Notably, Google will require browser extensions that handle user-provided content and personal communications to post a privacy policy. In the past, Google only required a small number of Chrome plug-ins — those that handle sensitive user data — to actually post a privacy policy. While this rules change will add more apps to that list, it doesn’t apply to all of the 180,000 options in the Chrome Web Store. Roughly 85 percent of Chrome extensions don’t have a privacy policy listed, according to a recent survey of developers. Given that you can’t violate a privacy policy without having a privacy policy, this relieves a great number of third-party Chrome developers of liability.

Google Drive apps are being asked to move to a “per-file” user consent model. In short, apps will have to ask for permission each time they need access to an individual file.

While the new privacy rules are promising, they’ll take some time to go into effect. Google is making developers aware of the updated policy today, but the rules won’t be enforced until this fall. For Google Drive developers, enforcement won’t start until early next year.