Right, I was just confused by your use of the word honeypot.

“keylogger mode” is optional, and to my understanding, you always see a visual indicator in the text area.

it doesn’t take every input as far as I know, and security firms don’t consider it a threat.

but point taken, it’s not for people with privacy concerns.

It installs itself as an accessibility tool, which requires special user permissions. With these permissions, it sees literally every keystroke you make (except, in some cases on some OSs, system password prompts). The visual indicator is just their UI.

Regarding "honeypot" -- that's also what a honeypot is. They provide a service you want, then collect data. We have to take their word that they're only using this data to train their AI (which, btw, they are upfront about -- they log everything and feed it into their training. it's in their TOS).

Isn’t a honeypot some decoy website / service / whatever that presents itself as legit, and then once you register / interact with it you’re caught in whatever they want to do?

Eg FBI putting up fake “buy drugs online” sites and logging your info once you place the (fake) order.

It is deception, but it doesn't have to be decoy or fraudulent. It could actually provide the service or deliver goods. The point is that the operator isn't running it for the reason they say they are, but rather to gather info or whatever. Specifically in cyber defense a honeypot is sometimes a fake server that serves as an intrusion detection alarm, but that's actually the odd one out when you look at how the term is used more broadly.