Hundreds of millions of Chrome users have a 4 GB AI model sitting on their hard drives right now — and most of them never agreed to it.
Security and privacy researcher Alexander Hanff, writing under the alias "That Privacy Guy," published a detailed investigation last week revealing that Google Chrome silently downloads the Gemini Nano weight file — Google's on-device large language model — to user devices without any consent prompt.
The file, named weights.bin, is located in a directory called OptGuideOnDeviceModel, buried deep within the Chrome user profile. Delete it, and Chrome will download it again in the next eligible window.
Hanff created a fresh Chrome profile on Apple Silicon specifically for an automated privacy audit. The profile received zero keyboard or mouse input from a human at any point. Using macOS's low-level filesystem event log (.fseventsd) — which Chrome cannot modify — he traced the exact moment the model landed.
The next day of creating a fresh profile, Chrome created the OptGuideOnDeviceModel directory, spawned three background unpacker subprocesses, and completed the full 4 GB install in just 14 minutes and 28 seconds, while a tab sat idle waiting for a timer to expire.
Chrome's internal feature flags confirm that the download begins before the Settings UI that would let a user refuse is even visible — meaning the architecture ensures installation precedes any opportunity to opt out.
Chrome 147 displays a prominent "AI Mode" pill in the address bar — the most visible AI touchpoint in the entire browser. A reasonable user would assume that the pill is powered by the local Gemini Nano model sitting on their disk. It is not.
The AI Mode feature routes every query to Google's cloud servers. The on-device model powers buried features like "Help me write" in text boxes and tab-group suggestions — things most users will never discover. Users pay for storage and bandwidth; the headline feature phones home anyway.
How to Block It
Stopping the download is not straightforward for ordinary users:
- Chrome flags (Chrome 137+): Open
chrome://flags, search "optimisation guide on device", and set it to Disabled. Note that flags can reset after major browser updates. - Windows Registry: Set
OptimizationGuideModelDownloadingto0underHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome. Requires admin rights. - Enterprise environments can enforce the block via Group Policy.
There is no single-click opt-out in Chrome's standard Settings for home users.
Google has not publicly responded to the investigation or addressed the absence of a consent prompt. Hanff argues that the behaviour directly violates the EU's ePrivacy Directive (Article 5(3)) and the GDPR's data minimisation principles — the same legal framework he previously applied to Anthropic's Claude Desktop, which silently registered automation hooks across seven Chromium-based browsers.