Sometime in the last several months, Google Chrome started leaving a 4 GB file called weights.bin on a large number of laptops. It sits inside a folder named OptGuideOnDeviceModel in your Chrome user-data directory. It is the Gemini Nano language model, downloaded and unpacked locally, ready to run on your CPU or GPU. On most machines it appeared without a dialog box, without a notification, and without an entry in the Chrome download history.
The story broke into wider view on May 4, when privacy researcher Alexander Hanff published a forensic walkthrough of a fresh macOS Chrome profile that received the model on April 24, 2026. The profile had zero human interaction — only automated browser-control via the Chrome DevTools Protocol — yet Chrome still spent roughly 14 minutes pulling down and unpacking the weights between 14:38 and 14:53 UTC. Hanff verified the timing against macOS kernel-level filesystem events (.fseventsd), which log file operations independently of any application’s own log.
Google has since responded, and the response is interesting precisely because of what it does and does not say.
What the file actually is
weights.bin is the parameter file for Gemini Nano, a small foundation model Google has been shipping into Chrome since 2024. It lives at …/Chrome/User Data/OptGuideOnDeviceModel/<version>/weights.bin on Windows, macOS and Linux. Reported sizes range from around 2 GB on some hardware tiers up to roughly 4 GB on others, with most current desktop installs landing near the 4 GB mark.
The download is hardware-gated. Chrome will only fetch it on machines that meet the documented minimums: Windows 10/11 or macOS 13+, at least 22 GB of free disk, and either a GPU with 4 GB+ of VRAM or a CPU with 16 GB of RAM and four-plus cores. Below those thresholds, no download. Above them, it is essentially automatic.
The model is then used by a small number of features that Google has promoted into stable Chrome — most notably on-device scam detection (rolled out broadly during 2025) and a “Help me write” composition assistant — plus a wider set of developer-facing APIs (Prompt, Summarizer, Writer, Rewriter, Translator, Language Detector, Proofreader) that web pages can call into. Whether the average user has knowingly invoked any of these features is an open question.
The consent question
The strongest version of the criticism — the one Hanff and several outlets have made — is that Chrome consumes around 4 GB of disk and a similar volume of bandwidth for a feature the user has never seen, never opted into, and in many cases will never knowingly use. There is no install-time prompt asking permission. There is no in-product banner explaining what weights.bin is. The feature is enabled by default, gated only by hardware fitness.
Google’s response, delivered by VP Parisa Tabriz on X on May 6, sidesteps the consent question and emphasises function: on-device AI is “core to our developer and security strategy,” the model “processes data locally rather than sending it to Google’s servers,” and — importantly — Google says that since February 2026 there has been a setting in Chrome to turn the model off and remove it. Google also states the model “will automatically uninstall if the device is low on resources,” and that once a user disables it via that setting, “the model will no longer download or update.”
That last point matters, because it slightly recasts the most viral claim — that deleting weights.bin does nothing because Chrome silently re-downloads it. That behaviour appears to be real if you delete the file by hand without disabling the feature: Chrome’s component-update machinery treats the missing file as a corrupted install and refetches it. Disabling the feature first changes that. The two facts are not in conflict; they describe different code paths.
Reports that the practice “may violate EU law” — repeated in several outlets — are at this stage a researcher’s argument, not a regulator’s finding. No data-protection authority has issued a public position on whether silent download of a local-only model constitutes processing or distribution that requires explicit consent under GDPR or the ePrivacy Directive. It is a defensible legal question. It is not, today, a settled one.
How to opt out
If you want the model gone and want it to stay gone, there are three usable paths, in increasing order of permanence:
- Chrome Settings (since February 2026). Open
chrome://settings, search for “AI” or “on-device,” and toggle the Gemini Nano / on-device model option off. This is the Google-blessed route and, per Google, prevents future re-download. - Flags. Visit
chrome://flags, search foroptimization-guide-on-device-modelandprompt-api-for-gemini-nano, and set both to Disabled. Restart Chrome. You can then delete theOptGuideOnDeviceModelfolder. - Enterprise policy / Windows registry. For machines you administer, set the
GenAILocalFoundationalModelSettingspolicy to1underHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome. This applies to every Chrome channel on the device.
You can inspect the current state at any time at chrome://on-device-internals, which shows whether the model is installed, its version, and its size.
The bigger pattern
This is not really a Chrome story. Microsoft is shipping Recall and on-device Copilot models into Windows. Apple Intelligence is downloading several gigabytes of foundation-model weights onto every recent Mac and iPhone. Chrome is now doing the same at the browser layer. Each vendor has a defensible technical case — local inference is more private than cloud, and you cannot run a local model without local weights — and each has chosen, so far, to treat the storage and bandwidth cost as the user’s invisible contribution to the platform’s roadmap.
Done well, this is better than cloud AI: text never leaves the device, latency is low, you keep working offline. Done badly, it is a unilateral decision to spend gigabytes of someone else’s disk and bandwidth on a feature the vendor wants to ship. The line between the two is informed consent, and right now that line is being walked very lightly. A first-run prompt that names the model, its size, and what it enables; a default that respects metered connections; an indicator users can actually find — none of these are exotic asks for a 4 GB binary.
Should you uninstall Chrome?
Probably not on the strength of this alone. Firefox and Brave are real browsers with real engineering behind them, and switching is a legitimate choice — particularly if you actively dislike default-on telemetry and default-on local AI. But the migration cost is real: extension parity, sync, profile data, password managers, the muscle memory of a browser you use for eight hours a day. If the silent download is what tips you, switch with eyes open. If it just makes you want to turn the feature off, the toggle takes about thirty seconds.
The more interesting question is not which browser you run. It is whether the next default-on, multi-gigabyte feature shipped to a billion devices will arrive with an actual prompt — or, again, just appear in a folder you have never opened.
Sources: Alexander Hanff / That Privacy Guy! forensic write-up (May 4, 2026); Google statement via Parisa Tabriz on X (May 6, 2026); 9to5Google reporting on Gemini Nano rollout (May 6, 2026); Digital Trends coverage of Google’s response (May 7, 2026); Android Authority technical breakdown of weights.bin; Chrome developer documentation on built-in AI APIs (developer.chrome.com); Pureinfotech opt-out guide (Windows registry policy).
Discussion
Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.