Google’s Chrome 69 hides a disturbing twist: if you log into Gmail or another Google service, Chrome seems to automatically log you into the browser as well. Theoretically, that means that you will automatically begin sharing data with Google, like it or not.
The confusion comes from a new way in which Google shows your “logged in” status. Previously, if you were signed in to Chrome, an icon would appear in the upper right-hand corner, indicating that you were signed in and sharing data. The same icon now appears if you’re logged into a Google service like Google.com or Gmail, but not necessarily to Chrome.
What does all this mean? Most people associate signing in to your Google account with signing into the Chrome browser, but that’s not always the case.
Signing into Chrome can be done at any time, but typically occurs during the Chrome setup process. After you install the Chrome browser, Google typically asks you to sign in with your Google account. Doing so allows you to enjoy benefits like sharing a browser history across multiple logged-in devices, but others refuse to do so to maintain a sense of privacy. Those users received a rude surprise with Google 69, which also includes a new password manager to make it even stickier.
Google: it’s all a big misunderstanding
In a Twitter thread posted by Adrienne Porter Felt, the manager of Google Chrome, Felt said that even through the icon visually tells you that you’re signed in, it does “NOT mean that Chrome is automatically sending your browsing history to your Google account!” she wrote.
“My teammates made this change to prevent surprises in a shared device scenario,” Felt added. “In the past, people would sometimes sign out of the content area and think that meant they were no longer signed into Chrome, which could cause problems on a shared device.”
According to Felt, signing in to sync requires an additional step, which then uploads your browsing history to Google devices. Signing into a Google service, by itself, does not do that, she added.
How to prevent Gmail from logging you into Chrome
If all of this is too confusing and you want to block the connection between logging in on Google’s Web services and the Chrome browser, you can, via an option called “account consistency”. (Thanks to BleepingComputer.com for this.)
Here’s the three-step solution to solving the problem:
- Open Chrome
- Type chrome://flags/#account-consistency in the address bar and press enter.
- When the “Identity consistency between browser and cookie jar” flag is displayed, set it to Disabled.
According to BleepingComputer, this prevents the Chrome browser from managing the login process to Google services, theoretically separating the two.
What this means: Google has taken plenty of heat for slurping up user data and using it to generate personalized ads—a practice employed by many other companies, including Microsoft. But even if this isn’t a case of Google logging you in to Chrome without your consent, for the purpose of grabbing your data, it certainly looked that way. The problem is that it’s difficult to extricate yourself from Google’s services, including search, Gmail, and the like. If you do, consider something a third-party browser like Firefox Quantum, connecting to DuckDuckGo for search, and configuring the browser for maximum privacy.