Google is under attack to automatically sign in to Chrome when users sign in to a Google service. According to Google, there are no privacy implications, because synchronization is independent of logging in.
Google automatically logs in users who have logged in to one of its services to Chrome from version 69. The change was not publicized, although Hackernews the first complaints appeared. Cryptography expert Matthew Green now lists what the problems are with the introduction of automatic log-in.
The way users can detect the change is via the profile image in the top-right corner of the browser. According to Green, Google can not provide an adequate explanation for the introduction of auto-login. A Google developer tells him that the feature should solve a problem where person A logs in to Chrome, while person B wants to synchronize his data, but then uploading his cookies to the account of person A. According to Green, this reason does not make sense, since this is an issue related to a person who is logged in to Chrome, while the “solution” affects users who choose not to log in.
Google developers further state that sync is turned off by default and must be explicitly enabled . Green argues that this is unclear to users, partly because of the interface, and that they now have to worry about it, while this was not the case at first. Moreover, it is unclear whether data from before logging in are synchronized after activation of this and what implications logging in continues.