Google Chrome Installed a 4GB AI Model on Your PC

haebom1 pts0 comments

Google Chrome Secretly Installed a 4GB AI Model on Your PC · Issue #103 · OZ Talking

Opening

Reader, have you noticed your computer’s storage suddenly shrinking lately?

Recently, a strange file has been making waves among Chrome users worldwide. Its name: weights.bin. Its size: 4GB. Buried deep in Chrome’s browser folder, this file turned out to be Gemini Nano, Google’s on-device AI model. The problem? Nobody asked for it to be installed.

Swedish privacy researcher Alexander Hanff uncovered the discovery by analyzing macOS kernel logs, and the same phenomenon was later confirmed on Windows and Linux. Let me get straight to the point: this isn’t a simple storage issue. It’s the start of a new pattern in which tech companies fold users’ devices into their own AI infrastructure.

Has it made things more convenient? Enormously, and I’m genuinely satisfied. But was the process behind it right? Well… no. Let’s dig in.

Get analysis like this in your inbox. Subscribe free<br>🔍 What Actually Happened

Let’s start with the structure of the file Chrome installed without users’ knowledge.

Inside Chrome’s user data folder sits a folder named OptGuideOnDeviceModel. The name itself is telling — it’s Google’s internal shorthand for “Optimization Guide On-Device Model.” Would an ordinary user look at that folder name and think, “Ah, this is the Gemini Nano AI model”? Hanff points out that this ambiguity is itself deliberate. If Google had named it honestly, it would have been GeminiNanoLLM.

Inside this folder sits weights.bin — the actual model weights1​ file for Gemini Nano. Chrome automatically checks your hardware specs: GPU tier, CPU core count, system RAM (16GB or more), and free storage (22GB or more). If your machine meets these criteria, Chrome downloads the model in the background without any notification whatsoever. When Hanff tested this on a clean Chrome profile, the download completed in 14 minutes.

What’s more interesting is what happens after you delete it. Even if you manually remove the file, restarting Chrome downloads it again. Chrome treats the deletion as a “temporary error” and attempts to restore it at the next opportunity. Some users have reported model files piling up to over 12GB because older versions were never cleaned out. When Snopes checked the devices of six of its own staff members, the file turned up on three of them, across macOS and Windows combined. In other words, deleting it doesn’t stop Chrome from forcing it back in.

Google describes it as “a lightweight on-device model we’ve offered since 2024,” and says that starting in February 2026 it began rolling out an “On-Device AI” toggle under Settings > System that lets users turn it off. But a substantial number of users, Hanff included, still haven’t received this toggle. Those without it have to manually disable the relevant flag at chrome://flags or edit the registry.

🎭 The Paradox: Violating Privacy in the Name of Privacy

The most notable part of this whole affair is the justification Google offers.

The features Gemini Nano runs locally include Help Me Write, phishing and scam detection, tab group suggestions, page summarization, and smart paste. The scam-detection feature in particular was integrated into Chrome’s Enhanced Protection mode in May 2025, and Google’s explanation is that on-device processing lets it catch phishing sites in real time — even ones that exist for less than 10 minutes before vanishing . That’s a threat cloud-based databases are too slow to catch. And these features are genuinely convenient — especially most of the tasks you do after opening developer mode (F12), which have become dramatically easier.

Google’s logic is that when these features run on the user’s device instead of the cloud, no data gets sent to Google’s servers, so privacy is protected. Taken purely on its own terms, that logic holds up.

But here’s where the paradox emerges.

A model installed to protect privacy was, itself, installed without consent. Article 5(3) of the EU’s ePrivacy Directive 2​ requires “freely given, specific, informed, and unambiguous consent” before storing information on a user’s device. That single clause is the reason cookie banners exist at all. In plain terms, Google should have asked, “We’re about to download XYZ — do you agree?” before the download began. It didn’t.

A law that requires consent for a 4KB cookie somehow wasn’t applied to a 4GB AI model — a million times larger. Hanff argues this violates both the ePrivacy Directive and GDPR’s transparency principles. If EU regulators agree, Google could face a fine of up to 4% of its global revenue. Legal precedent is already accumulating too: in March 2025, a German court ruled that installing Google Tag Manager also requires prior consent.

Google’s consistent position, of course, is that this is simply part of the product, and therefore fine.

📱 The Gap Between Visible AI and Invisible AI

There’s another part of this story I find even more...

google chrome model device installed file

Related Articles