They made that a toggle in the standard privacy settings, including in Chrome:
Allow Chromium sign-in
By turning this off, you can sign in to Google sites such as Gmail, without signing in to Chromium
It started out with only a hidden flag for developers in chrome://flags.
Conversation
I think it was fixed ~18 weeks later in the next release, or maybe it was 36 weeks if it took 2 releases. I wouldn't necessarily say it's fixed, since all they changed is exposing a user-facing setting. I think it still defaults to tying Google login to the browser profile.
1
1
It used to be that signing into Google vs. signing into Chrome (or Chromium) was completely separate. The main (only?) feature offered by signing into the browser is the option to enable sync and toggle which forms of data / settings get synced across browsers via the account.
2
1
There was also a separate ToS if you signed into Chrome, which effectively gave them permission to perform arbitrary surveillance on your browser usage.
1
1
It makes sense that they'd need to add that to the terms of service, since when fully enabled sync sends them the local browser data/settings and it's the reason to sign in. There's a barely known E2E encryption option though ('Keep your info private'):
support.google.com/chrome/answer/
1
1
The main difference is that it used to ask you to sign in to enable sync and now when that setting is enabled and it signs in automatically, it will instead ask to enable sync. What they actually did it making it easier to advertise / push the sync feature by lowering friction.
2
1
I'm sure the terms of service was still meant to correspond to enabling sync, and they just failed at keeping the documentation and terms of service up to date with the actual implementation. Chromium developers seemingly just did it on their own without considering those things.
1
1
Yes, it probably wasn't *meant* to be evil, but it was done with complete disregard for consent and privacy.
1
1
I think the legal team that wrote the terms of use didn't fully understand how it works in Chromium even before this change, since you could always sign in but disable the sync feature, even though signing in exists almost entirely to implement sync and was worded based on it.
1
2
The way it's worded is "Sign in to Chrome - Sign in to get your bookmarks, history, passwords, and other settings on all of your devices" and then it leads to a consent page explaining Chrome Sync and that they'll use the data to personalize services (if you don't opt out of it).
If you actually explicitly sign into it, sync is enabled automatically by default, since it's the actual reason to sign in to it. When they added the automatic sign in, it didn't enable sync for the automatic sign in, but rather shows a prominent option encouraging enabling sync.
1
Still, they always let people sign into it and then disable sync. It makes sense that they would have said signing into it grants consent since it was how the previous workflow works, but it isn't quite right, since disabling sync is taking away consent, without signing out.
1
Show replies