Google has quietly changed its policies so that logging into any Google service automatically logs the user into the Chrome web browser. This behaviour apparently began with Chrome 68.
It was noticed by bloggers on Hacker News a couple of weeks ago and was recently picked up by cryptographer and professor at Johns Hopkins University, Matthew Green.
“A few weeks ago Google shipped an update to Chrome that fundamentally changes the sign-in experience,” writes Green in a blog post entitled, “Why I’m done with Chrome.”
“From now on, every time you log into a Google property (for example, Gmail), Chrome will automatically sign the browser into your Google account [his italics] for you. It’ll do this without asking, or even explicitly notifying you. (However, and this is important: Google developers claim this will not actually start synchronising your data to Google — yet.)”
Previously, logging into Chrome and signing into other Google services, such as Gmail or YouTube, were completely separate processes, managed by different cookies. Google has now unified cookies by default in order, the company claims, to get around mixups when two different users are logged into Chrome on the same machine.
However this doesn’t explain why Google is now automatically logging people into Chrome without their permission.
“So if signed-in users are your problem, why would you make a change that forces unsigned-in users to become signed-in?” writes Green.
This distinction is important because Chrome has two separate privacy policies, one for users who are signed in, and another for those who are not. In basic browsing mode, information is stored locally on your system.
However, for users who are signed into Chrome browser or Chromebook, details including browsing history bookmarks, tabs, passwords, auto-fill information and installed extensions are stored on Google servers and synchronised with the user’s Google account.
The Chrome team told Green that being automatically signed into Chrome does not activate the synchronisation process. This would require an additional consent step, they said. Which raises the question why would they do it in the first place? Presumably the answer is that more ‘unification’ is planned further down the line.
The wider issue is that the company did not inform its user base of these changes, and that the sign-in to Chrome happens surreptitiously, with just a small icon apperaring in the right-hand corner of the window to show users they are now logged into Chrome.
“User consent matters,” writes Green. “For ten years I’ve been asked a single question by the Chrome browser: “Do you want to log in with your Google account?” And for ten years I’ve said no thanks. Chrome still asks me that question — it’s just that now it doesn’t honour my decision.”
In response to a request for comment, Google directed us to a Twitter thread from engineer and manager at Chrome Adrienne Porter Felt, in which she says “To reiterate, signing in does NOT turn on Chrome Sync. The Chrome Help Center and Chrome White Paper have up-to-date details about this change. My colleagues are updating the Chrome privacy notice ASAP to make this more clear.”