In short
Chrome silently downloads a ~4GB Gemini Nano file known as weights.bin to eligible gadgets with no opt-in immediate, and robotically re-downloads it if deleted.
Chrome’s “AI Mode” button within the deal with bar routes queries to Google’s cloud servers—the native 4GB mannequin does not energy it.
Privateness researcher Alexander Hanff argues the conduct violates the EU ePrivacy Directive.
Examine your Chrome person information folder. There is a respectable likelihood a 4GB AI mannequin is sitting there—one you by no means agreed to put in. The file is known as weights.bin, buried in a folder named OptGuideOnDeviceModel. It is the burden file for Gemini Nano, Google’s on-device language mannequin.
Delete it and Chrome downloads it once more.
Privateness researcher Alexander Hanff uncovered the conduct whereas operating an automatic audit on a contemporary Chrome profile. Utilizing macOS kernel filesystem logs, he traced Chrome making a temp listing, knocking down mannequin parts, and inserting the completed file on disk. The entire course of took roughly quarter-hour. No notification. No immediate. The profile had acquired zero human enter at any level.
]]>
The identical sample has been confirmed on Home windows 11, Apple Silicon Macs, and Ubuntu. Customers who’ve been discovering unexplained storage spikes for over a yr now have a reputation for the offender.
What it truly does
Gemini Nano powers Chrome’s on-device AI options: Issues like “Assist me write an e-mail,” rip-off detection, sensible paste, web page summarization, and AI-assisted tab grouping. On Home windows, the file lands at %LOCALAPPDATApercentGoogleChromeUser DataOptGuideOnDeviceModelweights.bin. On Mac and Linux, it is the equal Chrome profile listing.
Deleting the folder supplies no everlasting reduction. Chrome restores it on the following restart except you disable the function—through chrome://flags, the On-device AI toggle in Settings > System, or on Home windows, a registry edit setting OptimizationGuideModelDownloading to disabled.
Chrome just lately added a outstanding “AI Mode” tablet within the deal with bar. An affordable person seeing that button—with a 4GB native mannequin already on their disk—would assume their queries keep on-device. They do not. AI Mode routes each question to Google’s cloud servers. The native Gemini Nano mannequin does not energy it in any respect.
You are paying the storage and bandwidth value for a function you are not truly utilizing privately.
Is it authorized or “authorized”?
Hanff argues Google is violating EU privateness legislation. His case facilities on Article 5(3) of the ePrivacy Directive—the identical clause behind cookie consent banners—which requires “prior, freely-given, particular, knowledgeable, and unambiguous consent” earlier than storing something on a person’s system. He additionally cites GDPR Articles 5(1) and 25, protecting transparency and privateness by design.
He additionally drew a direct line to a case he revealed two weeks earlier: Anthropic’s Claude Desktop silently pre-authorized browser automation throughout roughly three million person machines with out express consent. It’s the identical sample, he argued, however at a a lot smaller scale.
Nonetheless, Google has been sneaking Gemini Nano in Chrome for some time. Folks simply didn’t discover. “To offer an enhanced browser expertise, Chrome makes use of on-device AI fashions to assist energy internet and browser options,” Google says in its Help Web site. “Chrome might obtain on-device Generative AI fashions within the background, so options that depend on these on-device fashions keep prepared to be used. In the event you delete on-device AI fashions, solely options that depend on them will likely be unavailable.”
“In February, we started rolling out the flexibility for customers to simply flip off and take away the mannequin immediately in Chrome settings. As soon as disabled the mannequin will not obtain or replace.” the corporate advised Android Authority.
The corporate famous the mannequin auto-deletes if storage runs low. What Google did not deal with is why customers weren’t requested first.
Google’s personal Chrome developer documentation tells third-party builders it is “greatest follow to alert the person to the time required to carry out these downloads.” Google did not observe its personal recommendation this time.
Each day Debrief Publication
Begin day by day with the highest information tales proper now, plus authentic options, a podcast, movies and extra.
