Chrome Deletes Its Own Privacy Promise for Sneaky On-Device AI

Google Chrome's settings leafage made a quiescent committedness earlier its astir caller update.

In Chrome mentation 147, nether Settings > System > On-device AI, the statement read: "To powerfulness features similar scam detection, Chrome tin usage AI models that tally straight connected your instrumentality without sending your information to Google servers."

That enactment is gone successful Chrome 148.0.7778.97, which began rolling retired recently. The caller substance conscionable says Chrome "can usage AI models that tally straight connected your device. When this is off, these features mightiness not work."

The removal was spotted by users connected the Chrome subreddit and surfaced connected Hacker News, wherever it collected implicit 250 points successful hours, sparking statement among privateness enthusiasts. “I'm conscionable amazed radical usage Chrome astatine all. Google has proven implicit and implicit they can't beryllium trusted and volition exploit you each accidental they get,” said 1 user. “It's on-device AI spyware, really,” different idiosyncratic argued. “It collects quality astir the user, summarizes it and sends it to Google, each paid by the user's energy bill. Deviously clever.”

As we reported yesterday, Chrome has been silently downloading a astir 4GB record called weights.bin—the value record for Gemini Nano—to immoderate instrumentality that meets its minimum hardware requirements, with nary opt-in punctual and nary disposable notification. The record lands successful a folder called OptGuideOnDeviceModel wrong Chrome's idiosyncratic information directory. Delete it, and Chrome downloads it again connected the adjacent restart.

Privacy researcher Alexander Hanff confirmed the behaviour utilizing macOS kernel filesystem logs, and it has since been verified connected Windows 11 and Ubuntu arsenic well.

The deleted operation successful Chrome was doing existent work. It was the superior in-product justification for wherefore Chrome installs Gemini Nano without asking. Google’s argument was that on-device processing keeps your information disconnected its servers, making the soundless instal of its Gemini Nano exemplary a nett privateness benefit.

That statement already had a spread successful it. Chrome 147's "AI Mode" pill successful the code barroom routes each query to Google's cloud, not the section Gemini Nano model.

Removing the "without sending your information to Google servers" connection doesn't hole that contradiction. It conscionable stops Chrome from making a assertion it seemingly isn't prepared to basal behind.

Google did not respond to Decrypt's petition for remark connected the settings change.

Hanff, whose forensic documentation of the soundless instal sparked the archetypal story, has argued the download violates Article 5(3) of the EU ePrivacy Directive, which requires explicit consent earlier storing information connected a user's device. Removing the privateness connection from the UI doesn't alteration that ineligible exposure—it removes 1 of Google's clearest arguments for wherefore the soundless instal was justified successful the archetypal place.

Chrome 148 is presently rolling out. Users inactive connected mentation 147 volition spot the aged text; anyone who has already updated volition find the privateness assertion gone.