I've been following both the Battery API and Embedded Browser API
discussions and the idea of a "privileged app" has been repeated several
times. Creating stunted APIs is not the solution to privacy concerns - it
will only doom the web to be a less capable platform and native apps will
win. Nail in coffin. Game over.
Perhaps if the focus was less on "how to choke this API into a state of
complete uselessness", why not simplify the design process and put the
decision in the user's hand...
"This app would like to access your device's Battery information. No
personal or private information will be used" (Yes,No)
"This app would like to embed a web browser. No personal or private
information will be used" (Yes,No)
Geolocation and WebRTC are already doing this - so there is a precedent.
Millions of users see things like this every day when they "Login in using