Google is giving Chrome extension developers one month to comply with stricter privacy rules before it starts taking action against extensions that don’t meet the new requirements.
The company announced the updated Chrome Web Store policies in a blog post published on July 1. Developers have until August 1 to ensure their extensions comply with the new rules or risk having them removed from the store.
Google has made it clear that extensions should only collect the information they actually need to work. If an extension asks for or gathers data that isn’t directly related to its purpose, it’ll be considered a policy violation.
Google also wants developers to be much clearer about what their extensions collect. Even if the data seems minor, it still needs to be disclosed. Developers can no longer leave out those details or quietly change their data collection practices after users have already installed an extension. Any changes have to be communicated instead of slipping in through a future update.
That change comes after several recent cases where browser extensions changed behavior long after people installed them.
A couple of days ago, we reported on two browser extensions that were advertised as free VPNs for Chrome and Firefox. They worked as expected at first, but a later update started reading users’ clipboard contents, including passwords and cryptocurrency wallet addresses. Despite that, their store listings continued to claim they didn’t collect any user data.
Google’s updated policies appear to target exactly that kind of behavior. Whether they’ll stop every bad extension is another question.
Apart from the issue mentioned above, the Chrome Web Store has seen several other security incidents this year. Just yesterday, we covered a fake “Google Notes” extension that replaced copied cryptocurrency wallet addresses with one controlled by an attacker. Earlier in June, researchers uncovered more than 150 wallpaper extensions that tracked users while falsely claiming they didn’t collect any information.
Google is making a couple of other policy changes as well. Extensions designed to bypass safety restrictions on AI services will no longer be allowed. The company is also banning extensions that let users place real-money bets on prediction markets.
The updated policies will be enforced starting August 1. Extensions that don’t comply could be removed from the Chrome Web Store, so developers have a few weeks left to update their listings and privacy disclosures.

