Google Will Ban Chrome Extensions Oct. 15 That Break New Privacy Rules

Share

• Copy link
• Facebook
• X
• Reddit
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the Tom's Guide Newsletter

Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Daily (Mon-Sun)

Tom's Guide Daily

Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.

Signup +

Weekly on Thursday

Tom's AI Guide

Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!

Signup +

Weekly on Friday

Tom's iGuide

Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.

Signup +

Weekly on Monday

Tom's Streaming Guide

Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.

Signup +

---

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

Google doesn't have the best reputation when it comes to handling user data, but third-party Chrome extension developers are arguably even more insatiable. Unfortunately, the Chrome Web Store has a fairly lax attitude toward extension submissions, occasionally letting outright malware through. 

By Oct. 15, though, Google wants third-party extension developers to be crystal-clear about what information they want from users, and how they intend to safeguard that data. If developers don't comply, Google will remove their extensions from the store.

This information, part of Google's Project Strobe initiative, comes from Alexandre Blondin and Swagateeka Panigrahy writing today (July 24) on the official Chromium Blog. 

"We're requiring extensions to only request access to the least amount of data," the blog post explained. "We're requiring more extensions to post privacy policies."

MORE: How to Remove Extensions from Chrome

Google launched Project Strobe last year as a wide-reaching initiative to limit how much data third-party developers could extract from Android and Chrome users. (Google itself doesn't seem to be under similar restrictions.)

The company posted an advisory on May 30 that third-party developers for the Chrome Web Store would have to ease up on their permissions and be explicit about data collection in cases where that wasn't possible. Today's official posting announced the Oct. 15 deadline.

Privacy expansion

Developers now have to explain — in great detail, and available to the public — why their extensions require each permission they request.

Previously, Google required privacy policies only from apps that handled "personal and sensitive user data." 

While the company doesn't specify exactly what it means by that, it seems to include data like a user's name, location, email address, financial information and so forth. 

Google will now also require privacy policies from any app that handles "user-provided content and personal communications." This applies to data like photos, conversations and so forth.

Google further mandates that any app that handles sensitive data must transmit it "via modern cryptography." Exactly what Google means by this will probably vary on a case-by-case basis, but in theory, it should mean that an external attacker should find it much harder to access your data via a man-in-the-middle attack.

Comply or die

Developers have until Oct. 15 to comply with these demands; otherwise, Google will remove their extensions from the Chrome Web Store. 

It's not clear what will happen to extensions that have already been installed by users but fail to comply. The extensions might continue to work in limited forms, or they may cease to function entirely.

You don't really have to do anything special on your end. Just keep your version of Chrome up to date, and as always, be aware of what you install on your browser. 

The Chrome Web Store is probably about to get a lot safer, but there's no substitute for good old-fashioned common sense online.

• 40 Best Google Chrome Extensions
• Best Chrome Apps
• 15 Best Google Chrome Privacy Extensions