Google has confirmed plans to eliminate Chrome extensions that steal too much of your data.
Its new policy, which goes into effect on October 15, no longer allows extensions to freely collect browsing activity. Those that do must be transparent in how they use it, and transmit it securely.
Google first confirmed its crackdown on Chrome extensions back in May. It is targeting those that abuse your personal information by collecting as much as they can and doing whatever they like with it.
New Minimum Permission and updated User Data policies enforce tougher rules for third-party developers. Any extensions that don’t comply with those rules after October 15 will be killed.
Google steps up Chrome security
Google now requires that extensions only request access to the least amount of data. This was previously encouraged, but under the new rules, it is mandatory for all extensions.
Google also has tighter rules surrounding what extensions do with the data they can collect. That includes posting privacy policies, and being transparent about what they will do with your data.
Developers are now being urged to review their current extensions’ permissions and update them to be “more narrowly scoped.” They must also include reasons for why any permissions are required.
Extensions that do collect user-provided content and personal communications must transit it via modern cryptography methods to ensure it is secure.
Violators will be eliminated
“After October 15, 2019, items that violate these updates to the User Data policy will be removed or rejected from the Web Store,” Google explains.
The only way for extensions to be reinstated after removal is if they become compliant with Google’s new policies.
This is all part of Project Strobe, which Google implemented last October. Its mission is to improve security and user privacy by reviewing third-party developer access to your data.
It’s great news for anyone who uses a Google product, including Gmail, Drive, and Android devices.