@darius I had assumed it's because QRs can do a lot more than visit URLs - send text messages, place a call, add a contact, link to an app, etc - and that a lot of folks don't expect that and it could be used for nefarious purposes if not careful, especially at a large scale with unexpecting folks. but, vague!