@BeAware You're right about the EU. But there's a maze of other privacy regulations to navigate. For example in California there's CCPA. Plus there's still a lot of legal ground to map out with posts being propagated and copied across a decentralized set of servers around the world. It's the kind of thing that drives legal departments crazy. It takes a certain amount of courage/commitment to ship a product in this environment given the potential for liability. I need to learn more about Authorized Fetch to say how much of a solution this is or isn't.
Side thread: as far as I can tell regulations like GDPR and CCPA have had limited value to consumers while being incredibly costly to implement for smaller publishers and making the whole web experience painful with yet more popups. These well intentioned regulations are making the big guys who can afford to do all this stuff stronger while making the small guys weaker and at greater risk. Ugh.