- Google Chrome quietly dumped massive AI model on devices without user consent
- Users who deleted Gemini Nano files saw Chrome automatically reinstall everything afterward
- Regulators Now Face Questions About Consent Laws and Silent AI Deployments
Google Chrome has been silently downloading a 4GB AI model called Gemini Nano onto users’ devices without asking permission first.
The file, called weights.bin, is located deep in Chrome’s user profile directory and enables on-device AI features like “Help me type” and scam detection.
Users cannot find any checkbox in Chrome settings labeled “download 4GB AI model” because there is no such option.
Silent download is causing outrage among users
The environmental cost of bringing 4GB to hundreds of millions of devices is staggering by any reasonable measure.
On a global Chrome scale, a model’s climate bill generates between 6,000 and 60,000 tons of CO2 equivalent emissions, roughly the annual output of a small wind farm or the emissions of thousands of passenger cars each year.
Mobile data plans in many parts of the world treat 4GB as a month’s total allotment, but Chrome consumes it in an unsolicited download.
When users try to opt out of AI tools by deleting the weights.bin file, Chrome treats the action as a temporary error that must be fixed in the next eligible window and redownloads the entire 4GB package.
The only ways to make the removal permanent require disabling AI features via chrome://flags or enterprise policy tools that home users typically don’t possess.
A newly created Chrome profile that did not receive any keyboard or mouse input from any human still contained the entire 4GB model within 15 minutes of its creation.
The browser downloaded the file while it was idle, waiting for a five-minute timer on a third-party website to expire.
What makes this legally and ethically problematic?
The ePrivacy Directive explicitly prohibits storing information on a user’s device without prior, informed and unambiguous consent.
Chrome works perfectly without a 4GB LLM on the device, so no “strictly necessary” exemption applies to this situation.
The GDPR requires transparency and fairness in the processing of personal data, but users were never informed about the download.
The most visible AI feature in Chrome’s omnibox, called “AI Mode,” doesn’t even use the on-device model, as those queries go directly to Google’s servers instead of being processed locally on the user’s own device.
This makes the 4GB installation a pure cost imposed on users with no offsetting privacy benefits.
The company has not published any analysis of the impact on the well-being of populations whose Internet access is measured and limited.
Additionally, regulators have yet to answer whether global tech corporations are exempt from statutes that have been in place since 2002.
Via Privacy Guy
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
