In brief
- Chrome 148 removed the phrase "without sending your data to Google servers" from the on-device AI settings description that appeared in Chrome 147.
- The change was first spotted by users on the Chrome subreddit and picked up by Hacker News within hours.
- The phrasing implies that Google sends users' data to its servers even for requests that used to be fully private before.
Google Chrome's settings page made a quiet promise before its most recent update.
In Chrome version 147, under Settings > System > On-device AI, the description read: "To power features like scam detection, Chrome can use AI models that run directly on your device without sending your data to Google servers."
That line is gone in Chrome 148.0.7778.97, which began rolling out recently. The new text just says Chrome "can use AI models that run directly on your device. When this is off, these features might not work."
The removal was spotted by users on the Chrome subreddit and surfaced on Hacker News, where it collected over 250 points in hours, sparking debate among privacy enthusiasts. “I'm just surprised people use Chrome at all. Google has proven over and over they can't be trusted and will exploit you every chance they get,” said one user. “It's on-device AI spyware, really,” another user argued. “It collects intelligence about the user, summarizes it and sends it to Google, all paid by the user's electricity bill. Deviously clever.”
As we reported yesterday, Chrome has been silently downloading a roughly 4GB file called weights.bin—the weight file for Gemini Nano—to any device that meets its minimum hardware requirements, with no opt-in prompt and no visible notification. The file lands in a folder called OptGuideOnDeviceModel inside Chrome's user data directory. Delete it, and Chrome downloads it again on the next restart.
Privacy researcher Alexander Hanff confirmed the behavior using macOS kernel filesystem logs, and it has since been verified on Windows 11 and Ubuntu as well.
The deleted phrase in Chrome was doing real work. It was the primary in-product justification for why Chrome installs Gemini Nano without asking. Google’s argument was that on-device processing keeps your data off its servers, making the silent install of its Gemini Nano model a net privacy benefit.
That argument already had a hole in it. Chrome 147's "AI Mode" pill in the address bar routes every query to Google's cloud, not the local Gemini Nano model.
Removing the "without sending your data to Google servers" language doesn't fix that contradiction. It just stops Chrome from making a claim it apparently isn't prepared to stand behind.
Google did not respond to Decrypt's request for comment on the settings change.
Hanff, whose forensic documentation of the silent install sparked the original story, has argued the download violates Article 5(3) of the EU ePrivacy Directive, which requires explicit consent before storing data on a user's device. Removing the privacy language from the UI doesn't change that legal exposure—it removes one of Google's clearest arguments for why the silent install was justified in the first place.
Chrome 148 is currently rolling out. Users still on version 147 will see the old text; anyone who has already updated will find the privacy claim gone.