Chrome sends X-Client-Data headers to DoubleClick and other Google-owned properties, which can be used for tracking purposes. There's no way to disable this behavior.
The header contains a "low entropy" random ID generated by Chrome upon installation. Coupled with other data, this can be used to track users even after clearing cookies and in private mode.
I use the GDPR definition for what “other data” means in an online data collection context. Even then, legal hoop-jumping causes those definitions to be gamed, to the detriment of user privacy, and to the boon of site operators and advertisers.
Damian George, Kento Reutimann, Aurelia Tamò-Larrieux, GDPR bypass by design? Transient processing of data under the GDPR, International Data Privacy Law, Volume 9, Issue 4, November 2019, Pages 285–298, https://doi.org/10.1093/idpl/ipz017
Michael Veale, Reuben Binns, Jef Ausloos, When data protection by design and data subject rights clash, International Data Privacy Law, Volume 8, Issue 2, May 2018, Pages 105–123, https://doi.org/10.1093/idpl/ipy002
Frederik J. Zuiderveen Borgesius, Singling out people without knowing their names – Behavioural targeting, pseudonymous data, and the new Data Protection Regulation, Computer Law & Security Review, Volume 32, Issue 2, 2016, Pages 256-271, https://doi.org/10.1016/j.clsr.2015.12.013
You can disable most of the telemetry with command line switches like --disable-background-networking and --disable-sync, but some things like field trials and doubleclick fingerprinting cannot be excluded in regular Chrome/Chromium AFAIK.
Even basic things like auto-suggestions in the URL bar can't be turned off any more. A while ago there used to be an option for it but it was removed. So when you enter an URL it's automatically sent to Google as you type.
At some point the new tab page stopped being replaceable something less distracting/compulsive like your own custom url. Your homepage can only apply at startup. It isn't something that should have to be an extension.
