Google Chrome Sync Automatically Login Users Is A Major Privacy Issue

• A recent change to Google Chrome causes users to be connected to Google Sync whenever they visit a Google website.
• The feature was added on Google 69 but was not announced clearly to users.
• Chrome Sync was an independent feature prior to the update.

Google Users have been left fuming after the tech giant made a change to how the latest version of Chrome (version 69) works without informing users about the changes. With the latest update whenever you access any Google-owned website, the browser will collect your account’s Google ID and connect it to Chrome Sync.

Many users are reporting that the system allows users to log in using their Google accounts to Chrome sync and synchronize browser data without any privacy prompts coming up. Prior to the change, Google allowed users to use Chrome independently and not upload any browser data if they chose not to. However, with the latest change going live with auto-login, users have become unhappy.

Hi all, I want to share more info about recent changes to Chrome sign-in. Chrome desktop now tells you that you're "signed in" whenever you're signed in to a Google website. This does NOT mean that Chrome is automatically sending your browsing history to your Google account! 1/

— Adriana Porter Felt (@__apf__) September 24, 2018

The new change directly sends all private traffic to Google’s servers which many privacy-minded users do not want. Google has been previously accused of practices that breach user privacy and their inclination to hide privacy features deep inside settings menus have been long criticized.

Google revealed that the latest change to Chrome was implemented for privacy reasons. The mechanism was added to protect private data from being misused in shared systems. With multiple users getting access to the same browser, any user logging in with Chrome Sync enabled would cause the data of all users who used the shared computer to be uploaded to Google’s servers. Despite the tech giant’s move being completely logical, the browser should have notified users before enabling the feature by default.

The feature went live on September 5, and most users are unaware of the new change. With data leaks and breaches on the rise, users are on high alert and are concerned careful about how their data is handled. Currently, Google has not offered a resolution to revert the change or disable the feature by default. But there is a way, go to chrome://flags//#account-consistency and set it to disabled as it was pointed out by The InfoSec Dragon.

you can go to chrome://flags//#account-consistency
then set it to disabled.

You have to go looking in the experimental flags section and it's only on desktop(so it's only an opt out for technical people who know what to do when they get to the flags page).

— InfoSecDragon (@infosecdragon) September 24, 2018

What do you think about the recent changes made by Google? Let us know in the comments below. And also, don’t forget to follow us on Facebook and Twitter. Thanks!