Chrome 69, released earlier this month, is a major overhaul of Google’s web browser. It offers a sleek new look and a host of new features including a revamped password manager and a “smart answer” tool.
Another feature added to Chrome is automatic login. Whenever you log into a Google website like Gmail or YouTube, Chrome 69 will automatically sign you into the browser. At first glance, it seems an easy and quick way to utilize Chrome’s personalization features, but it is more intrusive than helpful according to security researchers.
For one thing, it removes the ability for the user to choose whether or not he or she wants to log into the browser. Forcing users to browse logged in is bad form no matter how helpful the function is perceived to be, but security experts say that it goes beyond that and is a violation of your privacy.
Professor of Cryptography Matthew Green at John Hopkins University says that the feature has completely turned him off of using Chrome, which he says he once loved.
“For many years, Google offered an optional ‘sign in’ feature for Chrome, which presumably vacuumed up your browsing data and shipped it off to Google, but that was an option,” said Green in his blog. “[Now] Chrome will automatically sign the browser into your Google account for you. It’ll do this without asking, or even explicitly notifying you.”
Green called the developers out on Twitter, but the company defended the move saying that it's more like a "FYI" notification than actually signing in. No, really, they did.
Think of it as adding "yo FYI you're currently logged in to Gmail" in the corner of the browser window. That's what the feature does. It's different from the feature you seem to be talking about which we call sync, that has privacy implications.— Adrienne Porter Felt (@__apf__) September 22, 2018
Green notes that developers are saying that this auto login will not sync your data with Google servers — at least not yet. You still have to opt-in to the service for syncing to occur. However, Green takes issue with Google’s rationale for the feature.
Devs are concerned about what happens when Chrome is signed into one account, but then a different user logs into a Google-based website to say, check his or her email on the same computer. Presumably, account A will end up syncing account B’s data. This concern is legitimate.
However, Green notes that the precautionary measure only pertains to users who prefer logging into Chrome. It does not apply to those who would rather browse logged out. To put it another way, all users are being forced to sign into Chrome when they access Google sites because the devs cannot figure out a way to keep data from two accounts separate.
Green is not alone in his misgivings. Cloudflare CTO John Graham-Cumming and Intel security expert Ryan Naraine voiced their concerns and said they would be switching browsers.
Sadly I noticed I’m logged in to Chrome on my work account. Moving over to Firefox this morning. I agree about the “dark pattern” on the Sync “button”. https://t.co/jO7k1KrktP— John Graham-Cumming (@jgrahamc) September 24, 2018
“The Chrome guys get a lot right. This isn’t one of them,” Naraine said on Twitter.
Attempting to keep user data separate on a shared computer is a valid concern. It is Google's approach to the problem that failed. Not giving the user a choice in the matter is the wrong way to go regardless of whether or not data collection is occurring.