September 02, 2008

Quickie Privacy Analysis of Google's New "Chrome" Web Browser

Greetings. Google's new Chrome Web browser beta hasn't been generally available for more than a few hours, and already I'm getting queries regarding its associated privacy policy.

So here's an "instant" quickie analysis, based solely on the info Google has provided as linked just above. Please note that I have not yet looked into any possible privacy or security issues that people have asked me about associated with "borderless" applications (e.g. pages displayed without URL bars, etc.) -- nor do I at this time presuppose that issues of concern exist in that area.

Cutting to the chase, it appears that -- with one exception that I'll discuss below -- Google's Chrome (no affiliation with chrome.vortex.com of course) by and large is defined to behave in a conventional manner when it comes to handling of privacy-sensitive data, including the provision of a "private browsing" mode similar to that in the latest version of Internet Explorer.

In particular -- to answer the most frequently asked question -- there is no evidence that your routine Web site browsing URLs are transmitted to Google as you traverse the Net (I'm making the quite reasonable assumption that such data isn't somehow included in the default sending of "usage statistics" -- for which I did not find a precise definition).

Chrome's anti-phishing system appears to be the same well designed Google-based mechanism -- using primarily hashed URLs -- employed by default in Firefox 3 as well. No problems there as far as I'm concerned.

The only really new privacy-related aspect that may concern some users in Google Chrome appears to be its "Google Suggest" feature tied into the URL address bar. By default this will send information to Google regarding the URLs that you enter directly, to enable URL suggestion data to be returned to the browser from Google. This feature is somewhat similar to Firefox 3's new URL suggestion mechanism, however Firefox's lookup system operates using only local data in a much more limited fashion, without transmitting URL data off of your system during the lookup phase.

So, again by default, if you entered: http://www.yetanothersecretsite.com in the Chrome URL bar, that URL would apparently be transmitted to Google.

Whether or not this represents a problem for any given user is up to them. Obviously it is impossible for Google to provide a broad URL suggestion capability without knowing what you're typing on the URL line. Note though that -- as described on the relevant Google pages -- virtually all of these related features can be disabled by users if they choose to do so.

[ Update (September 9, 2008): Google has just announced that they are reducing the data retention period for non-anonymized logged IP address data from use of Google Suggest to less than 24 hours or so. Excellent. ]

For now, based on the information that I currently have to go on, I'd give Google Chrome a thumbs-up from an overall privacy standpoint, with the proviso that individual users may not wish to accept all of the provided default privacy settings and should avail themselves of the ability to disable (or enable) any specific features as they feel appropriate.

My "day one" summary for Google Chrome (as Arte Johnson used to say on Rowan & Martin's Laugh-In): "Very Interesting ... "

--Lauren--

Posted by Lauren at September 2, 2008 02:10 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein