Google users are concerned about their browsing privacy after a recent update at Google secretly logs Chrome browser users into their online Google accounts, syncing data without asking, a move one expert says has "enormous implications for user privacy and trust."
As detailed by cryptographer and professor Matthew Green on his blog on Sunday, Google made the change several weeks ago.
"Due to Chrome's new user-unfriendly forced login policy — I won't be using it going forward," declared professor Green. "A few weeks ago Google shipped an update to Chrome that fundamentally changes the sign-in experience. From now on, every time you log into a Google property (for example, Gmail), Chrome will automatically sign the browser into your Google account for you. It'll do this without asking, or even explicitly notifying you."
"Your sole warning — in the event that you're looking for it — is that your Google profile picture will appear in the upper-right hand corner of the browser window. I noticed mine the other day," he continued, adding that the "update has huge implications for Google and the future of Chrome."
"Nobody on the Chrome development team can provide a clear rationale for why this change was necessary, and the explanations they've given don't make any sense. This change has enormous implications for user privacy and trust, and Google seems unable to grapple with this," Green explained. "The change makes a hash out of Google's own privacy policies for Chrome. Google needs to stop treating customer trust like it's a renewable resource, because they're screwing up badly."
Green also claimed that though being automatically signed in doesn't mean your data is necessarily syncing, it is easy to accidentally start syncing your data, and nevertheless the automatic sign-in has privacy and security risks.