of necessity: the uncalled-for Two Factor Authentication (2FA) applications, for accessing government or work-related services, being an example), and I’ve not been an exception to that rule.

For me these were limited to applications, typically where a higher degree of security is expected: banking applications, the before mentioned 2FA applications, government mailbox applications, etc. But I’ve also once sent, a nearly fully redacted copy of my driver’s license to YouTube, in order to listen to music with naughty artwork (which I already believed to be ridiculous at the time, but gave into nevertheless).

Currently I would never let such applications near devices for general use, and it wouldn’t even cross my mind, to ever send any signal that signifies I’m not, in fact, a child, and shouldn’t be treated as such; ultimately so abusive services are green-lit to surveil me as an adult, instead of having to be more conservative (as data collection on children is typically more strict: for whatever reason… instead of people, regardless of age, being treated with dignity).

So no, not everybody has applications on their device, which link to, or directly store one’s personal identity. I rarely have to interact with financial or government services, and have zero interest, in being required to do so in order to access “age-restricted” content online. I like my pseudo-anonymity, and do not at all, trust a government application, which links this pseudo-anonymous activity to my personal identity.

Welp, this was bound to happen, wasn’t it? I’m pretty sure they’re referring to this application, which I stumbled upon a while back. If I remember correctly, the app “allows” (or implicitly forces) the user to store a government issued identity: able to attest to an age-restricted website, whether or not the user is of age.

It does this, supposedly by “just” sharing an age-bracket with the website; but here’s the kicker: the Union, in its generosity, has granted their citizens an in-app option, to withdraw this signal from the websites it has been provided to. What this means in practice, is the app storing one’s government-issued identify, also ties back to every account requiring “age-verification”…

So now, every device containing the app, has the owner’s government-issued identify on it, together with connections to every age-restricted service. And considering the apps are maintained by the Union, or member states (through their own implementations), creating a backdoor to the application’s contents… I mean to “observe app usage”, would be absolutely trivial.

Again, I’ve read it a while back, so some things might’ve changed, and my memory might be spotty; but I’m quite sure it’s along the lines I’ve described.

Welp, this was bound to happen, wasn’t it? I’m pretty sure they’re referring to this application, which I stumbled upon a while back. If I remember correctly, the app “allows” (or implicitly forces) the user to store a government issued identity: able to attest to an age-restricted website, whether or not the user is of age.

It does this, supposedly by “just” sharing an age-bracket with the website; but here’s the kicker: the Union, in its generosity, has granted their citizens an in-app option, to withdraw this signal from the websites it has been provided to. What this means in practice, is the app storing one’s government-issued identify, also ties back to every account requiring “age-verification”…

So now, every device containing the app, has the owner’s government-issued identify on it, together with connections to every age-restricted service. And considering the apps are maintained by the Union, or member states (through their own implementations), creating a backdoor to the application’s contents… I mean to “observe app usage”, would be absolutely trivial.

Again, I’ve read it a while back, so some things might’ve changed, and my memory might be spotty; but I’m quite sure it’s along the lines I’ve described.

Generally the rule of thumb is: if a service (including one focused on privacy and/or security) actively advertises itself (which Proton does a lot: especially through content creator sponsor-deals), be extremely wary. I was once also considering migrating to Proton, but luckily tried integrating the account into Thunderbird first; which led me to second-guess Proton’s intentions. It really didn’t sit well with me, they’re baiting users into (over-)committing to their service, encrypt their (primary) mailbox’s contents, and as a result paywall the process of data-migration (including to third-party email clients).

I instead went with a humble Disroot mailbox (I make a yearly donation to), and use fully separate Proton addresses as effective aliases: as I’m not interested in them being associated to my personal email anyway. Other than that, I’ve simply integrated all email accounts (I care about) into Thunderbird. For the big-tech accounts, I’ve backed-up their contents in Thunderbird, re-imported them locally (to be able to search them), and deleted all contents from the servers. I’ve changed the email of more important services to the Disroot account, and listen for any others I might’ve forgotten, on the empty big-tech accounts (which rarely receive anything).

For password managers I’ve always used KeePassXC: synced across devices by having the (encrypted) database on Google Drive, and later synced locally using Syncthing. The KeePassXC-Browser extension does the filling on the browser, and I’ve always used Keepass2Android for mobile (through the keyboard). Nowadays I just use my laptop for anything requiring login, and rarely use secondary (mobile) devices to begin with: eliminating the need for cross-device syncing altogether. The KeePass database lives on my secondary hard drive, and make sure to create backups periodically (which also goes for Thunderbird contents).

Limiting the services you depend upon also helps tremendously, so that even if all passwords are lost, you rarely feel affected. I’m confident I could lose 99% of my passwords, and wouldn’t care whatsoever. In fact, I’ve effectively been through that process already (when changing all recursive passwords to stronger, unique ones: through the “forgot your password?” fields), and could easily do it for important services once more. The most valuable piece of advice I could give, is to identify the important parts, and start from there. If you care enough for the emails effectively held ransom by Proton, perhaps configure the bridge once and extract the data; never to return.