Google is giving Chrome extension developers one month to comply with stricter privacy rules before it starts taking action against extensions that don’t meet the new requirements.

The company announced the updated Chrome Web Store policies in a blog post published on July 1. Developers have until August 1 to ensure their extensions comply with the new rules or risk having them removed from the store.

Google has made it clear that extensions should only collect the information they actually need to work. If an extension asks for or gathers data that isn’t directly related to its purpose, it’ll be considered a policy violation.

Google also wants developers to be much clearer about what their extensions collect. Even if the data seems minor, it still needs to be disclosed. Developers can no longer leave out those details or quietly change their data collection practices after users have already installed an extension. Any changes have to be communicated instead of slipping in through a future update.

chrome-extensions-crackdown

That change comes after several recent cases where browser extensions changed behavior long after people installed them.

A couple of days ago, we reported on two browser extensions that were advertised as free VPNs for Chrome and Firefox. They worked as expected at first, but a later update started reading users’ clipboard contents, including passwords and cryptocurrency wallet addresses. Despite that, their store listings continued to claim they didn’t collect any user data.

Google’s updated policies appear to target exactly that kind of behavior. Whether they’ll stop every bad extension is another question.

Apart from the issue mentioned above, the Chrome Web Store has seen several other security incidents this year. Just yesterday, we covered a fake “Google Notes” extension that replaced copied cryptocurrency wallet addresses with one controlled by an attacker. Earlier in June, researchers uncovered more than 150 wallpaper extensions that tracked users while falsely claiming they didn’t collect any information.

Google is making a couple of other policy changes as well. Extensions designed to bypass safety restrictions on AI services will no longer be allowed. The company is also banning extensions that let users place real-money bets on prediction markets.

chrome-web-store-prediction-market-bets-extensions

The updated policies will be enforced starting August 1. Extensions that don’t comply could be removed from the Chrome Web Store, so developers have a few weeks left to update their listings and privacy disclosures.

We stand out from the tech-media crowd because we break news stories; we mainly bring you stuff that you won’t find anywhere in the mainstream tech media. Our stories have been picked up by some of the world’s most popular websites and media outlets—more info is available here.

Dwayne Cubbins
2774 Posts

I cover fast-moving stories across apps, online platforms, and everyday tech — phones, wearables, consoles, and whatever else people are fighting with this week. Bugs, rollouts, scams, policy enforcement, and the occasional internet-culture rabbit hole are all fair game. My goal is simple — make confusing tech news readable. When I'm not working, I'm working out or chilling with my dog. Got a tip? You can find me on X @dcubbins.