Chrome 69 automatically signs in users when they log into Google services

The new changes has users concerned over privacy

Google Chrome

Google’s Chrome development team has found itself in hot water after changing the way users sign into the browser.

The small change to sign-in came as part of Chrome 69 and ignited fears regarding data privacy. Chrome 69 now signs users into the browser if they log in to a Google service.

In other words, if you sign into Gmail while using Chrome, the browser will log into that Google account as well.

While the change might not seem like a big deal to those who sign into Chrome, it’s a big deal for those who prefer to keep their browsing data away from Google. Several people use Google Chrome without signing in — this change takes that option away.

Matthew Green, a cryptographer and professor at John Hopkins University, wrote a detailed blog post explaining why the change drove him away from Chrome.

Green argued that the new sign-in practice made it too confusing for users. Worse, it made it easier for users to send their data to Google accidentally.

solves a problem for shared computers

Adrienne Porter Felt, Chrome’s engineering manager, took to Twitter to explain the logic behind the change. According to Porter Felt, there is a difference between ‘signed in’ and ‘syncing data.’

Chrome signs you into the browser to make it easier for users who share computers. Porter Felt said that sometimes users would sign out of the content, like Gmail, and think they also signed out of the browser.

When the user passed their computer off to someone else, they’d sign into Gmail and that users data would be synced to the first user’s Google account, which is still signed into Chrome.

Porter Felt argued that the new set-up and UI makes it easy to see if you’re signed into Google Chrome. Additionally, it gives users one place to sign out.

Green, however, argues that this rationale doesn’t make sense. For one, to have your data accidentally uploaded to another Google account, someone needs to sign into Chrome in the first place. The ‘solution’ does nothing for users who don’t sign into Chrome at all.

Furthermore, Green says the change violates user consent because Chrome no longer asks before signing in users. Additionally, the UI doesn’t make it clear to users whether their data is syncing or not. Green wrote that it’s surprisingly easy to turn on data syncing by accident.

Ultimately, the way the browser now handles sign-in is less understandable for users. Whether or not its as big a privacy invasion as Green believes is up for debate.

What do you think? Is the new sign-in feature a simple solution to a problem, or should we be more concerned about the change? Let us know down below.

Source: Engadget, ZDNet, Matthew Green, Twitter