• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

New policies for Google Chrome extensions and Google Drive API


Brink

Administrator
Administrator
mvp
Posts
23,623
#1
Third-party apps and websites create services that millions of people use to get things done and customize their online experience. To make this ecosystem successful, people need to be confident their data is secure, and developers need clear rules of the road. That’s why last year we announced Project Strobe, a root-and-branch review of third-party developer access to your Google account and Android device data.

As a result of our review, we implemented new policies across Gmail and Android to better protect your data. For example, with changes to SMS and Call Log permissions for Android apps, the number of apps with access to this sensitive information has decreased by more than 98 percent. These apps are still able to deliver core services to people just by switching to permissions that access less sensitive data, or by eliminating minor functionality in their apps.

Today, we’re announcing additional changes as a result of Project Strobe, including new policies for Chrome extensions and the Drive API. Here’s what’s new:

Trustworthy Chrome Extensions

There are more than 180,000 extensions in the Chrome Web Store, and nearly half of all Chrome desktop users actively use extensions to customize Chrome and their experience on the web—helping them keep track of to-dos or find shopping deals online. This ability to improve and personalize online experiences depends on a vibrant community of Chrome browser developers.

Last October, we shared our intention to ensure that all Chrome extensions are trustworthy by default. Today, as part of Project Strobe, we’re continuing that effort with additional Chrome Web Store policies. Specifically:
  1. We’re requiring extensions to only request access to the appropriate data needed to implement their features. If there is more than one permission that could be used to implement a feature, developers must use the permission with access to the least amount of data. While this has always been encouraged of developers, now we’re making this a requirement for all extensions.
  2. We’re requiring more extensions to post privacy policies, including extensions that handle personal communications and user-provided content. Our policies have previously required any extension that handles personal and sensitive user data to post a privacy policy and handle that data securely. Now, we’re expanding this category to include extensions that handle user-provided content and personal communications. Of course, extensions must continue to be transparent in how they handle user data, disclosing the collection, use and sharing of that data.
We’re announcing these changes in advance of the official policy rollout this summer to give developers the time needed to ensure their extensions will be in compliance. Developers can learn more about these changes in our FAQ.

Tightening the Drive API

Last fall we updated our user data policy to provide additional guidelines and restrictions for apps seeking to access your Gmail data. Today we’re announcing plans to extend the same policy to Google Drive, which will give you more control over what data third-party apps can access in Drive.

When you connect third-party apps, Drive gives you one central place to keep all your files and helps you easily collaborate with others. With this updated policy, we’ll limit apps that use Google Drive APIs from broadly accessing content or data in Drive. This means we’ll restrict third-party access to specific files and be verifying public apps that require broader access, such as backup services.

These changes will go into effect early next year. Visit the Cloud blog for more details.
Our top priority is to protect user data and keep it safe, while continuing to enable developers to build features that people want and need. As we continue the work of Project Strobe, we’ll also work with our developer partners to give them appropriate time to adjust and update their apps and services.

Source: Update on Project Strobe: New policies for Chrome and Drive
 

My Computer

System One

  • OS
    64-bit Windows 10
    Computer type
    PC/Desktop
    System Manufacturer/Model Number
    Custom self built
    CPU
    Intel i7-8700K OC'd to 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    16 GB (8GBx2) G.SKILL TridentZ DDR4 3200 MHz
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    3 x 27" Asus VE278Q
    Screen Resolution
    1920x1080
    Hard Drives
    250GB Samsung 960 EVO M.2,
    256GB OCZ Vector,
    6TB WD Black WD6001FZWX
    8TB WD MyCloudEX2Ultra NAS
    PSU
    OCZ Series Gold OCZZ1000M 1000W
    Case
    Thermaltake Core P3
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master
    Internet Speed
    1 Gb/s Download and 35 Mb/s Upload
    Browser
    Internet Explorer 11
    Antivirus
    Malwarebyte Anti-Malware Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    Linksys EA9500 router,
    Arris SB8200 cable modem,
    APC SMART-UPS RT 1000 XL - SURT1000XLI,
    Lumia 1520 phone

Users Who Are Viewing This Thread (Users: 0, Guests: 2)