Google altered the description of its on-device AI feature in Chrome. The change removed a direct assurance that user data stays off its servers. Privacy advocates noticed immediately. Questions followed.
The original text in Chrome’s System settings promised clarity. It stated that AI models run directly on the device without sending data to Google servers. Features like scam detection depended on this setup. Turn it off, and those capabilities might fail. Simple enough. But the wording vanished in Chrome 148.
Privacy Wording Shift Sparks Immediate Backlash
Alexander Hanff, a privacy advocate, raised pointed concerns. He asked why the sentence disappeared. Was the prior language inaccurate? Had the system architecture shifted? Or did lawyers advise pulling it to dodge potential claims? His post on May 8 detailed the before-and-after screenshots. The new version reads far more neutrally: Chrome can use AI models that run directly on your device. When off, features might not work. No mention of servers or data flows.
Google pushed back quickly. A spokesperson told The Register, “This doesn’t reflect a change to how we handle on-device AI for Chrome. The data that is passed to the model is processed solely on device.” The company pointed to Gemini Nano. It has lived in Chrome since 2024. The model powers security tools and developer APIs. And it does so without sending data to the cloud, Google insists.
But the timing raised eyebrows. The edit happened in early April. Around the same period, Chrome began wider rollout of the Prompt API. This tool lets websites tap the browser’s local AI model directly. Web pages gain access to inputs and outputs. Suddenly the clean promise of zero data leaving the device gets complicated. If a site – even a Google property – sees the prompt, does that break the spirit of the original text?
Users first spotted the silent download months ago. Chrome pulls down roughly 4GB of Gemini Nano model weights. No consent dialog appears. No upfront opt-in. The model reinstalls itself if deleted manually. Storage fills up. Data caps get eaten, especially outside high-speed markets. One X user in Sri Lanka called it exploitation masked as innovation. Another compared it to spyware.
Google updated its approach in February. Users can now disable On-device AI in settings and remove the model. Once turned off, downloads and updates stop. The company added this after early complaints. Yet the feature still defaults to on for many. And the model had been previewed in Chrome 126 two years earlier. Early adopters hosted it without much fanfare. Now it sits on hundreds of millions of devices.
Critics see a pattern. Google offers powerful AI. It runs locally for speed and some privacy gains. Yet the installation happens in the background. Disk space vanishes. CPU cycles get borrowed during inference. That Privacy Guy documented the exact UI shift on May 8. The assurance lived inside the System block before. Now it’s absent. The toggle remains, but the guarantee does not.
So what happens when a website calls the Prompt API? The local model processes the request. Results return to the page. That page’s operator sees everything. For third-party sites, their privacy policy governs. For Google sites, the data never hits Google servers in the classic cloud sense. But it does reach Google’s web properties. The original wording risked sounding like a blanket guarantee. Google apparently decided to avoid that exposure.
The company also noted the model unloads itself when storage runs low. Helpful on paper. Less so if users never asked for it in the first place. Recent reports confirm the 4GB download continues for many. Decrypt covered the removal on May 7. It highlighted version 147 versus 148. Users on the older build still see the stronger language. Those updated do not. The discrepancy fueled online debates on Hacker News and Reddit. Threads filled with frustration over disk usage and perceived sneakiness.
Chrome’s market share exceeds 60 percent on desktops. The installed base numbers in the billions when counting mobile. Even modest per-user storage claims multiply fast. Environmental costs enter the conversation too. Training and inference already draw heavy power. Now idle models sit on idle hardware worldwide. A YouTube investigation linked the practice to broader climate impacts from always-on AI deployment.
Google maintains its position. Processing stays on-device for the core model interactions. Scam detection works locally. The Prompt API extends capabilities to developers without forcing cloud dependency. Yet the softened language admits complexity. Data does leave the strict device boundary in some scenarios. It just doesn’t cross to Google servers in the way users might have pictured.
Regulators watch closely. Europe’s GDPR and ePrivacy rules demand clear consent and transparency. Silent installation of multi-gigabyte files tests those boundaries. Privacy groups argue users deserve explicit choice before software claims local resources long-term. Google offers an off switch now. But discovery remains the user’s burden.
Industry insiders recognize the trade-offs. On-device models cut latency. They limit exposure of sensitive inputs like passwords or financial details. They reduce reliance on data centers. But they demand capable hardware. Not every laptop or phone runs 4GB models smoothly. Battery drain appears during heavy use. And the trust gap widens when changes slip through without announcement.
The episode reveals tensions at the heart of browser-based AI. Companies want to ship intelligence everywhere. Users want control and honesty about where their data goes. Google tweaked the text to match reality more precisely. The reality includes websites peering at model outputs. It includes automatic downloads that surprised many. And it includes a promise that now reads more cautiously.
Whether this satisfies watchdogs or users remains open. Chrome will keep updating. The model will keep downloading for those who leave the setting enabled. Features will expand. So will the scrutiny. One thing looks clear. The era of browsers quietly becoming AI platforms has arrived. The fine print just got finer.
WebProNews is an iEntry Publication