According to security researcher S. Bálint, any time someone using Chrome 69 logs into a Google service or site, they are also logged into Chrome-as-a-browser with that user account. Essentially, Google is forcefully logging users into Chrome.
However, Adrienne Porter Felt – an engineer and manager on the Google Chrome team – said that the user data is not getting uploaded to Google servers. But if that’s true, then why is Google is forcefully logging people in?
Automatically logging people into browsers potentially creates an unsafe environment on shared devices: Others who use the device may be able to access your account, even when you think you’ve logged out of the services you just used.
Felt said that the new version of Chrome’s UI now uses a profile icon to the right of the address bar to indicate that you’re signed into any of Google’s services. Apparently, this change was made so that users don’t forget to sign out on shared machines. But its effectiveness may be limited, as people may not realize they’re logged into the browser – especially if they don’t notice this change.
You can change this behaviour by going to ‘chrome://flags/#account-consistency’ and disabling ‘Identity consistency between browser and cookie jar’ flag. Some developers have also built a privacy centric fork of Chrome called Ungoogled-Chrome.
This feels a lot like the Google+ integration that the company previously tried to force onto folks who used its Search, Gmail and YouTube services; it later removed this functionality after receiving negative feedback.
The company has been guilty of sneakily recording userdata several times in the past. Earlier this year, it was revealed that Google was recording users’ location data even if they had turned that setting off. A few years ago, The Guardian found that Google was quietly recording all your voice searches and storing them in its server – without disclosing this to users
Companies like Google often make changes to their platforms and, instead of explicitly informing people, hide mentions of these tweaks in documentation that few users actually read. Privacy and transparency are, sadly, becoming harder to come by as we invest more in online services.