Manifest V3, Google Chrome’s soon-to-be definitive basket of changes to the world of web browser extensions, has been framed by its authors as “a step in the direction of privacy, security, and performance.” But we think these changes are a raw deal for users.  We’ve said that since Manifest V3 was announced, and continue to say so as its implementation is now imminent. Like FLoC and Privacy Sandbox before it, Manifest V3 is another example of the inherent conflict of interest that comes from Google controlling both the dominant web browser and one of the largest internet advertising networks.

Manifest V3, or Mv3 for short, is outright harmful to privacy efforts. It will restrict the capabilities of web extensions—especially those that are designed to monitor, modify, and compute alongside the conversation your browser has with the websites you visit. Under the new specifications, extensions like these– like some privacy-protective tracker blockers– will have greatly reduced capabilities. Google’s efforts to limit that access is concerning, especially considering that Google has trackers installed on 75% of the top one million websites.

It’s also doubtful Mv3 will do much for security. Firefox maintains the largest extension market that’s not based on Chrome, and the company has said it will adopt Mv3 in the interest of cross-browser compatibility. Yet, at the 2020 AdBlocker Dev Summit, Firefox’s Add-On Operations Manager said about the extensions security review process: “For malicious add-ons, we feel that for Firefox it has been at a manageable level....since the add-ons are mostly interested in grabbing bad data, they can still do that with the current webRequest API that is not blocking.” In plain English, this means that when a malicious extension sneaks through the security review process, it is usually interested in simply observing the conversation between your browser and whatever websites you visit. The malicious activity happens elsewhere, after the data has already been read. A more thorough review process could improve security, but Chrome hasn’t said they’ll do that. Instead, their solution is to restrict capabilities for all extensions.

As for Chrome’s other justification for Mv3– performance– a 2020 study by researchers at Princeton and the University of Chicago revealed that privacy extensions, the very ones that will be hindered by Mv3, actually improve browser performance.

The development specifications of web browser extensions may seem in the weeds, but the broader implications should matter to all internet citizens: it’s another step towards Google defining how we get to live online. Considering that Google has been the world’s largest advertising company for years now, these new limitations are paternalistic and downright creepy.

But don’t just take our words for it. Here are some thoughts from technologists, privacy advocates, and extension developers who share our concern over Manifest V3:

"A web browser is supposed to act on behalf of the user and respect the user's interests. Unfortunately, Chrome now has a track record as a Google agent, not a user agent. It is the only major web browser that lacks meaningful privacy protections by default, shoves users toward linking activity with a Google Account, and implements invasive new advertising capabilities. Google's latest changes will break Chrome privacy extensions, despite academic research demonstrating that no change is necessary. These user-hostile decisions are all directly attributable to Google's surveillance business model and enabled by its dominance of the desktop browser market."

  • Jonathan Mayer, Princeton University

“Manifest V3 positions Chrome as the all-powerful arbiter of what software lives and what dies, shattering the ideal of a diverse array of extensions serving the legitimate preferences and values of equally diverse users. In 2017, when Google banned AdNauseam from the Chrome store, it summarily cut off tens of thousands of users from data they had accumulated, and deprived them of a free and open-source extension to counter online profiling and manipulation. In hindsight, AdNauseam was the canary in the coal mine, as Mv3 is now poised to cut off users from a range of invaluable privacy tools (including ad blockers) that thousands if not millions rely on. A browser that plays favorites to advance its owners’ interests effectively chokes out innovative, independent developers, while shrinking the options for individuals to shape their online experiences.”

  • Helen Nissenbaum and Daniel Howe (creators of AdNauseam and TrackMeNot)

“Manifest V3 is a detrimental step back for internet privacy.”

Manifest V3 is an opinionated specification; it enforces limitations to improve user experience. That looks good on paper, but the reality is quite different. We at Ghostery believe that Google's Manifest V3 harms privacy protecting extensions.

Instead of requiring service workers and removing blocking webRequest, Google should make service workers and declarativeNetRequest optional, providing solutions fit for different use cases. Ultimately, this is about user choice and innovation.

Instead of having to reinvent the wheel, we at Ghostery would like to focus on finding new ways to prevent tracking. This is after all what browser extensions are and should be, a playing field for innovation and the express lane for browser enhancement.

  • Krzysztof Modras, director of engineering and product at Ghostery

“Nearly all browser extensions as you know them today will be affected in some way: the more lucky ones will ‘only’ experience problems, some will get crippled, and some will literally cease to exist.”

  • Andrey Meshkov, AdGuard company blog

Of all the browser extension API revolutions I've seen in 16 years of NoScript development, Manifest V3 is the worst offender by a long shot: a huge step backwards, and a poorly justified one. Manifest V3 shrinks extension capabilities and Web users' freedom to customize their browsing experience.

While there are many reasons to doubt the claimed privacy improvements and the theoretical performance gains, the disruption for existing extensions is painfully real: non-trivial extensions will need to be rewritten, in cases forced to abandon fundamental features.

But even worse is the severe crunch on browser extensions developers' ability to innovate, and, in the case of privacy and security extensions, to respond to emerging threats promptly and creatively. The net loss is huge, for developers but most importantly for web users' online safety and freedom of choice.

“For SingleFile, I consider the migration to Manifest V3 to be a major regression from a functional and technical point of view. It also undermines some of the work done. Unfortunately, it doesn't bring any gains in return for the users. It is the very example of the collateral damage the Manifest V3 can cause.”


More Information

Related Issues