According to Duo Lab, they were in the process of building a free tool that would analyze Chrome extensions where based on the 120,000 apps and extensions found on the Chrome Web Store, they found that 85% of these extensions actually do not have a privacy policy. This means that there is no written guarantee that any data collected by these extensions will not be shared with others.
The study also found that 35% of these apps and extensions can also read data on any website that you visit, 32% use third-party libraries that have known vulnerabilities and that a whopping 77% do not have a support site that users can visit. While Google has taken steps in the past to try and improve the security of Chrome, such as blocking extension installs outside of its Web Store, this study shows that Google still has quite a lot of work ahead of them.
In the meantime if you do use extensions (we’re sure that many do), then maybe do a bit of research on the extension and its developer to get a better idea of what you might be able to expect in terms of security and privacy.