It is possible that any developer could just say “none” even if the extension does collect data? If it has to be manually disclosed, this won’t stop malicious actors. Only trustworthy extension developers would disclose this.
Since some extensions are “mozilla-approved”, I guess they test it regularly, it wouldn’t be hard to verify if one is really sending anything despite their disclosure.
It is possible that any developer could just say “none” even if the extension does collect data? If it has to be manually disclosed, this won’t stop malicious actors. Only trustworthy extension developers would disclose this.
Since some extensions are “mozilla-approved”, I guess they test it regularly, it wouldn’t be hard to verify if one is really sending anything despite their disclosure.