by WorldTribune Staff, September 25, 2018
The latest update to Google Chrome, in which Google automatically logs in users to their online accounts, has “enormous implications for user privacy and trust,” an analyst said.
“A few weeks ago Google shipped an update to Chrome that fundamentally changes the sign-in experience. From now on, every time you log into a Google property (for example, Gmail), Chrome will automatically sign the browser into your Google account for you. It’ll do this without asking, or even explicitly notifying you,” Matthew Green, a cryptographer and professor, said on his blog on Sept. 23.
“Big brother doesn’t need to actually watch you. We tell things to our web browsers that we wouldn’t tell our best friends,” Green said. “For all we know, the new approach has privacy implications even if sync is off. The Chrome developers claim that with ‘sync’ off, a Chrome has no privacy implications. This might be true. But when pressed on the actual details, nobody seems quite sure.”
The automatic log-in poses privacy and security risks, said Green, who added that “Due to Chrome’s new user-unfriendly forced login policy – I won’t be using it going forward.”
“Nobody on the Chrome development team can provide a clear rationale for why this change was necessary, and the explanations they’ve given don’t make any sense. This change has enormous implications for user privacy and trust, and Google seems unable to grapple with this,” Green said. “The change makes a hash out of Google’s own privacy policies for Chrome. Google needs to stop treating customer trust like it’s a renewable resource, because they’re screwing up badly.”
Google users are not happy about the Chrome update, according to ZDNet.
“Users are still angry. First and foremost, they are angry because they don’t have this ability to decide when they log into their browser,” ZDNet reported. “And second, they are angry because Google had failed to tell them about this new move.”