Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

New Google Chrome extension rules limit access to personal data

Google has announced a clampdown on third-party Chrome extensions in an effort to protect users’ privacy. As part of its Project Strobe initiative, Google is placing new permissions restrictions on developers to ensure they only request the user data their extension actually needs to serve its purpose.

Also, if a task can be accomplished via more than one one stated ‘permission’ the developer must select the route that requires the least amount of personal data from the Chrome user.

In a blog post on Thursday, Google’s Ben Smith explained the new policy, which is rolling out to the Chrome Web Store this summer. Previously, this had been considered best practice, but now Google is making it mandatory. Apps that fail to comply facing removal from the store and being disabled within Chrome.

“We’re requiring extensions to only request access to the appropriate data needed to implement their features,” the Google Fellow and VP of engineering writes. “If there is more than one permission that could be used to implement a feature, developers must use the permission with access to the least amount of data. While this has always been encouraged of developers, now we’re making this a requirement for all extensions.”

Related: Best free antivirus software 2019

Smith also says more developers of Chrome extensions will be required to post their privacy polices explaining how they handle user-provided content. The firm is also tightening up the Google Drive API by limiting “apps that use Google Drive APIs from broadly accessing content or data in Drive.”

Google says new Project Strobe policies implemented across Android have resulted in a 98% reduction in the number of third-party apps that have access to SMS and Call Log permissions, and it’s hoping the Chrome extensions changes will have a similar effect.

Smith adds: “Third-party apps and websites create services that millions of people use to get things done and customize their online experience. To make this ecosystem successful, people need to be confident their data is secure, and developers need clear rules of the road.”

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.

Trusted Reviews Logo

Sign up to our newsletter

Get the best of Trusted Reviews delivered right to your inbox.

This is a test error message with some extra words