Image: Wikimedia Commons
Once again, Google has rankled privacy-focused people with a product change that appears to limit users’ options. It’s easy to miss the fact that you’re automatically being logged-in to Chrome if you’re not paying attention.
Chrome 69 released to users on September 5, and you likely noticed that it has a different look. But if you’re the type of person who doesn’t like to log in to the browser with your Google account, you may have missed the fact that it happens automatically when you sign-in to a Google service like Gmail. Previously, users were allowed to keep those logins separate. Members of the message board Hacker News noticed the change relatively quickly and over the weekend, several developers called attention to it.
One problem with rolling out this kind of change without making it clear to users is that people might misunderstand what’s happening and assume the worst. Matthew Green, a professor at Johns Hopkins University who teaches cryptography, was offended when he realized what was happening because he’s made a concerted effort not to log in through the browser in order to avoid any extraneous collection of his data. As long as you remain logged out, your browser activity is only stored locally on your machine. When he wrote about his issues with the change, he also worried that Google’s “Sync” feature was automatically being enabled, but it appears that’s not the case.
Sync uploads your browser history, bookmarks, passwords, and other data to Google in order to sync your preferences across multiple devices and can be turned on and off by a user. Adrienne Porter Felt, a Google Chrome engineer, stepped in on Twitter to confirm the automatic-login change but said that users still have to manually enable Sync.
We reached out to Google for comment and a spokesperson pointed us to another Twitter thread from Felt in which she explained that this change is intended to prevent multiple users from mistakenly believing they’re logged in on a shared device. “In the past, people would sometimes sign out of the content area and think that meant they were no longer signed into Chrome, which could cause problems on a shared device,” she wrote.
There’s a certain amount of logic to Google’s stated reasoning, but it doesn’t change the fact that this is something that should’ve been made clear to users. Felt does have a point that the new Chrome now clearly shows in the upper-right corner which user, if any, is logged in. But Green is correct that Chrome’s privacy policy doesn’t make the new change clear enough, and he says he’s been assured that the policy will be updated.
We’ve learned that Android phones were sending location data to Google even when location history was disabled. And we’ve found that Google was storing voice recordings without users’ knowledge. And most recently we’ve seen numerous reports that it’s working on a censorship and surveillance-friendly search engine for China—a project that it will only vaguely acknowledge while employees are protesting internally. It’s not a good idea to simply trust Google.
If you want to disable the forced login, a user on Hacker News points out a workaround that could change at any time. Copy and paste this text into your browser’s address bar: chrome://flags/#account-consistency. Then disable the option labeled, “Identity consistency between browser and cookie jar,” and restart your browser. Go to this link to ensure that your Sync settings are configured the way you like them. For now, you have a choice, but it shouldn’t be so difficult or obscure.
[Cryptography Engineering, Matthew Green, Adrienne Porter Felt]