Home > Cyber News > Chrome 69 Keeps Google Cookies When Requested to Delete All Cookies

Chrome 69 Keeps Google Cookies When Requested to Delete All Cookies

A Twitter discussion started by Christoph Tavan has revealed that Chrome 69 will keep Google Cookies even when the user specifically asks it to delete all cookies.

“Clear browsing data” -> “Cookies and other site data” doesn’t empty local storage. That comes unexpected since localStorage is broadly used in web/ad tracking,” he noted.

Chrome 69 Sign-In Feature Explained

Have you noticed that in Chrome 69 Google includes an automatic browser sign-in feature for users signed in any other Google service? The introduction of this feature triggered an astute online debate regarding user awareness and user consent upon logins. In addition to this, Google’s browser is now not allowing users to fully delete all cookies, thus refusing to discharge user data. More precisely, the latest version of Chrome is not going to delete any Google cookies or the browser’s localStorage upon request for clearing browsing data.

What exactly happens when the user tries to clear all cookies from Chrome 69? As a matter of fact, the browser informs the user that they won’t be signed out of Google Account. This fact alone says that there’s indeed the chance that Google cookies that contain the Google Account login session won’t be deleted. The real problem is that the user is not given the option to thwart staying logged in.

Related Story: CVE-2018-6177 Chrome Bug Allows Hackers to Steal Sensitive Data via HTML Tags

That’s not all, however. Even when the user attempts to delete “all time” cookies data, they won’t be able to fully delete Google’s cookies:

The user can delete all cookies, Google ones included, when they sing out of their account. This enables the deletion of the cookies. However, as noted by Tavan:

Cookies seem to get removed and re-created immediately. At least the cookie content and creation date seems to change. Nonetheless: After hitting the “remove all” button you still don’t end up with an empty cookie jar.

What does this all mean? Google cookies appear to be protected in cases when users are logged in their Google Chrome for login persistence reasons. If the user still wishes to fully delete all browsing data from the browser, cookies inclusive, they will need to log out of the Google account first and then use the Clear Data option.

Update September 27, 2018. Apparently, Google was quick to respond to the unhappy users’ feedback. Chrome product manager Zake Koch said they have decided to roll these changes back and give more control over their browser behavior.

“We’ve heard—and appreciate—your feedback,” he said in a blog post, explaining that Chrome is also going to make a few updates in the next release of Chrome (Version 70, released mid-October) “to better communicate our changes and offer more control over the experience”. Read more about Chrome 70.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree