Google makes Chrome extensions and Drive more secure with new rules

“The new changes will restrict access to user data for third-party add-ons in Chrome and Drive”

Google has added new rules to Chrome extensions and Drive that’ll aim to keep user data confidential and secure. With the changes, the third-party add-ons on Chrome will have to request least amount of user data their app requires to function, while apps that connect with Google Drive, such as Pixlr, will not be allowed to access user’s file. The changes are based on Google’s Project Strobe that was launched back in October. It’s said to be a root-and-branch review of third-party developer access to your Google account and Android device data.

Google Chrome

Nearly half of Chrome desktop users actively use extensions to customise the browser and there are more than 180,000 extensions in the Chrome Web Store. These extensions will now have to post a privacy policy, which was not compulsion earlier. Prior to this, only a small number of Plug-ins, those that handle privacy policy, actually posted a privacy policy. Now, we’re expanding this category to include extensions that handle user-provided content and personal communications,” said Google in its blog. Meanwhile, extensions can only request access to the appropriate data needes to implement their features.

As for Google Drive, new rules will give you more control over what data third-party apps can access. The apps will be limited to use Google Drive APIs from broadly accessing content or data in Drive. This means we’ll restrict third-party access to specific files and be verifying public apps that require broader access, such as backup services.

These changes will go into effect early next year. With the announcement now, Google is making developers aware of the updated policy.