Google company about tightening the rules for placing add-ons in the Chrome Web Store catalog. The first part of the changes relates to the Strobe project, which reviewed the methods used by third-party app and add-on developers to access services associated with a user's Google account or data on Android devices.
In addition to the previously introduced new Gmail data practices and to SMS and call lists for apps on Google Play, Google announced a similar initiative for Chrome add-ons. The main goal of the rule change is to combat the practice of requesting extra powers by add-ons - nowadays it is not uncommon for add-ons to request the maximum possible powers that are not really needed. In turn, the user's eyes become blurred and he stops paying attention to the requested permissions, which creates fertile ground for the development of malicious add-ons.
Changes to the Chrome Web Store catalog rules are planned for the summer to require add-on developers to request access only to those advanced features that are actually necessary to implement the declared functionality. Moreover, if several types of permissions can be used to implement the plan, then the developer should use a permission that provides access to a smaller amount of data. Previously, such behavior was described in the form of a recommendation, but now it will be transferred to the category of mandatory requirements, if they are not met, the additions will not be accepted into the catalog.
The situations in which add-on developers are required to publish rules for the processing of personal data have also been expanded. In addition to add-ons that explicitly process personal and confidential data, the rules for processing personal data will also have to publish add-ons that process any user content and any personal communications.
Also at the beginning of next year tightening the rules for accessing the Google Drive API - users will be able to explicitly control what data can be given and which applications can be granted access, as well as perform application verification and view established bindings.
The second part of the changes protection against abuse by imposing the installation of unsolicited add-ons, which are often used to carry out fraudulent activities. Last year already prohibition of installation of add-ons on demand from third-party sites without going to the add-ons directory. Such a move reduced the number of complaints about unsolicited installation of add-ons by 18%. It is now planned to ban some other tricks used to install add-ons fraudulently.
From July 1, add-ons that are promoted using dishonest methods will begin to be removed from the catalog. In particular, add-ons will be subject to removal from the catalog if they are distributed using deceptive interactive elements, such as deceptive activation buttons or forms that are not explicitly marked as causing the add-on to be installed. Add-ons that obscure marketing collateral or attempt to hide their true purpose on the Chrome Web Store page will also be removed.
Source: opennet.ru