IN A NUTSHELL:
- Chrome extensions are to be designed to request access only to the data they actually need to operate;
- Changes will enter into force on October 15.
Google has decided to give an ultimatum to Chrome extension developers to make its browser more secure. Developers are supposed to change their work so that it reques access only to the data that is actually required for their work. Add-ons that do not conform to this standard will be removed from the Chrome Web Store platform. The company gave the creators time to October 15.
We’re requiring extensions to only request access to the least amount of data. While this has previously been encouraged of developers, now we’re making this a requirement for all extensions," reads a note on the Chromium blog.
The giant also wants the developers of extensions that deal with communication or user-created content to clearly communicate their privacy policies from October. It is noteworthy that this requirement already exists, but only applies to add-ons handling personal or private data. Google wants the rule to include more extensions in the future.
The discussed changes are part of the so-called Strobe Project, the basic ideas of which were presented in October last year. At that time the message was more moderate - now Google has shown its teeth.
- Google Chrome - official website