In the context of its “Project Strobe”, Google is banishing Chrome extensions that don’t respect user privacy from its web store. More specifically, they will now only allow extensions that request access to only the specific data they need to operate and the absolute minimum amount of this information that won’t have an adverse effect on the delivery of the extension’s service. Moreover, all extensions will now have to clearly formulate and publish their privacy policies, including how they handle personal communications and user-provided content. All extension developers will have to comply with the new and stricter requirements until October 15, 2019, otherwise, they’ll see their software getting kicked out of the Chrome Web Store.
Google advises developers to switch their current permissions with alternatives that are more narrowly scoped, as they will now have to provide a justification for the inclusion of all of the declared permissions. To help avoid silent updates that introduce changes in the user data handling functionality, Google will only permit the submission of new permissions with a new version number for the Chrome extension. For add-ons that concern chats, or hold sensitive content that is uploaded by the user, the developers will now be obliged to implement some form of an encrypted transmission layer so as to minimize the risk of having this data compromised.
As Techradar points out, while Google was planning these changes since last October, the fact that the tech giant pushes for a more imminent implementation isn’t a coincidence. Recent revelations by security researcher Sam Jadali have exposed the malicious user data collecting and selling activities of Hover Zoom, SpeakIt!, SuperZoom, PanelMeasurement, FairShare Unlock, SaveFrom.net Helper, and various other Chrome extensions. Reports such as the one that came by Jadali can often result in hefty fines for Google, as they are held liable for checking and approving the apps and extensions that go into their store. That said, Google wants to define a much stricter context for what browser extensions are allowed to have access to, and enjoy a relative peace of mind. For us users, this is excellent news.
What do you think about the above? Share your thoughts with us in the comments down below, or join the discussions on our socials, on Facebook and Twitter.