Adobe quietly bundles data-collecting Chrome extension with latest Reader update

Chrome users who have installed the latest Adobe security updates have also been unknowingly saddled with a browser extension (“Adobe Acrobat”) that can collect some of their operating environment data.

The unexpected addition was not noted by Adobe when it released the Adobe Acrobat, Reader and Flash updates on January 10, but the person behind the popular SwiftOnSecurity Twitter account made sure to make it widely known:

With latest Reader update, Adobe is automatically prompting users to install a Chrome extension which includes telemetry. Says no URLs. pic.twitter.com/PnDV4Zy0fv

— SwiftOnSecurity (@SwiftOnSecurity) January 10, 2017

Users don’t have to approve the installation of the extension, but are asked later to enable it or remove it. They are also asked to allow the extension “to send anonymous usage information to Adobe for product improvement purposes.”

Adobe describes the addition in this document, and notes that it “does not read the content of your PDFs or any content on the sites you visit.”

All in all, the extension does seem harmless enough, but what rankles it is the way that it’s being pushed onto users.

Comments left by disgruntled users on the extension’s page on the Chrome Web Store in the last few days say just that.

And, as another point of contention: the extension is installed with Adobe Reader (a free product), but requires Adobe Acrobat (a paid product) to work.