[qcontinuum1]

15 years ago was probably this type of business in its very early stage. There is little that can be done about "selling" extensions. Chrome Web Store should have tighter checks and scans to minimize this type of data exfiltration.

[netsharc]

It's a moronic industry, waiting for the catastrophic data-theft disaster to happen before they do anything... Google is doing it, Apple did it, Zuck did it (the only hindrance Cambridge Analytica had to go over seemed to be the apps developer agreement that devs had to click to promise you won't do anything bad with the personal information of all those Facebook users...).

Which is all the more incredible, considering Blackberry (the phone company that was big before the age of iPhones or YouTube) had a permission model that allowed users to deny 3rd-party apps access to contacts, calendar, etc, etc. The app would get a PermissionDeniedException if it can't access something. I remember the Google Maps app for Blackberry, which solution to that was "Please give this app all permissions or you can't use it"...