Last week, Google remotely disabled a pretty popular Chrome extension, which was found to contain malware. The lead up to that point was complicated, but the ultimate cause can be tied back to a change in ownership in June 2020. It's a common refrain at this point: Developers cash out (as they're allowed to do), but the new unscrupulous owners are only interested in a quick buck. Sometimes these acquisitions come with a tweet or a blog post; in the best cases, the app or extension will even tell you outright that it's under new ownership. But you can't always rely on that. So, should customers be notified when an extension or app changes hands?

There are right ways and wrong ways to handle an acquisition. One good example was when Tasker changed hands back in 2018. Current owner/developer João Dias was the ideal choice to take over, as he'd already been contributing to related plugins for years. News of the change was spread far and wide, and basically everyone using the app was aware of it. I'd wager you can't find a single customer that's unhappy with how he's handled development since, either.

When it comes to more corporate acquisitions, the swap of SMS Backup & Restore from Carbonite to SyncTech was also handled well. The new owners didn't try to hide what happened. If I remember correctly, the app itself had an interstitial screen stating the news, as did the first update's changelog following the sale. And when the new owners made moves to monetize via ads, they made sure to keep an opt-out option to not alienate long-time users.

In both cases, new owners stayed communicative and responsible, and their related apps continue to be loved by customers. But not every acquisition is as pro-consumer. Cheetah Mobile, for example, has a long history of buying up apps and then ruining them. Their actions are so user-hostile (and outright fraudulent) that Google took the exceptional step of banning every single app they make from its Play Store. In the world of Chrome extensions, some companies even just go around buying up older extensions with an active userbase to load them with malware.

Although these acquisitions can go well or poorly, so far as we can tell, there aren't actually any rules that require developers to inform their customers that the app is about to change hands. There's a huge spectrum of results when that happens, but customers often only find out about it when it's too late and things have gone downhill. Google has many developer policies covering things from subscription billing to cryptomining at the Play Store, but we can't find a single mention of customers being notified of an acquisition — the closest the company comes is that ownership itself can't be misrepresented or hidden. Google's Chrome Web Store policies are similar, banning impersonation and deception, but with no requirement to directly notify customers if your extension is under new ownership.

It's worth pointing out that Chrome extensions are already disabled if their permissions change with an update, but that doesn't help if it's already collecting all your data, and customers are almost trained to simply re-enable them without much scrutiny.

Chrome extensions and apps are bought and sold all the time, often for the worse. Should customers be notified when that happens? Feel free to select all that apply and chime in with any specifics or qualifications for that opinion in comments.