Security experts are up in arms about an update to Google’s Chrome browser that they say undermines users’ privacy.
The issue is complex, but it revolves around how and when people choose to log in to the Chrome browser (which is different than logging in to Google services like Gmail). In past versions of the browser, this was a voluntary step. Doing so means users can sync information like bookmarks, passwords, and browsing history between devices, a feature Google calls “Chrome Sync.” It also means that their user data is stored on Google’s servers — something that some people are understandably unhappy about.
“This change has enormous implications for user privacy and trust.”
But with Chrome 69, the latest version of the browser, whenever someone logs in to a Google service like Gmail or YouTube, they are now automatically logged in to Chrome as well. This, say critics, is an underhand change that will nudge people into inadvertently sharing more data with Google.
Criticism over the update has been bubbling all weekend, with Chrome engineer and manager Adrienne Porter Felt explaining the change on Twitter late last night. Felt said that the change was made to avoid a problem some users have when sharing devices.
Felt outlined a scenario in which someone using a shared computer signs out of a Google service like Gmail and believes they’ve also signed out of Chrome. If they haven’t actually done so, then the next user might have access to their data stored in the browser.
Felt also notes that automatically logging a user into Chrome doesn’t mean their personal data is automatically shared with Google. For this to happen, Chrome Sync has to be enabled separately.
But critics say this isn’t good enough. Matthew Green, a cryptographer and professor at Johns Hopkins University, was one of the first to outline the problem in a blog post this weekend. Green says that despite the fact that Chrome Sync isn’t automatically turned on, the end effect is still to nudge users into sharing more data.
“This change has enormous implications for user privacy and trust, and Google seems unable to grapple with this,” writes Green.
This, says Green, is because the option to turn on Chrome Sync is a “dark pattern” — a term for the user interface tricks used by websites and apps to nudge people towards certain actions. By logging users into Chrome automatically, Google has removed some of the friction for sharing their data.
You can see the new Chrome Sync UI in Green’s blog post, but as he describes it: “Google has transformed the question of consenting to data upload from something affirmative that I actually had to put effort into — entering my Google credentials and signing into Chrome — into something I can now do with a single accidental click. This is a dark pattern.”
To some people, these complaints may seem small-fry or obvious. (“Well, of course Google wants to collect more of your data. It’s Google!”) But as Green and others have noted, it’s part of a wider pattern of changes to Chrome that’s turning off its core user base.
When Google first introduced its browser, it shook up the entire market. It broke Microsoft’s dominance, promoted open-source standards, and pushed the industry as a whole to up its game. Changes like this one, though, are fodder for critics who say Google is slowly converting Chrome from a neutral platform into something designed to push people toward Google services and the Google way of doing things.