xorg letting a malicious program to record keys is not a security issue, its a weakness
having that malicious program on the system, thats the security issue
if you are implementing a display protocol that aims to replace the xorg, the focus should be compatibility not fixing security weaknesses especially if you dont have any better solutions, and wayland does not have a better solution for global keys, compositors are just implenting it on their own hacky way
i agree, i feel like all these companies and goverments are using “protecting children” bs to censor the internet and violate privacy rights
if you are an adult and you give your kids unrestricted internet access it is your fault if they see any nsfw/l content, neither goverment nor the company providing this content should be responsible for it, as an adult it is your responsibility to keep your kids safe PERIOD