Also generic sensors doesn't give you raw access to the sensors - which it sounds like in the std position. Lots of restrictions in place on when you have access, restrictions of frequency etc. This is much better than the existing API shipped by Moz

"permission prompts confuse users" I'd like to see the supporting evidence here, and I'm not being antagonistic, I honestly want to know more about this. I also wonder if this will still be true now that Apple is going consent-everything on the iPhone.

"This web app would like to access your device's accelerometer to _____. Accelerometers measure movement, motion and vibration." [ Allow? ] [ Disallow ]

Does that explain that if you leave the accelerometer on while you walk around a city, the app could tell what route you took by matching it to maps?

Or that if the accelerometer is enabled while showing you videos of people you might find attractive, the app could probably figure out your sexual preferences/orientation?

Is that necessary though? Can't one limit the accelerometer data only when the app is in use? Aren't android/ios moving toward that direction (permissions that are granted while the app is in use)?

That probably fixes most cases of the first attack I mentioned, but doesn't do anything to alleviate the second.

An app would choose to put in front of a user an invasive permission so that it can use the accelerometer data to correlate your sexual preferences while you look at pictures? You are probably right generally speaking, I believe you, but this specific scenario is absurd.