Tell HN: Installing Cursor on iOS irreversibly changes your privacy settings

Just hit this today and I'm furious. I installed the Cursor iOS app to see what it had.

I've been on `Privacy Mode (Legacy)` for a long time, which is the "Do not store my code" setting. A year or so ago they marked this as "Legacy" and hid it under a "Extra options" menu. They added a new Privacy Mode which is significantly more wishy-washy about what it might store - it includes a clause of "Code may be stored for Background Agents or Other Features", so I've never touched it or wanted to enable it.

pic: https://us1.discourse-cdn.com/cursor1/optimized/3X/0/9/09412f800cb07a713d13c034f40eaf28e165e8f4_2_1032x1000.jpeg

Upon installing and logging in to the iOS app, my account was changed to the softer Privacy Mode and the previous setting I was on has disappeared from all menus. I contacted support and they've said:

> Really sorry about this. When you set up the mobile app, the prompt to turn on Cloud Agents switched you from Privacy Mode (Legacy) to our current Privacy Mode,

> without making clear what that meant or that it's hard to undo. That wasn't right, and we're working on making that prompt clearer.

>

> To be straight with you: I'm not able to switch your account back to Privacy Mode (Legacy). The option to move back isn't available in the app today.

So just a PSA I guess; do not install or set up the app if you want to keep your privacy settings.

I honestly don't understand how it's legal to make logging into the iOS app change your privacy settings at all. Making the option then disappear from all menus so you can't get it back is doubly ridiculous.

199 points | by zkldi 5 hours ago

14 comments

  • leerob 23 minutes ago
    (I work at Cursor) Sorry about this, we should have made this more clear. The new privacy mode is needed because we have to store some state to enable running agents in the cloud. If you don't want to use cloud agents, you can continue using the legacy privacy mode. Currently the mobile app requires this new privacy mode and won't work without it. We're pushing an update right now to make this more clear in app and can help you get reverted back to the legacy version on the support thread.
  • soared 4 hours ago
    That support quote is from an LLM. If you have any escalation paths (twitter, or this thread lol) there may still be a way to change it back.
    [-]
  • jmuguy 4 hours ago
    The mobile app is kind of pointless anyway, imo. It cannot start an agent session on your computer, it can only be "handed off" an existing session from your computer. I don't use Cloud Agents, because for some reason they can't connect to our Linear instance. So I was only interested in using the mobile app as a proxy for my home system.
    [-]
    • LatticeAnimal 4 hours ago
      It is surprising that they went this route instead of the Claude-code route. The cloud agents are significantly more limiting.
  • conartist6 5 hours ago
    That's about the level of respect the tech industry has for users
  • sbmsr 4 hours ago
    Wow - same happened to me earlier today and was bummed. Glad to see a public place to flag this.
  • HeyMeco 5 hours ago
    Yeah fell into the same trap. Super annoying
  • matheusmoreira 2 hours ago
    > I honestly don't understand how it's legal

    The legality is irrelevant since as consumers we don't have the time or the money to sue them for it. And even if one of us somehow do have both, we probably agreed to binding arbitration with the firm they pay anyway.

  • boudra 3 hours ago
    For folks are looking for an open source alternative that respects your privacy, see Paseo (disclaimer: I am the maintainer)
  • jklm 4 hours ago
    Happened to me too, incredibly dark pattern
  • cmdrmac 5 hours ago
    This bait-and-switch with privacy is what annoys me. I get that if the software was completely free, you are the product. But if I'm paying, why can I not have a privacy policy that actually benefits me - the user?
    [-]
    • matheusmoreira 2 hours ago
      Your payment is just a signal that you've got disposable income. You're paying to make yourself an even more valuable product for them to sell.
    • klibertp 4 hours ago
      You're probably not paying nearly enough? IDK, but pricing in tech is stretched on both ends (either way too cheap, or incredibly expensive) so much that it's hard to say anything for sure just because one is a "paying customer".
      [-]
      • throw1234567891 3 hours ago
        > You're probably not paying nearly enough?

        What are the real prices then? What is the “privacy price”?

        [-]
      • cmdrmac 2 hours ago
        Fair point. I'd add on that the company should explicitly spell out strong privacy as a feature then and charge more. Saying that "we won't use your data for training", but then not really meaning it is a bit disingenuous. How I interpret that statement may not necessarily align with the company (i.e., what kind of training?).
      • sunaookami 2 hours ago
        Did LLM companies pay everyone for the code and text they stole?
        [-]
        • matheusmoreira 2 hours ago
          No, they just reached some absurd token settlements that made a mockery of all other copyright enforcement victims.

          One would think dozens of SWAT officers would rappel down helicopters and storm the mansions of these big tech CEOs in order to bring them out in cuffs and serve zillion dollar fines on behalf of the so called rights holders. Kim Dotcom got destroyed while AI companies got a slap on the wrist.

  • LoganDark 5 hours ago
    Similarly, the Claude app for iOS tries to force you through a mandatory onboarding where you're required to set your account name among other things. I've never needed this to use the CLI or the web app so I have no idea why they think they need it on iOS. There's seemingly no way to bypass this, so on iOS I've had to use Claude in Safari. Ridiculous.
  • sleepybrett 5 hours ago
    surprise! the ai companies that stole every conceivable copywritten work to train their models doesn't want you to be able to have any privacy either.
    [-]
    • doublescoop 3 hours ago
      But they sure seem awfully worried about other companies distilling their models. The irony is rich.
    • dbalatero 4 hours ago
      I suspect that while they prefer you to give up all your data, what's even more likely is they are moving fast and breaking things at a rate unseen before, and not enough conversation is happening in design phases where someone can flag that "Hey if you add this new prompt it might break an important user contract you forgot about."

      In either case annoying still.

      [-]
      • sleepybrett 4 hours ago
        just another line in the context. 'Make sure the customers have at least the same level of privacy protection that they currently have.'
  • Mona1 2 hours ago
    [dead]
  • rekttrader 4 hours ago
    Elon’s invisible hand strikes again.
    [-]
    • MetaWhirledPeas 3 hours ago
      The company was acquired days ago. You think this was implemented since then?
      [-]