Can you trust Google Chrome with your data?

Google Chrome is easily the most popular browser in the world, boasting a market share of around 65.5 percent (as of April 2019). It is also widely regarded by privacy activists to be spyware. Why?

Google does not admit that it uses Chrome to spy on users, and since Chrome is built using a large amount of proprietary closed source code, there is no way to prove for certain that it does so. There are, however, some very compelling reasons to believe that it does…

How does Google make money?

With a 2019 net worth of $167.7 billion, Google is snapping at the heels of Apple as the second largest brand on the planet.

How Apple makes its money is clear – it builds and sells very popular premium hardware. Google, on the other hand, provides a range of expensive-to-run services and expensive-to-develop products which it offers to the general public for everyone’s favorite price: free. They are also stylish, easy-to-use, and flush with high-tech functionality.

Unsurprisingly, these services and products have been a big hit, particularly the Chrome browser. So how does Google make the huge sums of money it does from products which it gives away for free?

Google’s business model

Google makes money from collecting as much data as it can about you and then using that data to deliver highly targeted ads to your screen. The more it knows about you, the more personalized these ads can become and the more likely it is, statistically, that you will purchase a product from one of its advertising partners.

The more money its adverting partners make, the more they will pay Google to deliver their ads to you. Google’s expertise at delivering the right ads to the right people means that advertisers trust Google more than any other company to deliver great value for money.

Between 2009 and 2013 Google fully cooperated with the NSA’s PRISM mass surveillance program. It claims to have stopped, but how can we know this for certain?

The result is that Google dominates the digital ad revenue market, with a 2019 market share of 32.4 percent. Google’s entire business model is therefore predicated on invading its users’ privacy. And as its net worth amply demonstrates, it is an incredibly successful one.

How does it do this?

Google tracks what we do online – what we search for (using its eponymous search engine), the websites we visit after that (using tactics such as cookies, its ubiquitous AdSense network, and +1 sharing buttons), how we interact with apps (using the Android Play Service Framework, which also collects location data), and even how we interact with other people in real life (for example by keeping tabs on our daily activity schedules from its Calendar app).

In 2017 Google promised that it would no longer scan emails in order to target users with tailored ads. This does not mean it has stopped scanning emails for other purposes. Its AI-based smart reply feature proves this beyond all doubt.

Particularly shocking is that since 2015, Google scans emails in Gmail to log all purchases made, even when these have nothing to do with Google.

To make matters worse, there is no privacy setting to prevent this, and the only way to delete the information is to delete the original emails concerning the purchase!

What about Chrome?

So we know that Google spies on us, but what about Chrome? Unlike our searches and the content of our emails, it is less clear how (and, indeed, if) Google monetizes the most popular browser in the world.

The reason Chrome is so popular is that a large amount of money has been thrown at developing (and continuing to develop) it.  It's unlikely that Google would release such a product for free, with nothing in it for them.

It signs you into your Chrome account without permission

Until September 2018, the Chrome privacy policy was a document shocking in its simplicity and clarity. You could log in to Chrome, in which case you explicitly agreed to hand over all your data to Google. 

Or you could ignore the sign-in pop-ups and use Chrome in “Basic browser mode,” where data basically stayed on the browser and was not passed on to Google (or at least that is what Google claimed).

As of Chrome 69, the browser automatically signs users into Chrome whenever they sign into a Google service such as Gmail. Google introduced this change, which has important privacy implications, without any warning or asking of consent from its users.

People only started becoming aware of the issue when they noticed the icon in the Chrome taskbar which indicates they are sighed into Chrome!

If you hunt through the Advanced Settings menu in Chrome it is possible to disable this automatic sign-in, but Google has gone out of its way to hide this option as much as possible. This is a situation which has sparked fears that Google plans to quietly remove the opt-out option once public interest in the matter has waned.

Chrome ad blocker

In February 2018 Google introduced an ad-blocker, which immediately came under a storm of criticism for being self-serving. As The Guardian put it:

“The plan is simple, and almost explicit: block just enough adverts to make sure that people don’t feel the need to install an adblocker that will block them all.”

Again, this hardly inspires trust.

Chrome scans all your files without permission

In March 2018 the updated Chrome Privacy Tool alarmed privacy activists by starting to scan files on users’ computers, including in their documents folder, for malware.

Although it is generally accepted that the move was benign, 

“the lack of explicit consent and transparency seems to violate their own criteria of ‘user-friendly software’ that informs the policy for Chrome Cleanup [Tool].”

Final thoughts

The case against Google Chrome is not conclusive, but it is strong enough that privacy researchers and activists almost unanimously recommend against using it. Google has given us very little reason to trust it, and as the examples above clearly demonstrate, has a very blasé attitude to user consent.

There are some excellent secure browsers out there which are open source and are designed from the ground up to respect their users’ privacy. The most notable of these is Mozilla Firefox, which is now a match for Chrome in terms of speed and stability while being much more configurable and featuring built-in tracking and canvas fingerprinting protection.  

Written by: Douglas Crawford

Has worked for almost six years as senior staff writer and resident tech and VPN industry expert at ProPrivacy.com. Widely quoted on issues relating cybersecurity and digital privacy in the UK national press (The Independent & Daily Mail Online) and international technology publications such as Ars Technica.

0 Comments

There are no comments yet.

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives:

Large brand with very good value, and a budget price

The fastest VPN we test, unblocks everything, with amazing service all round

Longtime top ranked VPN, with great price and speeds

One of the cheapest VPNs out there, but still a good service