A viral tweet and a report on the popular Coder Radio podcast has triggered widespread concern about a non-removable Google Hangouts extension in Google Chrome. This extension, suspected of spying on users by accessing their system’s CPU, GPU, and RAM usage stats without their consent, has raised significant privacy and legal questions. This blog post summarizes the key points of this controversy and offers alternatives for users who prioritize their privacy.
Unveiling the Privacy Concerns
The Hangouts Extension Privacy Dilemma
The extension in question is associated with the now-discontinued Google Hangouts service but remains embedded in Google Chrome. What makes this situation troubling is that the extension cannot be disabled or even seen in the extensions panel, making it nearly invisible to users.
Data Access and User Consent
Further exacerbating privacy concerns is the extension’s use of the system.CPU API. This API allows the extension to fingerprint the device’s CPU and collect real-time statistics about CPU, GPU, and RAM usage. Unlike other extensions that request user permissions to access such data, this one does not.
Exclusive Communication with Google Servers
The extension exclusively connects to google.com domains over HTTPS. While this indicates that it only communicates with Google servers, it does little to allay fears that user data might be collected without consent.
Legal Implications Under the EU’s Digital Markets Act (DMA)
The EU’s Digital Markets Act (DMA) seeks to promote user freedoms and prevent platform lock-in. By allowing Google Meet to access system statistics through this extension, Google could potentially be violating these rules. Such exclusive access gives Google Meet an unfair advantage over competitors like Zoom and Skype, which do not have the same level of system data access.
Impact on User Experience and Browser Performance
Beyond the significant Hangouts extension privacy concerns, this extension may also add unnecessary bloat to Google Chrome, affecting its performance. Users might call for its removal to improve browser efficiency or to ensure compliance with privacy regulations.
The Techie Bit
At issue is hangout_services which you can view the sourcecode of at: https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/resources/hangout_services/
Exploring Alternative Browsers for Enhanced Privacy
Chromium-Based Alternatives
For those who prefer to stick with Chromium-based browsers but want better control over extensions, options like Ungoogled Chromium and Brave offer the ability to disable the Hangouts extension by default.
Non-Chromium Browsers
For a more privacy-focused experience, users can switch to non-Chromium browsers like Firefox and its forks, which do not include the Hangouts extension at all.
Meet and Hangouts Extension Privacy Issues
The controversy surrounding the Google Hangouts extension in Chrome highlights significant privacy and legal concerns. Embedded by default and non-removable, the extension’s ability to access system resources without user consent is troubling. While Google maintains that the extension is not spyware, its presence raises questions about user control and data privacy.
Users concerned about their privacy should consider switching to alternative browsers that offer better control over extensions and prioritize user consent. By staying informed and choosing privacy-respecting tools, users can navigate the digital landscape more securely.
In summary, this blog aims to inform readers about the ongoing controversy and guide them towards making more privacy-conscious decisions when it comes to their browser choices.