Some Google Chrome users have recently been silently downloaded and stored by the browser without any explicit prompts or authorization. Local AI model files of about 4GB are used for Gemini Nano related functions. This behavior not only led to an inexplicable decrease in disk space and an abnormal increase in disk read and write activities, but also raised questions about privacy and compliance.

What is even more controversial is that even if the user manually deletes the relevant folder, Chrome will automatically re-download the model later unless the user takes additional actions to turn off the relevant switch or completely uninstall the browser.

The report pointed out that affected users can look for a folder named "OptGuideOnDeviceModel" in the Chrome configuration directory. This directory contains the weight data of the Google Gemini Nano large language model, with a capacity of approximately 4GB, and is silently pulled by Chrome in the background. In Windows 11 systems, this directory is usually located under %LOCALAPPDATA%GoogleChromeUser DataOptGuideOnDeviceModel, and people have confirmed that the same directory and the same download behavior appear on Apple Silicon Mac and Ubuntu devices. At present, if the user simply deletes the folder, it does not fundamentally prevent Chrome from downloading the relevant models again.

For users who still need to use Chrome but do not want to be forced to download local AI models, the report gives a possible circumvention idea. Users can enter "chrome://flags" in the address bar, search for the experimental option called "Enables optimization guide on device on Android", and change it from the default state to "Disabled" to try to prevent the download of the local optimization guide and related models. This setting can also be used as a clue to verify whether the device is included in the relevant functional coverage. However, judging from the current information, completely uninstalling Chrome is still the most direct way to ensure that the model files are completely removed.

This silent download behavior was first confirmed by Alexander Hanff, who has a background in computer science and law, through the macOS kernel file system log. Since then, users have reported that this behavior has continued for about a year. Outsiders speculate that this may be related to a series of AI features introduced by Chrome last fall, including writing assistance, AI summarization, and automatic browsing. Ironically, the most visible AI feature in Chrome—the integrated AI mode in the address bar and Google Search—actually runs on Google servers, rather than relying on the 4GB model file downloaded locally. Local weight mainly serves functions buried in multi-layered menus such as writing assistance, and its visibility and frequency of use are far less than the former.

In terms of scale and environmental impact, Hanff believes that if a 4GB-level model file is pushed to hundreds of millions or even billions of Chrome users, the cumulative data transfer volume will reach several EB (exabytes) levels, which will have a significant impact on network bandwidth and energy consumption. It estimates that indirect carbon emissions from this distribution method could range from about 6,000 to 60,000 tons of carbon dioxide. However, it is currently difficult to accurately determine the actual number of affected devices. An editor searched the relevant directories on two Windows 11 devices that have been in service for several years and found that neither met the download conditions, which means that Google is likely to only push the Gemini Nano model to some newer hardware to control compatibility and cost.

As more technical details were disclosed, the incident quickly extended from discussions in the technology circle to the fields of compliance and privacy. Hanff has formally accused Google of violating European privacy regulations by forcing the company to push large data files to devices without users’ explicit knowledge and consent. Given that Chrome has a large number of users, this approach is considered to not only infringe on users' independent control over local storage and bandwidth resources, but may also conflict with the EU's principles of data minimization, prior notification and explicit consent. At present, Google has not yet made a public and detailed response to specific compliance risks and subsequent rectification measures. It remains to be seen what will happen next and whether regulatory authorities will intervene.