In 80 Days, Google Will Require Chrome Extensions To Request 'The Least Amount of Data'

"Google is giving Chrome extension makers until October 15 to minimize the amount of data they collect during browser sessions or face expulsion from the Chrome Web Store," reports PC Magazine: The change addresses how the extensions generally need to request certain permissions from your browser in order to function. However, some of these permissions can be pretty powerful; they can include the ability to take desktop screenshots, capture audio from a microphone, and collect data from the local file system, among other things, which can open the door to potential abuse.

The risks prompted Google to work toward securing the 180,000+ Chrome extensions on the company's official web store. "We're requiring extensions to only request access to the least amount of data," the company said in a Tuesday blog post. "While this has previously been encouraged of developers, now we're making this a requirement for all extensions."

Google hates competition

[Anonymous Coward]

Google wants to be the only one making money off its users' data.

maximizes Google value on each piece

[harvey the nerd]

Such "safety" consideration doesn't merely eliminate others shares; it maximizes the price or value on each of piece information that it extracts from you. All Google will get it all.

Authorizing permissions doesn't work

[reanjr]

Requiring the user at "cancel or allow" does not work. People are fundamentally ignorant of how security works and how granting right undermines your privacy and safety.

When Google asks you to authorize a camera, they SHOULD be showing an interstitial with paedobear telling you that if you click "allow" then you are letting paedobear film you and upload you to the web 24/7, because regardless of what the app is designed to do, you are about to give it permission to do much more.

Re:

[phantomfive]

That will work as well as scary pictures on cigarette boxes.

Re:

[account_deleted]

Comment removed based on user account deletion

Will Google collect the least amount of data?

[Anonymous Coward]

Will Google collect the least amount of data?

Re:

[Rockoon]

Google does not require that its own applications request permission.

Antitrust time.

[dicobalt]

First: Google announces removal of adblocking capability from Chrome. Second:Google bogarts mass data acquisition capability.

What about fake permissions Google?

[ChoGGi]

Default to faking the info, make sharing your actual info buried in the options somewhere.

Of course that'd mean doing something decent for your customers.

Grammerly

[Disco Hips]

Well, that's Grammerly screwed

does this apply to google too?

[gravewax]

I am all for this, as long as this rule is also being applied to google itself as well as at this point they are by far the worst offenders

Google has screwy permission granularity anyways

[slack_justyb]

Google has some of the most bazaar permission granularity at any rate. Want to have low power Bluetooth on Android, you need to enable the location services. The reason being is that low power Bluetooth beacons might be used to track your position, thus by enabling location during low power Bluetooth, the end user knows that their position might be tracked. Which is a brain dead way of putting those permissions together, because once you authorize for that, anything low power Bluetooth instantly becomes