Skip to main content

Update on Project Strobe: New policies for Chrome and Drive

Third-party apps and websites create services that millions of people use to get things done and customize their online experience. To make this ecosystem successful, people need to be confident their data is secure, and developers need clear rules of the road. That’s why last year we announced Project Strobe, a root-and-branch review of third-party developer access to your Google account and Android device data.

As a result of our review, we implemented new policies across Gmail and Android to better protect your data. For example, with changes to SMS and Call Log permissions for Android apps, the number of apps with access to this sensitive information has decreased by more than 98 percent. These apps are still able to deliver core services to people just by switching to permissions that access less sensitive data, or by eliminating minor functionality in their apps.

Today, we’re announcing additional changes as a result of Project Strobe, including new policies for Chrome extensions and the Drive API. Here’s what’s new:

Trustworthy Chrome Extensions

There are more than 180,000 extensions in the Chrome Web Store, and nearly half of all Chrome desktop users actively use extensions to customize Chrome and their experience on the web—helping them keep track of to-dos or find shopping deals online. This ability to improve and personalize online experiences depends on a vibrant community of Chrome browser developers.

Last October, we shared our intention to ensure that all Chrome extensions are trustworthy by default. Today, as part of Project Strobe, we’re continuing that effort with additional Chrome Web Store policies. Specifically:

  1. We’re requiring extensions to only request access to the appropriate data needed to implement their features. If there is more than one permission that could be used to implement a feature, developers must use the permission with access to the least amount of data. While this has always been encouraged of developers, now we’re making this a requirement for all extensions.

  2. We’re requiring more extensions to post privacy policies, including extensions that handle personal communications and user-provided content.Our policies have previously required any extension that handles personal and sensitive user data to post a privacy policy and handle that data securely. Now, we’re expanding this category to include extensions that handle user-provided content and personal communications. Of course, extensions must continue to be transparent in how they handle user data, disclosing the collection, use and sharing of that data.

We’re announcing these changes in advance of the official policy rollout this summer to give developers the time needed to ensure their extensions will be in compliance. Developers can learn more about these changes in our FAQ.

Tightening the Drive API

Last fall we updated our user data policy to provide additional guidelines and restrictions for apps seeking to access your Gmail data. Today we’re announcing plans to extend the same policy to Google Drive, which will give you more control over what data third-party apps can access in Drive.

When you connect third-party apps, Drive gives you one central place to keep all your files and helps you easily collaborate with others. With this updated policy, we’ll limit apps that use Google Drive APIs from broadly accessing content or data in Drive. This means we’ll restrict third-party access to specific files and be verifying public apps that require broader access, such as backup services.

These changes will go into effect early next year. Visit the Cloud blog for more details.

Our top priority is to protect user data and keep it safe, while continuing to enable developers to build features that people want and need. As we continue the work of Project Strobe, we’ll also work with our developer partners to give them appropriate time to adjust and update their apps and services.


by via The Keyword

Comments

Post a Comment

Popular posts from this blog

certain keys on my keyboard dont work when "cold"

Hi guys, i have a Lenovo Y520-15IKBN (80WK) and certain keys on the keyboard don't work (e,g,h,8,9,Fn...) but only when the weather is cold. for example in the winter it used to work after certain amount of time when i first boot the laptop and stops working when i stop using it for a while, but now that the weather is hot it works just fine except for the first couple of minutes or when its colder. of course i do realise that it has nothing to do with the outside weather but with the temperature of the computer itself. can someone explain to me why this is happening and how it should be fixed as i cannot take it to the tech service until july even though it's still under warranty because i need it for school. ps: an external keyboard works fine. Submitted April 29, 2018 at 03:35PM by AMmej https://ift.tt/2KiQg05
Post a Comment
Read more

Old PC with a Foxconn n15235 motherboard needs drivers! Help!!

So my Pc corrupted and I had to fresh install windows on it, but now its missing 3 drivers and one of them is for the Ethernet controller! I've tried searching everywhere for the windows 7 drivers but all I seem to find are some dodgey programs saying they will install it for me. Problem is without the ethernet driver I can't bloody connect to the internet. I've been using a USB to try get some drivers on there, but they just end up being useless programmes . I'm also a bit of a noob at these things, I don't understand where to find the names of things in my PC, I've opened it up but I don't understand whats significant and what isnt. If someone has the drivers and can teach me how to install them I'd be very appreciative! Submitted April 29, 2018 at 02:47PM by darrilsteady https://ift.tt/2r76xMZ
Post a Comment
Read more