[unknownaccount]

>with no user activation or notification

What? By choosing to install the extension you are activating it.

[wnevets]

Do you also apply this logic to all other forms of hardware and software? For example TVs that spy on what you're watching.

[unknownaccount]

When I install any piece of software I assume it could do anything and everything on the system.

[madeofpalk]

I don't think most people operate under this assumption, or do not reckon with this.

[xg15]

We all do. A native app you install on a phone or desktop can do all sorts of things.

[PeterisP]

A native app you install on a phone has a strictly limited sandbox and a permission model, and if it can silently read all clipboard without user interaction, that would be a bug that needs fixing.

[xg15]

A native app on Android can install OS hooks for all sorts of things (such as, "you connected to a WIFI network", "you took a photo", etc) and thereby can silently react to events while it is not even running.

This is intended and requires the appropriate permissions to be given. In the same way, I don't see the problem with an extension monitoring the clipboard as long as the user has to give explicit permission for it.