Chrome to target abusive notification requests beginning in July
Chrome next month will begin to block notifications from sites that Google believes misuse or abuse the privilege of issuing the warnings.
Starting with Chrome 84 – scheduled to release July 14 – sites that Google thinks traffic in notifications meant to trick users will be blacklisted. Such sites’ notifications will be scaled back to what Google earlier defined as its “Quiet UI” and a Chrome-produced warning will appear telling the user that the website may be trying to dupe him or her into accepting future notices.
“Abusive notification prompts are one of the top user complaints we receive about Chrome,” PJ McLachlan, a Google product manager, wrote in a May 28 post to a company blog. McLachlan claimed that a large portion of such notifications originate “from a small number of abusive sites.”
“Abusive” notifications, according to McLachlan, include two broad categories: “permission request issues,” which mislead users, usually into allowing further notifications, and “notification issues,” even more nefarious alerts that conduct phishing attacks, link to malicious software or try to fake system alerts or even chat messages.
In Chrome 84, the browser’s abusive notification protection will only affect new “permission requests” from abusive sites, not those users may have unwittingly agreed to prior. Google may expand the anti-notification defense to already accepted notifications in the future, McLachlan said.
Sites that Google determines deal in abusive notifications will be notified by email at least 30 days before Chrome begins to enforce its new rules. In that interim, fingered sites will have the chance to mend their ways and then resubmit for a second review.
More information on Google’s Abusive Notifications Report – the mechanism it will use to highlight bad actors – can be found here. Details on the review process can be read by site owners here.