Millions of Google Chrome Users Face Privacy Risks as AI Extensions Collect Sensitive Data Without Consent

Google’s Chrome browser isn’t exactly known for its privacy protections. Google has also been accused of leveraging its monopoly to interfere with web standards and has, understandably, fought tooth and nail to stop the use of ad blockers on its browser and across the web. “Understandably,” because Google doesn’t make money from selling its browser, it makes money through advertising.

Perversely, Chrome users may be justified in expecting Google to at least protect their private data from third parties. Google collects this data for its own purposes, so it seems reasonable to expect it to protect its spoils from others. Recent revelations have shattered even that illusion, though.

At the very end of 2024, it was revealed that at least 35 Chrome extensions—many coming from reputable developers—were compromised, potentially exposing the data of over 2.6 million users. This is a very concrete example of the risks involved in installing Chrome extensions: Chrome may well be secure (even if not private), but extensions can effectively undermine that security.

Incogni’s researchers analysed the privacy risk posed by “AI-powered” Chrome extensions, using various metrics to develop a ranking. They focused on extensions claiming some sort of connection to so-called AI partly because of the incredible boom this niche is experiencing. The “AI Chrome extension” market was valued at $1.5 billion in 2023 and is projected to reach $7.8 billion in value by 2031.

With growth like this and very few checks and balances in place, the stage is set for potential abuse. And with personal data said to be worth more than crude oil, any abuse is likely to be focused on harvesting user data. Raising awareness of the risks is a crucial first step towards reining in sectors of the market like this one.

To this end, Incogni’s researchers analyzed a subset of 238 so-called AI Chrome extensions to estimate the privacy risk associated with each one. To do this, they employed five key metrics: the data collected by these extensions, the permissions required, the sensitive permissions required, the “risk impact,” and the “risk likelihood.”

---

Also read:
• How Long Will Big Tech Companies Take to Pay Off Billions in Fines?
• Your Old Device Is A Goldmine: 26% of Americans Skip Wiping Data Before Recycling

Information concerning the data collected by these extensions is based on self-reporting by the extensions’ publishers, so it’s safe to assume that these numbers may even be higher in reality. Collected data points fell into one of nine categories: personally identifiable information (PII), financial and payment information, authentication information, personal communications, location data, web history, user activity, website content, and health information.

Permissions required included only those permissions that the extensions requested at the time of installation, they can always request additional permissions during updates. So, again, these numbers represent the minimum number of permissions that these extensions can require. Permissions fell into one of two categories: sensitive permissions and non-sensitive permissions. It’s the sensitive ones that represent the greater risk, so they were weighted more heavily in determining the rankings.

The numbers of data points collected were also weighed more heavily in Incogni’s calculations: they and the numbers of sensitive permissions required were multiplied by a factor of 2 to reflect the outsized privacy threats they represent.

The “risk impact” and “risk likelihood” metrics were taken from Chrome-Stats. Risk impact speaks to the damage an extension could do if it was turned against its users, whether by the current owner, a new owner or a malicious third party. It’s based on the number of permissions required. Risk likelihood is an attempt at quantifying the probability that an extension turns malicious. It’s based on an analysis of each extension’s and publisher’s reputation on Google’s Chrome Web Store.

So an extension with a high risk impact and low risk likelihood could do a lot of damage—for example by exposing a lot of personal information—but isn’t likely to do so, given its publisher’s reputation on the Chrome Web Store. But as the recent Chrome-extension hacks have shown, even a legitimate, reputable extension publisher can have its extension compromised.

Image: Incogni

Looking at Incogni’s ranking of just the most popular extensions (those with user bases of at least 2 million people each), we can see the outsize effect that data collected and sensitive permissions have on privacy risk.

The most and third-most privacy-invasive popular “AI-powered” Chrome extensions in Incogni’s study—“DeepL: AI translator and writing assistant” and “Sider: ChatGPT Sidebar + GPT-4o, Claude 3.5, Gemini 1.5 & AI Tools”—each required four sensitive permissions. “DeepL: AI translator and writing assistant” required, among others, the scripting and webRequest permissions, potentially allowing the extension to inject code into websites and intercept, block, and modify requests in flight. “Sider: ChatGPT Sidebar + GPT-4o, Claude 3.5, Gemini 1.5 & AI Tools” (yes, that’s all one name) required, among others, the sensitive all_urls permission, which can allow this extension to run on all pages the user’s browser opens.

The second-most privacy-invasive popular extension, “AI Grammar Checker & Paraphraser – LanguageTool,” collects 5 data points and requires two sensitive permissions: scripting and activeTab. The activeTab permission grants extensions temporary access to the currently active browser tab.

Head of Incogni, Darius Belejevas, had this to say:

Our web browsers have become like mini operating systems in and of themselves—there’s so much we do in our browsers, whether on websites or through web apps, that they’ve become both critical and invisible to us at the same time. Browsers vary a lot in how well they respect users’ privacy, but all the major browsers are reasonably secure when it comes to protecting user data from third parties. That is, until users start effectively bypassing security measures by installing add-ons or extensions that require excessive or risky permissions.

Adding:

Our latest research shows how even a secure browser like Chrome can expose users’ personal information to third parties if special care isn’t taken when installing extensions. AI extensions might be particularly risky simply because they’re so popular right now, and most are new-to-market, making assessing their trustworthiness more difficult. There’s also the sad fact that even the most trustworthy extensions can be compromised by bad actors.

Incogni’s full analysis (including public dataset) can be found here.

Read next:

• Navigating the Future: How Small Businesses Are Investing in Technology for Growth

• Projected Growth in Tech Sectors: Blockchain And AI Drive Massive Expansion Through 2030

• Is Your Diet Speeding Up Aging? The Must-Know Vitamins for a Healthier Life

by Irfan Ahmad via Digital Information World

Navigating the Future: How Small Businesses Are Investing in Technology for Growth

By: Chris Shank, Vice President, Verizon Business. Edited by Web Desk

Small businesses have historically been cautious about technology investments, often sticking to familiar, essential areas to stay within budget. However, recent years have brought dramatic change. To keep up with shifting customer preferences, supply chain challenges, and a rapidly evolving marketplace, small businesses (SMBs) are increasingly moving online. This digital transformation has required a new level of technology investment, helping SMBs remain competitive and meet customers where they are. Over the past year, the necessity for this shift has only become more urgent.

Strengthening small business growth through digital transformation

As small businesses embrace digital operations, technology investment is on the rise across industries. According to Verizon Business’ 2024 State of Small Business Survey, SMB technology spending has surged, with 38% of businesses adding online and digital functions just in the past year. A key factor in this shift has been the improvement of internet infrastructure, with 66% of small businesses upgrading their bandwidth—demonstrating that reliable, high-speed internet is essential for any online operation.

With stronger internet capabilities, SMBs are ramping up their online presence to better engage today's digital consumers, particularly through social media. A large majority (84%) of small businesses use Facebook to promote products and connect with customers. Beyond Facebook, businesses are diversifying their digital marketing strategies, leveraging platforms like Instagram (67%), LinkedIn (64%), YouTube (64%), TikTok (57%), and X (54%) to broaden their reach. For over half (54%) of SMBs, social media marketing remains a top customer engagement strategy.

In fact, social media has evolved beyond a promotional tool into a direct sales channel. Thirty-nine percent of small businesses have set up social media storefronts—a notable 8% increase from the previous year. These storefronts enable businesses to meet customers where they want to shop, directly on social platforms, streamlining the purchase process. By allowing consumers to shop directly from these platforms, businesses remove a barrier to entry, making it easier for customers to make purchases without navigating away from their social feeds.

Despite the benefits, many small businesses are still navigating the complexities of social media marketing. In fact, 76% of SMBs say that free social media marketing courses would be the most beneficial resource for their business, underscoring the need for practical guidance as they evolve their digital strategies.

Small businesses accelerate AI adoption to drive growth

While small businesses have traditionally been slow to adopt artificial intelligence (AI) due to concerns about the risks of emerging technologies—such as the potential for AI to open them up to cyberattacks—this trend is shifting. AI adoption among SMBs surged over the past year, with 39% of small businesses reporting they use AI in 2024, compared to just 14% the previous year.

The increase in AI usage is driven by greater accessibility and a growing understanding of the technology's business applications. However, security concerns persist. While small business owners are recognizing AI’s benefits, they remain cautious about its potential risks. Despite these worries, there is little evidence suggesting AI itself poses a major security threat.

For instance, the 2024 Data Breach Investigations Report (DBIR) found no observed incidents linked to generative AI within its dataset, which reflects the prior year’s findings. Although generative AI has vulnerabilities and is often leveraged by threat actors to amplify cyberattacks—such as enhancing phishing campaigns or pretexting efforts—it has not yet emerged as a prominent factor in documented incidents. This underscores a key point: while concerns about the security risks of generative AI are valid, the tangible threats remain more nuanced and, as of now, less prevalent than widely perceived.

Despite these concerns, the benefits of AI for small businesses are significant. Nearly a quarter (24%) of small business owners use AI to combat cyberattacks, and 42% are considering it for cybersecurity purposes. Beyond security, AI is helping businesses save valuable time. Two-thirds (67%) of small businesses report that AI enables them to focus on their core business by automating time-consuming tasks—a 22-point increase from last year.

AI is proving particularly useful in marketing and social media. Nearly a third (30%) of small businesses use AI to enhance their marketing strategies, a 16-point increase from the previous year. With 42% of businesses considering AI for social media and marketing, this trend is likely to continue growing.

Why the technology investment uptick now?

Over the past five years, the shift to online shopping and cloud-based operations has been significant. While there has been a slight return to in-person experiences recently, the overall digital landscape remains stronger than ever. So, why did technology investment and AI adoption among SMBs see such a pronounced uptick this year?

One answer lies in the economy. Although inflation (83%) and concerns about the U.S. economy (84%) weigh heavily on small businesses, many remain optimistic about their future. In fact, 59% of SMBs believe the overall state of their business will improve in the next year. This cautious optimism could be driving the surge in technology investments—businesses are confident enough to invest but feel the need to adapt to an evolving landscape to stay competitive.

For small businesses, investing in technology is a smart move. Upgrading internet bandwidth can streamline operations, while AI can boost efficiency. Unlike larger companies, SMBs have the advantage of agility and can quickly integrate new technologies. Leveraging this flexibility will help them not only weather economic challenges but also position themselves to capitalize on emerging opportunities.

Image: DIW-Aigen
by Unknown via Digital Information World

Projected Growth in Tech Sectors: Blockchain And AI Drive Massive Expansion Through 2030

Data by AltIndex (based on Statista Market Insights and Fortune Business Insights) suggests that the AI market is going to grow up to 350% by 2030 which is about 2.5 times more than cloud computing and six times more than the robotics sector. Artificial intelligence has become a crucial part of many tech innovations in the past two years and it has been helping in the growth of many industries. Analysts are also expecting a lot of AI growth in 2025, followed by growth of cloud computing and robotics. These three markets are going to be crucial in shaping the market in the upcoming years, but AI is going to see far more growth than the other two sectors.

AI has grown a lot in the past five years, with its market value reaching $240 billion with 370 million users worldwide. Nvidia is the largest contributor for AI which has resulted in a growth in users, revenue and investments. IEEE’s survey called Impact of Technology in 2025 which was taken among 350 CIOs, IT Directors and CTOs of large companies and 58% of them said that AI is going to become the most important technology in 2025. 26% named cloud computing as the most important technology 24% named robotics the most important technology in 2025.

Statista Market Insights survey also says that AI is going to grow 350% by 2030 and will have a revenue of $826 billion by the end of this decade. On the other hand, there will be a 133% growth in cloud computing while 58% growth will be seen in the robotics sector by 2030. Semiconductors are set to grow 60%, IT devices will grow 14%, and IT devices and software will see 32% and 27% growth by 2030 respectively. All of the growth in all these tech sectors is going to be way slower than AI growth.

The only sector which is giving tough competition to AI is blockchain/Web 3, which is expected to grow 2870% by 2030 with revenue reaching $825 billion. AI is also going to have a major effect on GDP growth and global economy, with 9.5% growth expected in the next five years. In the best case scenario, AI can contribute to 11.41% global GDP while in the worst scenario, it can still boost 8.81% GDP growth.

Projected Growth Across Key Tech Sectors (2024–2030)	Percentage
Blockchain/Web 3	2870%
AI	350%
Public cloud	133%
IoT	64%
Semiconductors	61%
Robotics	58%
Data centers	50%
Cybersecurity	46%
IT services	32%
Software	27%
IT Devices	14%

Read next: Which Cryptocurrencies Are Americans Most Likely to Invest in for 2025?
by Arooj Ahmed via Digital Information World

Elon Musk’s X Launches Digital Wallet and Peer-To-Peer Payments by Visa

Elon Musk’s goal of transforming X into a financial platform is finally becoming a reality.

X just launched its own digital wallet with peer-to-peer Visa services. The company struck the mega-deal with the biggest credit card network across America yesterday. Now, it is Visa’s first X Money account partner.

The great news was shared by CEO Linda Yaccarino through a post published on X where she provided more details about the breakthrough deal. This means X users can transfer funds from bank accounts and the app’s digital wallet. They can even take part in fast peer-to-peer payments through either Venmo or Zelle.

This is the first concrete move from the app to design a fabulous financial ecosystem. Musk has been working hard to bring this vision to life for a while now but was awaiting clearances which was a struggle. But it seems like the tide is finally turning in his favor of X being an ‘everything’ platform.

Musk also shared previously how he wanted more and more users to use X as their reliable financial world. We do remember that a while back, Twitter tried to roll out a feature for tips through Bitcoin. Users had the option to include crypto wallet addresses and get payments across the world’s biggest digital token. To actually get the status of transforming into a money service company needed far greater navigation as the landscape was more complex.

This is why Musk tried and failed several times to attain licensees for operations in the US. today, it’s licensed across 41 different American states and even registered with FinCEN.

The company is said to roll out in the first quarter and deals with various financial partners were on the horizon as per one person having knowledge about this situation. One leading use of this option is to give creators on websites the chance to accept payments and store money without any external firm being included.

Towards the end of 2022, Musk shared how the app’s advertisers could soon witness this brilliant feature of upcoming payments. It could offer some great banking offerings like a financial account having a high yield. Now, it seems that goal is a reality.

Image: DIW-AIgen

Read next: Meta in Panic Mode? DeepSeek’s AI Breakthrough Sends Shockwaves Through Silicon Valley
by Dr. Hura Anwar via Digital Information World

Meta in Panic Mode? DeepSeek’s AI Breakthrough Sends Shockwaves Through Silicon Valley

Meta has set up four internal teams to figure out how DeepSeek, a small Chinese AI startup, managed to roll out an AI assistant that’s already being called game-changing and impressive. DeepSeek’s latest chatbot model, R1, is said to be on par with top tier AI models like ChatGPT but at a fraction of the cost. The newest large language model on the block not only optimized compute usage but also open sourced the model which makes the competition in the AI space even more intense.

Industry insiders think Meta’s Llama models might have been the inspiration for DeepSeek. Given Llama is open sourced and so widely used, it’s possible some of the design elements were borrowed. But the performance and cost efficiency of the new Chinese model has Meta surprised.

According to insider reports, Meta’s AI infrastructure director, Mathew Oldham, has expressed concerns internally that DeepSeek’s model might even surpass the forthcoming iteration of Llama AI. This has put Meta in a race to close the gap before its own next-generation system arrives, which CEO Mark Zuckerberg previously hinted could launch in early 2025.

Inside Meta’s Response Strategy

Among the four specialized teams Meta has deployed, two are focused on deciphering how High-Flyer Capital Management - the hedge fund backing DeepSeek - managed to drastically cut training and operational costs for the model. The objective is to identify cost-reduction strategies that could be integrated into Meta’s AI projects.

A third team is examining the dataset DeepSeek used to train its model, aiming to understand whether unique data sources contributed to its efficiency. Meanwhile, the fourth group is assessing potential structural improvements for Llama based on DeepSeek’s architecture.

• Also read: Meta's Cross-Platform AI Memory Feature Rolls Out, But Privacy Fears May Hinder Adoption

Despite the competitive challenge, Zuckerberg has not publicly addressed DeepSeek’s rapid emergence. However, in a recent Facebook update, he reaffirmed that Meta’s upcoming Llama iteration would set a new industry benchmark upon release. He also disclosed plans to allocate $65 billion toward AI advancements in 2025, underscoring the company’s commitment to staying ahead in the generative AI race.

Meta’s Leadership Reacts

Yann LeCun, Meta’s chief AI scientist, addressed concerns on LinkedIn, maintaining a composed stance. He argued that DeepSeek’s advancements should not be viewed as a sign of China surpassing the U.S. in AI but rather as a testament to the power of open-source models outperforming proprietary alternatives.

He emphasized that DeepSeek built upon existing open research, demonstrating the collaborative strength of open-source innovation. In his view, the ability of researchers worldwide to iterate on shared knowledge benefits the broader AI ecosystem.

With the AI landscape evolving rapidly, Meta now finds itself in an urgent race - not just to understand DeepSeek’s breakthrough but to ensure its own future models remain competitive in a space where cost efficiency and open-source strategies are increasingly shaping industry leadership.

Image: DIW-Aigen

Read next: 

• Is YouTube’s Ad Moderation Failing to Protect Children from Inappropriate Content?

• Which Cryptocurrencies Are Americans Most Likely to Invest in for 2025?

• Mobile App Usage Surpasses 4.2 Trillion Hours in 2024, Revenue Growth Continues

by Asim BN via Digital Information World

Mobile App Usage Surpasses 4.2 Trillion Hours in 2024, Revenue Growth Continues

Sensor Tower’s annual 2025 State of Mobile report is here and it talks about the latest trends on mobile, highlighting that the mobile market is stronger than ever. According to the report, Google Play and App Store’s revenue for in-app purchases reached $150 billion which is a 13% YoY increase. There were 136 billion downloads made on Google Play and iOS YoY and the downloads have been between 135-140 billion since 2020. New smartphone users are slowing down but this doesn't mean that people are spending less time on their phones because consumers spent 4.2 trillion hours on different apps from Google Play and iOS, which makes 3.5 hours per day. The growth in total hours spent declined a bit from 7.7% YoY in 2023 to 5.8% YoY in 2024.

Downloads and time spent decreased in established markets but it didn't affect revenue growth. The revenue from in-app purchases on Google Play and iOS increased 13% YoY in 2024 and reached $150 billion and it was mostly due to non-gaming apps. There was a 4% YoY growth in gaming apps and 23% YoY growth in non-gaming apps. The market leading in IAP revenue in 2024 was US ($52 billion), with a 16% YoY increase. Europe saw a 24% YoY revenue growth in 2024. The in-app purchase revenue for mobile games grew 4% YoY to $81 billion in 2024 after seeing two years of decline. However, downloads declined 6% YoY to 49.6 billion.

AI apps are also doing good on Google Play and iOS and are already a billion dollar industry. AI Art generator and AI chatbot got $1.3 billion from in-app purchases with the US being 45% of the market for generative AI apps in terms of revenue, followed by 4% of the UK, 4% of Germany and 3% of Japan. More than 100 apps have added AI related terms to their apps names or tags which shows that AI technology has grown a lot and is expected to grow more in 2025.

Some other things that the report talks about is cryptocurrency apps are gaining transactions again after 2021 while social media apps are also seeing a quick growth in their revenue in 2024. Many of the apps on Google Play and iOS are also connecting mobile to in-person experiences like grocery store, outdoor health and restaurant apps.

Read next: Social Media’s 'News-Finds-Me' Mentality Fuels Misinformation Sharing
by Arooj Ahmed via Digital Information World

UK Cracks Down on Smugglers, Removes 8,000 Social Media Accounts Promoting Illegal Migration Services

The UK's National Crime Agency (NCA) has intensified efforts to disrupt people-smuggling networks operating on platforms like Meta, X, TikTok, and YouTube. By working closely with these companies, it achieved a 40% rise in account removals last year, taking down over 8,000 accounts promoting illegal migration services. This brings the three-year total to more than 16,500 takedowns.

Illegal posts included false claims of swift boat crossings to the UK, rewards for referring migrants, and sales of fake IDs. Smugglers also used these platforms to lure migrants with promises of transport across Europe, later switching to encrypted apps to avoid detection.

A robust social media action plan introduced in late 2021 has helped the NCA investigate and prosecute offenders. Preston-based Amanj Hasan Zada received a 17-year sentence in 2024 for sharing videos of smuggling success stories. Two others, Dilshad Shamo and Ali Khdir, were found guilty of advertising smuggling services and await sentencing.

The agency is ramping up resources to disrupt these networks, collaborating with platforms to identify and remove harmful content. Tough new UK laws, announced this month, include travel bans, social media restrictions, and phone-use limitations to tackle human smuggling.

In the US, Mexican cartels exploit social media for similar purposes. Cartel del Noreste (CDN) uses Facebook to recruit and coordinate operations, combining smuggling with violent criminal activities. Two high-ranking members were sentenced last year for their roles in leveraging social media to expand their network and evade authorities.

Image: NationalCrimeAgency / UK

Read next: Is DeepSeek the AI That Will Topple Google and OpenAI? Here's What You Need to Know
by Asim BN via Digital Information World