Google Chrome is downloading and installing a four GB on-device AI model onto users' computers without providing explicit consent [1].
This practice raises significant privacy and resource concerns, as the browser may automatically reinstall the software if a user deletes it. The move could also potentially violate privacy regulations within the European Union [1, 2].
Security researcher Alexander Hanff, known as "That Privacy Guy," identified the activity [2]. The model in question is Gemini Nano, designed to enable AI capabilities directly on a device without requiring a constant connection to the cloud [1, 2].
Reports indicate the installation process is silent, meaning users are not notified that their hardware is being used to host the model [1, 3]. According to some reports, this process has affected billions of devices [5].
Beyond privacy concerns, the scale of the deployment has environmental and technical implications. Some estimates suggest the silent downloads have consumed thousands of kilowatts of energy [6]. Users who notice unusual disk activity may find the model stored within a specific folder in their Chrome directory [3].
Google has not provided a public justification for bypassing user consent for this specific installation. The four GB model [1] represents a substantial amount of disk space for a browser update that does not clearly announce its purpose to the end user.
“Chrome is silently downloading and installing a 4 GB on-device AI model”
This incident highlights a growing tension between AI integration and user autonomy. By deploying Gemini Nano silently, Google prioritizes the seamless availability of AI features over transparency. This approach risks regulatory backlash in jurisdictions with strict data and consent laws, such as the EU, and sets a precedent for how software vendors may treat local hardware resources as their own.
