The most recent update of Google's popular Chrome browser includes a policy change that makes privacy advocates uncomfortable: The browser automatically signs users in to Chrome if they use any other Google services.
That means if you're using Chrome to sign in to a Google service like Gmail, Chrome will begin tracking information such as the other sites you visit and which tabs you have open until you close the browser or sign out of either Chrome or Gmail.
If you give Google permission by clicking an option to "Sync," that information is sent back to Google.
Once it's there, Google can use it for several purposes. On the plus side, if you sign in to Chrome on a different computer, all your stuff — including extensions, bookmarks, browsing history and saved passwords — will show up, ready to use.
But on the minus side for people concerned about privacy, Google can add that data to the vast amount that it already has about you through other linked accounts, such as Maps and YouTube. Google uses that data to target ads.
Previously, it was possible to use the Google Chrome browser to sign in to a Google service, like Gmail, without actually logging into the browser itself. The browser would only store information locally; you never even had the option to send it back to Google (unless you signed in to Chrome by choice).
Ultimately, this change more explicitly frames Chrome as another Google service, rather than as a neutral platform to surf the web.
Although the Chrome browser update happened in mid-September, Google was scrambling to explain the policy change over the weekend after cryptographer and Johns Hopkins Information Security assistant professor Matthew Green highlighted the issue on his Twitter account and then in a blog post titled Why I'm Done with Chrome.
Green had personally been using Chrome without logging in for years. This was a good option for users like him who didn't want their Chrome browsing history sent to Google or linked to the Google account that they used for Gmail, for example. He argues this is a betrayal of trust.
"If you didn't respect my lack of consent on the biggest user-facing privacy option in Chrome (and didn't even notify me that you had stopped respecting it!) why should I trust any other consent option you give me?" Green wrote. "What stops you from changing your mind on that option in a few months, when we've all stopped paying attention?"
He also criticizes the user interface that Google uses to ask whether it can sync your data. Indeed, if you click the drop-down menu in Chrome, the phrasing doesn't make it clear whether you're sending your data back to Google or not.
The interface could cause people to "think they're already syncing and thus there's no additional cost to increasing Google's access to their data," he writes.
Here's how Google asks for consent to sync your data:
In response to Green's Twitter thread, Google Chrome product manager Adrienne Porter Felt said that Google made this change to stop users who share devices from thinking that they had signed out of Chrome when they actually had not.
Google's argument is that by tying Chrome and other Google service accounts together, it will be harder for you to accidentally "leak" data, like passwords stored in Chrome, across accounts (like if somebody else uses your computer).
However, as Green writes, the change still completely eliminates an option that used to be available to users who never signed in to Chrome in the first place, but still wanted to use other Google services.