The recaptcha thing is because with a lot of off-the-peg form scripts
Not quite correct.. The overall purpose is to steal data for google's
slurpservers. It's sold as a solution to spamming, but there's much simpler quicker and far far easier ways to do it that don't involve massive security/privacy risks for the users.
Almost wishing I was in Europe as I'd be firing off whatever stuff you do under GDPR for any and every site that insists on using 3rd party scripts.
Just waiting for the changes to NZ's privacy law to finish, then will have some fun being a right bastard to many. Have already started doing it with sites I am dealing with on a regular basis (well, giving them a headsup something like that might be coming anyway)