Google Chrome's Silent Download of AI Model Raises Privacy Concerns

Severity: Medium (Score: 54.8)

Sources: News.Ycombinator, Androidauthority

Summary

Google Chrome has been found to silently download a 4 GB AI model file named weights.bin onto users' devices without explicit consent. This file, part of the Gemini Nano AI model, is stored in a directory called OptGuideOnDeviceModel and is automatically re-downloaded if deleted. While Google claims the model enhances privacy by processing AI tasks locally, users have expressed concerns over the lack of transparency and consent. The download occurs when AI features in Chrome are activated, which are enabled by default in recent versions. This incident has sparked significant discussion about user consent and data privacy in the context of AI integration in browsers. Legal experts suggest this may violate GDPR and ePrivacy regulations. The environmental impact of such mass downloads is also highlighted, with estimates of significant CO2 emissions. As of now, Google has not provided a clear opt-out mechanism for users. Key Points: • Chrome downloads a 4 GB AI model file without user consent, raising privacy issues. • The file is automatically re-downloaded if deleted, complicating user control. • Legal experts argue this may violate GDPR and ePrivacy regulations.

Key Entities

• Malware (attack_type)
• Gemini Nano (platform)
• MacOS (platform)
• Windows (platform)
• Google Chrome (tool)