Tell HN: Installing Cursor on iOS irreversibly changes your privacy settings
2 days ago
Just hit this today and I'm furious. I installed the Cursor iOS app to see what it had.
I've been on `Privacy Mode (Legacy)` for a long time, which is the "Do not store my code" setting. A year or so ago they marked this as "Legacy" and hid it under a "Extra options" menu. They added a new Privacy Mode which is significantly more wishy-washy about what it might store - it includes a clause of "Code may be stored for Background Agents or Other Features", so I've never touched it or wanted to enable it.
pic: https://us1.discourse-cdn.com/cursor1/optimized/3X/0/9/09412f800cb07a713d13c034f40eaf28e165e8f4_2_1032x1000.jpeg
Upon installing and logging in to the iOS app, my account was changed to the softer Privacy Mode and the previous setting I was on has disappeared from all menus. I contacted support and they've said:
> Really sorry about this. When you set up the mobile app, the prompt to turn on Cloud Agents switched you from Privacy Mode (Legacy) to our current Privacy Mode,
> without making clear what that meant or that it's hard to undo. That wasn't right, and we're working on making that prompt clearer.
>> To be straight with you: I'm not able to switch your account back to Privacy Mode (Legacy). The option to move back isn't available in the app today.
So just a PSA I guess; do not install or set up the app if you want to keep your privacy settings.
I honestly don't understand how it's legal to make logging into the iOS app change your privacy settings at all. Making the option then disappear from all menus so you can't get it back is doubly ridiculous.
That support quote is from an LLM. If you have any escalation paths (twitter, or this thread lol) there may still be a way to change it back.
Hacker News front page remains the one true support channel for all larger tech companies. The official channels stonewall you, but HN reaches people who can actually help
> “That support quote is from an LLM…”
I don’t know what support calls their digital support systems (let’s call it “the script”), but that quote sounds very familiar—-support person following a script don’t have the access, or authority to effect change.
What’s more, if the old way is deprecated, the people with authority don’t want you to change back. There is no path to reverse the change in the hands of support.
Even if it was literally the case this is a chat response, I see no difference with most human-support CSRs.
That’s not how business is run these days—-at least that’s my experience with SaaS for small businesses.
Famous debacle cursor had with their LLM support a while back:
https://old.reddit.com/r/cursor/comments/1jyy5am/psa_cursor_...
(I work at Cursor) Sorry about this, we should have made this more clear. The new privacy mode is needed because we have to store some state to enable running agents in the cloud. If you don't want to use cloud agents, you can continue using the legacy privacy mode. Currently the mobile app requires this new privacy mode and won't work without it. We're pushing an update right now to make this more clear in app and can help you get reverted back to the legacy version on the support thread.
Hi leerob,
Where is the support thread?
I have ticket T-D95851 at the moment, if you could get someone to resolve it. I do not want to use cloud agents.
Thanks
zk
Will do. On it.
The mobile app is kind of pointless anyway, imo. It cannot start an agent session on your computer, it can only be "handed off" an existing session from your computer. I don't use Cloud Agents, because for some reason they can't connect to our Linear instance. So I was only interested in using the mobile app as a proxy for my home system.
It is surprising that they went this route instead of the Claude-code route. The cloud agents are significantly more limiting.
That's about the level of respect the tech industry has for users
Similarly, the Claude app for iOS tries to force you through a mandatory onboarding where you're required to set your account name among other things. I've never needed this to use the CLI or the web app so I have no idea why they think they need it on iOS. There's seemingly no way to bypass this, so on iOS I've had to use Claude in Safari. Ridiculous.
> I honestly don't understand how it's legal
The legality is irrelevant since as consumers we don't have the time or the money to sue them for it. And even if one of us somehow do have both, we probably agreed to binding arbitration with the firm they pay anyway.
Wow - same happened to me earlier today and was bummed. Glad to see a public place to flag this.
Yeah fell into the same trap. Super annoying
Happened to me too, incredibly dark pattern
I've been trying the iOS app today and its missing all of my active sessions from my laptop but has tons of old, no longer valuable sessions. And I enabled every 'show X' option/filter. Hope the app improves.
This bait-and-switch with privacy is what annoys me. I get that if the software was completely free, you are the product. But if I'm paying, why can I not have a privacy policy that actually benefits me - the user?
Your payment is just a signal that you've got disposable income. You're paying to make yourself an even more valuable product for them to sell.
You're probably not paying nearly enough? IDK, but pricing in tech is stretched on both ends (either way too cheap, or incredibly expensive) so much that it's hard to say anything for sure just because one is a "paying customer".
> You're probably not paying nearly enough?
What are the real prices then? What is the “privacy price”?
2 replies →
Fair point. I'd add on that the company should explicitly spell out strong privacy as a feature then and charge more. Saying that "we won't use your data for training", but then not really meaning it is a bit disingenuous. How I interpret that statement may not necessarily align with the company (i.e., what kind of training?).
Did LLM companies pay everyone for the code and text they stole?
1 reply →
For folks are looking for an open source alternative that respects your privacy, see Paseo (disclaimer: I am the maintainer)
Right now, all large-model companies are competing to attract users. There’s no time to stop and consider user security and needs, lol.
[flagged]
[dead]
[dead]
[dead]
[dead]
Elon’s invisible hand strikes again.
The company was acquired days ago. You think this was implemented since then?
That company has always been garbage.
surprise! the ai companies that stole every conceivable copywritten work to train their models doesn't want you to be able to have any privacy either.
But they sure seem awfully worried about other companies distilling their models. The irony is rich.
I suspect that while they prefer you to give up all your data, what's even more likely is they are moving fast and breaking things at a rate unseen before, and not enough conversation is happening in design phases where someone can flag that "Hey if you add this new prompt it might break an important user contract you forgot about."
In either case annoying still.
just another line in the context. 'Make sure the customers have at least the same level of privacy protection that they currently have.'