The Opaque Reality of AI in Chrome: Local Promises, Cloud-Based Practices

In a recent article, I explored the potential of embedded AI in browsers, specifically focusing on Google Chrome's integration of Gemini Nano and the broader implications of local AI models. I posited that this deep browser integration represents a fundamental shift, offering AI models unprecedented access and control within our applications and data compared to external foundation models like ChatGPT.

The reasoning is straightforward: models embedded within the browser operate on the user's behalf, bypassing the limitations imposed on external entities. Websites like Medium, for instance, often present different views to users and robots (like ChatGPT), restricting access even with browsing capabilities enabled.

A browser-based model, however, can interact with the website as the user, circumventing these restrictions. Crucially, this also means the model has access not only to the current tab but also potentially to user information, cookies, other tabs, and essentially all browsing activity, contingent on the browser's implementation. This level of access raises significant questions about data privacy and transparency.

Initial expectations might suggest that Chrome exclusively utilizes Gemini Nano locally. However, Google’s communication regarding the use of private versus public models is unfortunately opaque and inconsistent. This lack of clarity raises concerns from a privacy standpoint.

Google has publicly extolled the benefits of local models like Gemini Nano, emphasizing their privacy advantages:

• https://developer.chrome.com/docs/ai/built-in

Furthermore, Google has showcased various AI-powered features in Chrome, including a tab organization function, in a separate announcement:

• https://blog.google/products/chrome/google-chrome-generative-ai-features-january-2024/#help-me-write

Regrettably, Google's announcements lack specificity regarding the underlying models powering these features. This absence of transparency extends to their privacy policies. While prior research and the aforementioned article suggested the possibility of Gemini Nano utilization, the lack of official confirmation necessitated further investigation.

To understand the actual data flow, I decided to figure it out on my own.

Here's what I did.

1. I activated the tab organization feature in Chrome:

1. I employed ProxyMan to intercept the network traffic (this could also be achieved using Chrome's developer console)
2. Observed the data being transmitted to Google. The results were revealing.

The data transmission was demonstrably not confined to local processing. The titles and URLs of all open tabs (limited to three in this test) were sent to Google.

Many people probably have more than just three tabs open, likely dozens, which can reveal much about their habits, interests, and more.

While not entirely unexpected, the lack of transparency surrounding this data transmission is disconcerting. This discovery prompts several critical questions:

• What about other Chrome AI features, particularly those involving automatic tab sorting and organization? Do these features continuously transmit entire browsing histories to Google?
• Why did Google not opt for the local Gemini Nano model for seemingly straightforward tasks like tab organization, especially given its purported capabilities and the demonstrated feasibility of such functionality with smaller models?

Despite the enthusiasm surrounding these emerging technologies, this experience with Google Chrome cultivates a degree of skepticism. The intrusive nature of these features, coupled with the opacity surrounding data sharing practices, raises significant concerns about user privacy.

Consequently, I have decided to disable these AI-powered features in Google Chrome for the time being.