The List of the Most Invasive AI-Using Browser Extensions, Compiled Based on This Research, Includes Several Extensions You Probably Use.

Posted on by

Browser extensions, even from trusted sources, are not without privacy and security risks. I’ve written about add-ons that manage to bypass official app store security measures , and even about some that “wake up” as malware after years of normal operation . So it’s no surprise that numerous AI-powered browser extensions—installed by tens of millions of users—can also violate your privacy.

Researchers from the data removal service Incogni examined browser extensions available in the Chrome Web Store that contained the word “AI” in their name or description and utilized AI as part of their core functionality. After analyzing the collected data and required permissions, they assessed both the likelihood of malicious use of the extensions and their potential damage if hacked.

AI-powered browser extensions collect extensive user data.

Incogni found that website content, such as text, images, sounds, videos, and hyperlinks, is the most frequently collected data type (nearly a third of AI-powered extensions). More than 29% of the extensions studied collect user personal data—for example, name, address, email, age, and identification number. Other forms of collected data include user activity, authentication information, personal correspondence, location, financial and payment information, website browsing history, and health information.

You may also like

The most invasive extensions are those for programming and math tools (such as Classology AI and StudyX), followed by meeting assistants and audio transcription software. Writing and personal assistants also pose privacy risks—and many of them are among the most downloaded AI-powered extensions on Chrome.

How popular are AI-enabled privacy-enhancing Chrome extensions?

Incogni also assigned the most downloaded AI-powered extensions “privacy invasion” scores, taking into account both the amount of data collected and the required general and privacy permissions:

What do you think at the moment?

  1. Grammarly: A grammar checker and writing app powered by AI (shared first place)

  2. Quillbot: AI-powered text and grammar checker (shared first place)

  3. Side: Communication with all AI (3rd place)

  4. AI-powered grammar checker and paraphrasing app LanguageTool (shared 3rd place)

  5. Google Translate (tied for 4th place)

  6. WPS PDF – Read, edit, fill, convert, and chat with AI to work with PDFs with ease (shared 4th place)

  7. Monica: AI-powered Universal Assistant (shared 4th place)

  8. Google’s AI Chat (tied for 4th place)

  9. Immersive Translate — Web and PDF Translation

  10. Search in ChatGPT

Grammarly and Quillbot were found to collect personal data and website content, as well as location data such as region, IP address, and GPS coordinates. Grammarly also collects user activity by monitoring network activity, clicks, mouse position and scrolling, and keystroke logging. Although both programs require sensitive permissions—for example, the ability to inject code into websites and access active browser tabs—the risk of their use for malicious purposes is relatively low.

How to protect your personal information

AI-powered browser extensions aren’t inherently bad, but you should be aware of what information they collect and what permissions they request. The most common permissions required relate to scripts, which allow the extension to interact with pages while browsing, and activeTab, which allows it to read or modify pages in the current session.

When adding an extension (or installing an app or program), carefully review the requested permissions. If they aren’t necessary for the extension’s functionality—or if they are necessary but seem unnecessary—you could put your data or device at risk by allowing them. As Incogniti notes, users must decide for themselves how much privacy they are willing to sacrifice for the sake of using apps and services.

More…

AI

Leave a Reply