Security News > 2020 > November > Google forces devs to reveal Chrome extensions’ data use, privacy practices

Starting January 2021, developers of Chrome extensions will have to certify their data use and privacy practices and provide information about the data collected by the extension(s), "In clear and easy to understand language," in the extension's detail page in the Chrome Web Store.
"You'll need to provide information about your app's privacy practices, including the practices of third-party partners whose code you integrate into your app, in App Store Connect," Apple told app developers.
Now Google is forcing developers to provide similar information for Chrome extension and, at the same time, the company is updating its developer policy to limit what extension developers can do with the data they collect.
If developers fail to provide data privacy disclosures and to certify they comply with the Limited Use policy, starting with January 18, 2021, their listing on the Chrome Web Store will say that the publisher has not provided any information about the collection or usage of user data.
Does Google check whether extension developers were truthful when they "Certified" their data use practices? Google doesn't say, but the answer is likely no, as the task would be massive and the claims difficult to confirm at that scale.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/8yHPW7TkxIY/
Related news
- Google Cuts Off uBlock Origin on Chrome as Firefox Stands Firm on Ad Blockers (source)
- Google fixes Chrome zero-day exploited in espionage campaign (source)
- Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Chrome 136 fixes 20-year browser history privacy risk (source)
- RIP, Google Privacy Sandbox (source)
- Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito (source)