If you've never browsed the Chrome Web Store, it's a cloud-based marketplace, similar to the Android Marketplace, where you can download extensions for your Chrome browser, as well as apps and games that run within Chrome much the same way mobile apps run on your  smartphone or tablet.

Much like the Android Marketplace, the Chrome Web Store has been plagued with rogue applications and extensions that pretend to create value for users while actually serving nefarious purposes. In January, the security firm Malware Bytes called Google out in its blog for allowing a rogue extension named "iCalc" into the store that pretended to be a calculator but instead spied on users, sent information about them to a remote server, and accepted commands from that server. That extension was removed, but not before it had been downloaded about 1,000 times. And it was quickly replaced with other seemingly innocuous extensions that did the same.

Today, Google took steps to put a stop to nefarious chrome apps and extensions, or at least place some limits on them. The company announced on its blog that it is updating and expanding its policies governing how user data is collected and used. "Since early on, Chrome has included privacy-protecting features," the Chrome Policy Team explains in the blog post. "Now, we're consolidating and expanding our policies about user data to ensure our Chrome Web Store developers follow similar principles."

Developers will now be required to disclose their privacy practices and "be transparent" about how user data will be collected and used; post a privacy policy; use encryption for personal or sensitive user information; and ask users for consent before collecting personal or sensitive information, unless that information is "related to a prominent feature."

What happens if they don't? "We'll notify developers when we discover items that violate the User Data Policy, and they'll have until July 14, 2016 to make any changes needed for compliance," the blog post explains. After that, items that violate the policy will be removed, and won't be reinstated until they're in compliance.

If you're a developer and your app or extension collects user data, take a close look at the new policy to make sure you aren't crossing the line. And if you're a Chrome user, it might be smart to take a look at any apps or extensions you've added to Chrome, and remove any you aren't using.

And maybe wonder why these commonsense rules weren't in place from the very beginning.

Published on: Apr 16, 2016
Like this column? Sign up to subscribe to email alerts and you'll never miss a post.
The opinions expressed here by Inc.com columnists are their own, not those of Inc.com.