Experts opine that this is an abusive privacy practice and Google does this because the browser can give user data they cannot get from their other sources. Google uses that data to target ads. For example, if you looked for best TV to buy on the web using Chrome 69, Google will probably know it and serve you advertisements related to TVs. The same icon now appears if you're logged into a Google service like Google.com or Gmail, but not necessarily to Chrome.
One of those who was disgusted to learn about the change is cryptographer Matthew Green who blogged about the issue over the weekend. But there is also a change that seems like an assault on your privacy. This, Green said, "presumably vacuumed up your browsing data and shipped it off to Google, but that was an option". "The privacy model is simply broken". The changes include tweaking a section title from "Signed-in Chrome mode" to "Signed-in, Synched Chrome mode" as well as the addition of two sentences: "On desktop versions of Chrome, signing into or out of any Google web service (e.g. google.com) signs you into or out of Chrome". As a result, sharing all the information with Google is only one click away which can happen accidently at any point in time.
What's all the fuss about?
"Now that I'm forced to log into Chrome, I'm faced with a brand new menu I've never seen before", Green explained in his post. Green also argues, however, that this doesn't matter: The tying together of service and Chrome sign-ins is a 'dark pattern, ' he says, arguing - with others - that it serves no good goal other than to make it easier for users to begin synchronising their data with the company.
That feedback turned out to be wrong, as Google engineers have cleared up on Twitter that this auto-login activity does not begin the way toward synchronizing neighborhood information to Google's servers, which will require a client click. However, this does not mean the user is signed into Chrome Sync. "Whether you consider this "Great!" or "Terrible!" is a matter of perception and threat model".
After clicking on the Clear All button, though, and refreshing the Cookies screen, Google authentication cookies are restored. Google is making is really hard for users to avoid being tracked.
Chrome is, perhaps by now, the world's top browser in terms of reach.
Green said it was "nuts" for Google to suggest users are safe because of the sync-consent page.
"Don't like to pile on", Zalewski wrote on Twitter, "but I did rely on that as a visual confirmation that the browser is not doing something I didn't want". Chrome still asks me that question-it's just that now it doesn't honor my decision.
Jon von Tetzchner, cofounder and CEO of Vivaldi Technologies and the Vivaldi browser, a rival to Chrome. He noted that the privacy document could be summarised "as a promise that if you aren't logged in, data will only be stored locally, and if you are logged in, all bets are off".
"My impression is that Google and Facebook are unique", he said. "I noticed mine the other day", he continued, adding that the "update has huge implications for Google and the future of Chrome". Green outlined his scepticism about this in his blog post.