I wrote a Chrome extension[1] that reads no data but places a colored translucent div over the page. It requires that same "change all your data" permission.
My takeaway lesson is that the permissions model for extensions is confusing and nearly useless.
I also have a Chrome extension that needs access to page content on all pages, for the purpose of making text easier to read.
I could see distinguishing between extensions that in any way exfiltrate data from the pages you view, versus extensions that process the DOM and do something locally, but never send the data anywhere.
This requires a bit closer vetting than Google currently does, I think. To demonstrate that all processing happens locally, we encourage our users to load various websites with our extension toggled off, then go into airplane mode, and then turn our extension on. This doesn't strictly guarantee that we're not separately exfiltrating data (we aren't), but it does prove that our core process happens locally.
Yeah, it could make sense for them to structure their extension framework so that developers could work with website data in a sandbox, if their use case allows for it. That would enable developers who don't need to send data to a server for processing to prove that the data never leaves the user's machine.
I can see how many applications might want to read the page, but in my case it's not necessary. My extension tries to add a <div> under the <body> element, regardless of what's going on in the page. If there's no <body>, my extension stops working but the browser keeps going.
In short, if there were separate "read" and "write" permissions, I would only need "write". For privacy-concerned people, that's a very important distinction.