Google has published an important update to its User Data Policy for the Chrome Web Store. The new policy adds the following transparency requirements and data usage restrictions to the existing rules and policies:
- Handle the user data securely, including transmitting it via modern cryptography.
- In the designated field in the Chrome Web Store Developer Dashboard; and
- In the Product’s inline installation page (if applicable).
- Prominent Disclosure Requirement - If the Product handles personal or sensitive user data that is not closely related to functionality which is prominently described in the Product’s Chrome Web Store page and user interface, then prior to the collection, it must:
- Prominently disclose how the user data will be used; and
- Obtain the user’s affirmative consent for such use.
- Other Requirements - The new policy also adds various requirements and restrictions concerning specific types of personal or sensitive user data, including a new restriction, according to which, the collection and use of web browsing activity is prohibited except to the extent required for a user-facing feature described prominently in the Product’s Chrome Web Store page and in the Product’s user interface.
More information regarding the new policy is available on the following FAQ page.
Developers will have until 14 July 2016 to make any changes needed for compliance. After that date, Products that violate the policy will be removed from the Web Store and will need to become compliant in order to be reinstated.