Chrome API that monitors users’ computer activity faces criticism – update

Spread the love

A new api from Chrome 94 that monitors user activity makes it possible for developers to find out if someone is active on a computer. The API has come under criticism from a CEO of Mozilla and a WebKit developer at Apple.

Chrome 94 came out early this week and includes many new features. One of these is the idle detection API that has been experimented with since version 84. Through this api, developers of websites and web apps can be informed whether or not a user is active on the computer. In version 94 of Chrome, by default, websites ask if they “may know when you’re actively using your device.” So there is no automatic monitoring; the user must give permission per site.

The idle detection API in Chrome registers keyboard strokes, mouse movements, activation of a screensaver, locking of the computer and when working on another screen. Then that information is passed on to the developers who can respond to it.

The team itself indicates some use cases for the api. For example, chat applications or social networks could more quickly indicate when users are inactive and the software of public kiosk screens could more quickly estimate when sessions of passers-by could be closed. According to Chrome’s development team, applications that enable collaborations need more information to assess whether a user is still active. “Interaction with the tab of the own application is not enough”, it sounds.

The implementation of the API has been criticized. Tantek Çelik, a Mozilla executive who cares about web standards, states on GitHub that the api poses a threat to the privacy of internet users. “It’s very tempting for websites with capitalist motives to invade the physical privacy of their users. They can track long-term data and recognize daily rhythms so that they can act on it.” Çelik gives as an example that lunch times can be determined, which one can then respond to.

Apple’s camp is also skeptical about the api. Ryosuke Niwa, a WebKit developer at Apple, stated last year that the api can allow malicious websites to hide themselves until the user appears to be inactive. In addition, he states that a user can also interact with other devices, although he appears to be inactive via the api.

The api is automatically activated in Chrome 94. It can be turned off by typing chrome://settings/content/idleDetection in the URL search field and adjusting the setting.

Update, 5:00 PM: It was incorrectly written that the api is automatically activated in Chrome 94. That is wrong. The default behavior of the api ensures that users always have to give permissions to sites to monitor when you use the device. Thanks to Cyb.

You might also like
Exit mobile version