Installing a Chrome extension is an act of trust. You're giving a piece of software access to everything you do in your browser — every page you visit, every form you fill, sometimes every keystroke you type.

Most extensions handle that trust responsibly. Some don't. And the ones that don't are often the most popular ones, because data collection funds free software.

This guide is about the other kind: extensions that are genuinely useful and genuinely private. Tools that store data locally, make no unnecessary network requests, and don't require an account to function.

How to evaluate an extension's privacy

Before installing any extension, check these things:

The permissions it requests

Chrome shows you what permissions an extension needs before you install it. Be cautious of extensions that request:

  • "Read and change all your data on all websites" — the broadest possible permission. Necessary for some tools (ad blockers, password managers) but a red flag for anything else.
  • "Read your browsing history" — only necessary if the extension genuinely needs it. A color picker doesn't need your history.
  • "Communicate with cooperating websites" — means the extension can send data to external servers.

The privacy policy

Look for a privacy policy that explicitly states what data is collected. Vague language like "we may collect usage data to improve the service" is a warning sign. Good privacy policies say: "we collect no personal data" or list exactly what is collected and why.

Network requests

Open Chrome DevTools (F12) → Network tab while the extension is active. Does it make requests to external servers while you browse normally? A local-first extension should make zero requests during regular use.

Open source

Extensions with public source code can be independently audited. This doesn't guarantee privacy but makes deception much harder. Many privacy-focused extensions are open source.

The categories worth caring about

Password managers

Password managers are necessarily trusted with sensitive data. The privacy distinction here is between cloud-synced (data stored on provider's servers) and local-first (data stored only on your device).

Bitwarden is the gold standard — open source, audited, and offers a self-hosted option if you don't want even encrypted data on their servers. The free tier is genuinely useful without compromise.

KeePassXC with a browser extension is the fully local option — your password database is a file on your machine, never uploaded anywhere.

Ad and tracker blocking

The best ad blocker from a privacy perspective is one that runs entirely locally using static filter lists — no cloud lookups, no "cloud intelligence."

uBlock Origin has been the standard for years. It's open source, runs entirely locally, and is exceptionally effective. Note: Chrome's Manifest V3 transition has weakened some of its capabilities — Firefox users get the full version.

Productivity tools

This is where privacy trade-offs are most common. Most productivity extensions — tab managers, bookmark tools, note-takers — require accounts and sync data to servers. This is usually presented as a feature ("access your data anywhere") but it means your browsing patterns, saved pages, and notes live on someone else's server.

The local-first alternative: tools that store everything in your browser's IndexedDB or chrome.storage, with optional manual export. You lose cross-device sync but gain complete control over your data.

Reading and research tools

Tools that help you read, highlight, or save web content are particularly privacy-sensitive because they capture the content of pages you visit — often including pages you'd prefer not to have logged anywhere.

Look for tools that process content locally without sending it to a server. Reader-mode extensions that strip page clutter can do this entirely locally using the same Readability.js library that powers Firefox's reader view.

Red flags in extension privacy

These patterns should give you pause:

  • Required account creation — if an extension won't work without creating an account, your data is going to a server.
  • "Free" extensions with no clear business model — if you're not paying and there are no ads, your data may be the product.
  • Extensions that "improve" over time with usage — often means they're collecting usage data to train models.
  • Permissions that don't match the feature — a simple utility requesting access to all websites and your browsing history is suspicious.
  • No privacy policy, or one that references "partners" — data sharing with third parties is a significant privacy concern.

The Manifest V3 situation

Chrome's transition to Manifest V3 (the new extension framework) has affected privacy tools significantly. The old MV2 framework allowed extensions to intercept and modify network requests dynamically — essential for powerful ad blockers and privacy tools.

MV3 replaced this with a more restricted system called declarativeNetRequest, which requires extensions to pre-declare their blocking rules rather than making real-time decisions. This weakens some privacy extensions, particularly ad blockers that need to respond to dynamic tracking techniques.

For users who prioritize strong ad blocking and tracker prevention, Firefox currently offers better protection because it supports the full MV2 API for extensions.

Building a privacy-respecting extension stack

A practical starting point for a privacy-conscious Chrome setup:

  1. Ad/tracker blocking — uBlock Origin (understanding its MV3 limitations) or switch to Firefox for full protection
  2. Password management — Bitwarden (open source, audited) or KeePassXC (fully local)
  3. Productivity tools — prioritize local-first tools that don't require accounts
  4. Audit periodically — review your installed extensions every few months. Remove anything you're not actively using. Extensions you've forgotten about still have permissions.

What local-first means in practice

Local-first is a design philosophy, not just a marketing term. A genuinely local-first extension:

  • Works completely offline
  • Makes zero network requests during normal use
  • Stores all data in browser-native storage (IndexedDB, chrome.storage)
  • Doesn't require an account to function
  • Allows you to export all your data in a portable format
  • Continues working if the developer's servers go down

This last point is underrated. Cloud-dependent extensions can become nonfunctional if the company shuts down or changes their pricing. Local-first tools continue working indefinitely regardless of what happens to the developer.

🔒
LocalExt extensions are built local-first. Palet stores your tabs, history, bookmarks, and aliases entirely in your browser's local storage. Zero network requests during use. No account required. Learn more about Palet →

The honest trade-off

Local-first tools have real limitations. Cross-device sync requires either a cloud component or manual export/import. Features that benefit from aggregated data (like "users who saved this also saved...") aren't possible without data collection.

Whether those trade-offs are worth it depends on your threat model and preferences. For most people, the question is simple: do you want your browsing patterns, saved pages, and productivity data on someone else's server, or on your own device?

There's no universally correct answer. But the local-first option is increasingly viable — the tools have improved significantly and the privacy case for them is stronger than ever.

Palet — local-first command palette for Chrome

Search tabs, bookmarks, and history with one shortcut. All data stays on your device. No account, no tracking, no cloud.

Add to Chrome — Free