Google moves to implement stronger privacy controls for Chrome and Drive
Google LLC is taking steps to regulate more closely how external services access user data in Chrome and Google Drive.
Ben Smith, the company’s vice president of engineering, today detailed a set of new privacy policies that will roll out for the applications early next year.
The most broad-reaching of the rules are set to focus on Chrome. Google is looking to tighten up how user data is processed by outside browser extensions, which can be found in nearly half of all desktop Chrome installations.
Extensions have to ask users’ permission to access information such as their location. As part of the change, Google will introduce a requirement for developers to request only the minimum amount of data necessary to support their services. An email spell checking add-on, for instance, would will not be allowed to scan text in the user’s clipboard or view their contacts.
Google is also looking to improve extension transparency. Currently, only developers whose add-ons process “personal and sensitive” details are required to disclose how they use the information. With the change, all Chrome extensions that process user-provided content or personal communications will have to provide a overview of what data they collect and what they use it for.
Google is rolling out the policies as part of Project Strobe, an initiative launched last year to enhance privacy across its services. In parallel, the company is also working on Manifest v3, a separate project to improve Chrome’s data controls and speed that has stirred controversy among developers. The criticism centers on Google’s plan to place significant limits on the webRequest API, the component that ad blockers such as uBlock Origin use to filter unwanted website elements.
Some developers have argued that the update could hamstring or outright disable certain services. But despite the criticism, Google disclosed in a forum post spotted today by CNET that it nonetheless plans to implement the change, albeit with somewhat laxer limits and an exception for enterprise users. Justin Schuh, Google’s head of Chrome security, pushed back against claims that change is meant to curtail ad blockers.
The browser isn’t the only focus of Google’s privacy efforts. Alongside the new extension policies, the company today said that it will place additional data restrictions on services that users connect to their Google Drive accounts.
The cloud storage platform currently gives authorized external applications fairly wide access to files and folders. When the changes go into effect next year, most services will be restricted to interacting only with the specific files relevant to their designated task, while products that need broader permissions will have to be approved by Google.
Photo: Thomas Hawk
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU