Security News > 2020 > November > Google forces devs to reveal Chrome extensions’ data use, privacy practices
Starting January 2021, developers of Chrome extensions will have to certify their data use and privacy practices and provide information about the data collected by the extension(s), "In clear and easy to understand language," in the extension's detail page in the Chrome Web Store.
"You'll need to provide information about your app's privacy practices, including the practices of third-party partners whose code you integrate into your app, in App Store Connect," Apple told app developers.
Now Google is forcing developers to provide similar information for Chrome extension and, at the same time, the company is updating its developer policy to limit what extension developers can do with the data they collect.
If developers fail to provide data privacy disclosures and to certify they comply with the Limited Use policy, starting with January 18, 2021, their listing on the Chrome Web Store will say that the publisher has not provided any information about the collection or usage of user data.
Does Google check whether extension developers were truthful when they "Certified" their data use practices? Google doesn't say, but the answer is likely no, as the task would be massive and the claims difficult to confirm at that scale.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/8yHPW7TkxIY/
Related news
- Google to let businesses create curated Chrome Web Stores for extensions (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- New tool bypasses Google Chrome’s new cookie encryption system (source)
- Google on scaling differential privacy across nearly three billion devices (source)
- Google says “Enhanced protection” feature in Chrome now uses AI (source)