\n
\n
\n
\n
If you’ve been following Google’s recent moves, it’s clear the company is heavily pushing its AI ecosystem. According to a recent report, Chrome appears to silently fetch a massive 4GB file containing the necessary components for Gemini Nano, Google’s local large language model. Computer scientist Alexander Hanff shared his findings earlier this week on his site, The Privacy Guy, detailing why this practice raises significant concerns for Google’s reputation.
\n
I independently confirmed Hanff’s claims regarding the file, dubbed “weights.bin,” which I located within the Chrome directory inside the macOS Library folder (a hidden system area designed to prevent accidental user modifications). The file is indeed over 4GB and sits exactly where he described. Hanff points out that Chrome never asks for permission to install these Gemini Nano weights, which are utilized for AI-driven functionalities such as the “help me write” feature and on-device scam detection.
\n
Notably, the weights.bin file was absent on a second Mac I tested, as well as on a colleague’s device. The file and its directory only appeared after I updated Chrome to version 148.0.7778.97 on my personal machine. Furthermore, when I removed the directory from the first computer, the large weights.bin file reappeared within minutes.
\n
Hanff observed similar patterns across several Windows setups as well. “The user deletes, Chrome re-downloads, the user deletes again, Chrome re-downloads again. The only ways to make the deletion stick are to disable Chrome’s AI features through chrome://flags or enterprise policy tooling that home users do not generally have, or to uninstall Chrome entirely.”
\n
As Hanff highlights, this behavior presents multiple problems. It is an invisible download that users are unaware of, lacks an opt-in mechanism, and is difficult to remove. The file is also tucked away in obscure directories that most users never visit, bearing a generic filename that offers no clue about its purpose.
\n
Hanff also raises concerns that this practice might breach European privacy regulations, including GDPR. He also points to the potential environmental impact, estimating that a “mid-band” rollout of this 4GB file could reach 500 million devices, or roughly 15 percent of Chrome’s user base. This deployment would generate approximately 30,000 tonnes of CO2e — equivalent to the annual emissions of 6,500 cars. He further notes that this figure only accounts for the initial download, with ongoing updates likely increasing the energy footprint.
\n
We contacted Google for comment but did not receive a response before publication. We’ll update this story if we hear back.