July 23rd, 2019
On May 30, Google announced the next iteration of Project Strobe, a root-and-branch review of third-party developer access to user data. This announcement included the following two updates to our User Data Policy:
- We’re requiring extensions to only request access to the least amount of data. While this has previously been encouraged of developers, now we’re making this a requirement for all extensions.
The policies for these two changes are now published to the updated User Data Policy. They will go into effect on October 15, 2019.
To ensure compliance with this policy update, we suggest developers check their extensions per the guidelines below. After October 15, 2019, items that violate these updates to the User Data policy will be removed or rejected from the Web Store and will need to become compliant to be reinstated. We will continue to take action on violations of the User Data Policy in its current form.
- Inventory your extensions’ current permissions and, where possible, switch to alternatives that are more narrowly scoped. Additionally, include a list of permissions used and the reasons you require them in your Chrome Web Store listing or in an “about page” in your extension. If you expand the features of your extension and require new permission, you may only request the new permission in the updated version of the extension.
You can find more information on the updated User Data FAQ. Thank you for joining us in building a better web with transparency, choice, and control for both users and developers.
Posted by Alexandre Blondin and Swagateeka Panigrahy, Chrome Product & Policy