Chrome add-ons just became less scary, security-wise
Google tightens rules for admission to Chrome Web Store
Google has tightened the rules for admission to the Chrome Web Store, the online bazaar for add-ons to its browser.
Privacy policies “... must, together with any in-Product disclosures, comprehensively disclose how your Product collects, uses and shares user data, including the types of parties with whom it’s shared.” Google will check to ensure the policy is included in the dashboard offered to developers and made prominent on the installation page.
Google's even insisting on a “Prominent Disclosure Requirement” that will force developers to stop collecting data “that is not closely related to functionality described prominently in the Product’s Chrome Web Store page and user interface” to “Prominently disclose how the user data will be used, and obtain the user’s affirmative consent for such use.”
Welcome improvements all, if Google enforces them properly. And that's a big-ish if: the search and ad operation has allowed hundreds of malware-riddled apps into its Android Play Store, hardly a sign of quality curation.
The company's new policies read well, but the proof of this pudding will be in the eating. ®