Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Microsoft Word installed an English language spellcheck dictionary without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
Now we can argue whether or not it's an appropriate amount of disk space or bandwidth to use, but that's just a reasonable practical discussion to have. Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
It's additional software that many users didn't ask for, don't want and will not be aware of. Reminds me a bit of back when installing software was a minefield due to all of the integrated "promotions" for things like toolbars, only now they've vertically integrated the unwanted software, cutting out the middleman.
Honestly, for most features you could justifiably say its fine. I mean honestly, how large is an English dictionary? 100 KiB? That is a far cry from 4 GiB. Just taking up 4 GiB of disk space without even asking is indeed a shit move no matter how you shake it. If Microsoft Word updated and suddenly took up 4 GiB more for something like a dictionary, it might not cause as much uproar as if it were something that many people are tired of hearing about and not interested in, but I'm not sure you would find a single soul who would find that acceptable, more just tolerated, probably partly because a lot of people simply wouldn't know better.
> It's additional software that many users didn't ask for, don't want and will not be aware of
You just described 95% of the parts of all software, especially in this era. And think of the Web - how many gigabytes of terrible adtech and tracking code does the average user download in a month of web browsing without an adblocker? Remember, each one probably packages in a couple hundred NPM dependencies into its bundle.
I don't have even a single use for Siri on my Mac. It's useless AND redundant with the Siri that I have to have on my phone, yet Apple downloaded and installed "Siri" on there. If I install GarageBand which is the only first-party way to do basic audio manipulation, Apple installs at least 4GB of audio samples on my Mac.
None of this is to say "I approve of this exact thing Google is doing" - just that I agree with GP that this is exactly the same as what every big company (and many small ones) do every day.
The only "consent" we ever get is basically the all-or-nothing EULA we have to click Agree to in order to log in for the first time - the relevant terms are "Want computer? Accept that we will be shipping you all kinds of code constantly, for 'reasons.'"
You just described 95% of the parts of all software, especially in this era.
Yes, that's the problem
I had a client complain that some software we recommended installed a database. How fucking dare we install this giant blob of software without his consent! It was MySQL, and integral to the application.
So what's your solution? A click-through acceptance of every single library, component, dependency, etc. every app uses?
P.S. - out here in the real world of the people who just use software, they don't want this. Which is its own problem, because they should care more than they do, but we play the hand we're delt.
The problem here is that the on-device model is old news packed as clickbait without any research beyond his file system. https://news.ycombinator.com/item?id=48034889 And all news outlets spreading it w/o any further research of their own.
Policy GenAILocalFoundationalModelSettings disables and removes the local model without any flag hacks since 2024. In Canary since January behind Settings > System > On-device AI
The article doesn't mention Chrome version, release channel, whether on fresh vs existing install an if settings were altered.
Yep. The fact that it is being hand waved away in this manner as if it was a valid argument is beyond maddening. I am starting to wonder if the move behind land and 'extreme personalization' of software is a fad I thought it was ( I mean, yeah regular users won't, but there is no helping some people if they don't want to be helped ).
I, personally, have found the adtech bloat (for both disk space and processor usage) to be a huge issue for quite some time. If this is the hill where the public decides to take a stand I'll happily stand beside them to try and reverse this gradual enshittification. I think several other hills were more worthy to defend but nobody noticed those ones so apparently this is the place to fight that fight.
I doubt anyone would appreciate software bloat purely because of how widespread it is[1] - it just hasn't risen to the level where it's so noticeable for such a contemporarily controversial topic yet.
1. As an aside - ubisoft game sizes are absolutely bonkers. I didn't realize that each Assassin's Creed had twelve different operating systems crammed into it but I can't see how else they're clocking in where they do.
Modern games include assets with very large file sizes that operating systems do not.
Yeah, I was surprised to learn that Ticket to Ride (downloaded on Steam) uses like a half gigabyte, but the most data-intense thing it does is a few musical tracks and 2D images with scaling. They fit Final Fantasy 3 (SNES) with 3 CDs of music (albeit low quality) and Mode 7 graphics for the airship onto like 3 MB.
There's a name for when a virus scanner finds a program that may have a legitimate purpose, yet is typically bundled into other software in a malicious manner.
It's called a PUP, or Potentially Unwanted Program and most anti-viruses offer to remove them. They can be legitimately installed, but often aren't. (Usually they were shipped in the installers of legitimate software downloaded from sketchy distributors.)
Random AI models being shipped with Chrome is very much a PUP. The user wanted to browse the internet, not use a model. They'd install an extension if they wanted that.
The Ask toolbar was seen as a virus. Mozilla had massive user bleed in Firefox due to installing sponsored extensions in the browser. The only reason this shit isn't regarded the same way is because it's both done by Google and because it's labeled with AI, so all AI bros have to retroactively find an excuse to justify it.
> It's additional software that many users didn't ask for, don't want and will not be aware of
> You just described 95% of the parts of all software, especially in this era. And think of the Web - how many gigabytes of terrible adtech and tracking code does the average user download in a month of web browsing without an adblocker? Remember, each one probably packages in a couple hundred NPM dependencies into its bundle.
So what are you saying? Don't be mad over this becoming the norm, just shut up and sit down and accept it?
The story is only trending because it’s an AI model and the internet is anti-ai right now. It’s a double standard.
It’s like how people are outraged that electricity is being used in data centers to power AI models. When you do the math, the power consumption is far, far less than all the other things you do all day without thinking twice. But again, anti-AI double standard
On the contrary, you're only defending it because it is AI. If it were some other feature that many didn't want or ask for, you would empathize.
A product like Chrome probably has 10,000-ish features, maybe more.
Is your position really that any feature that “many” users failed to ask for must require additional consent to install?
And where is this registry features that a sufficient number of users asked for to allow it to be installed silently?
Not OP but no, I don’t care. Outrage at this is misguided at best.
Outrage at this is misguided at best.
Because it's AI. Got it.
if someone doesn’t want ai on their devices, you think it’s a double standard that they’re annoyed when it’s installed anyway?
i’m not anti-ai by any stretch, but to pretend like their personal choices don’t matter is a bit too dismissive. it’s their choice, we probably shouldn’t imply other people having their own personal taste is hysterical or whatever it is you’re dancing around.
>the internet is anti-ai right now
The 'internet' is not an entity. Outrage and engagement drive ads. Beyond that 'AI' has very little benefit for most people and it's straight loss if you look at consumer electronics (getting price out of PCs) or energy prices.
I’m actually quite interested in this on device scam detection and might be installing chrome on my aunts computer. She’s an upper 70s millionaire widow who is constantly confused and attacked by a deluge of convincing scam emails.
I had no idea chrome had this feature. Wish Apple had something like this honestly. https://blog.google/innovation-and-ai/technology/safety-secu...
>attacked by a deluge of convincing scam emails.
Wouldn't be easier for an email provider to classify the emails already?
Other than that - if the tool provides utility is good. Personally, I'd not touch it - everyone in the family uses firefox everywhere (incl. phones)
Oh no, why won't people leave the poor AI companies alone.
There are many technologies that begin in the corporate world on the enterprise level, and/or in research and education fields, and then trickle down to consumers. And basically anytime a tech reaches consumers, it's a fait accompli; it's ingrained in the business world 100%; scientists and defense contractors have blessed it.
The Avalanche Has Already Started. It is Too Late for the Pebbles to Vote. -- Ambassador Kosh Naranek
The funny thing about "AI Data Centers!!1!" is that they're unsurprising to anyone who knows the progression of this. First there were gigantic computers. Then telecom closets and machine rooms. Those machine rooms and closets got big and hungry! But they were hidden inside drab office space and far inside security perimeters and nobody really paid them mind, because it was part of doing business for the businesses.
Then came the cloud mania and corporations began gutting their machine rooms and migrating to the clouds. So if the consumption and demand for resources ramped up, who knows, but it was transferred from a very distributed, scattered model to centralized in a few big datacenters.
And now those datacenters are becoming an end unto themselves and everyone's gotta get one. Yeah, the scale and consumption of computing increases, but this has been evolutionary and it's only alarming because now, you can drive around a big city and pass several obvious data centers (and a few non-obvious ones) on your way. Did people freak out over AT&T constructing central offices? Dunno, those meant a lot of jobs. We all needed to reach out and touch someone.
But kinda wary about that Death Star.
Wow, a Babylon 5 quote, I'm impressed :)
> the internet is anti-ai right now
Just fyi, this is not a temporary phenomenon, not a phase. People dont like spam, robocalls, persistent advertising, even as we use the tools that enable them. They definitely wont like massive job losses, if that actually comes to fruition. Constant surveillance, "slop" news and entertainment, significantly reduced human contact - not popular. Like most technologies, AI benefits a small group - those who control the means of production - but everyone else loses out.
Not just the Internet either. People are actively talking about data centres using available electricity, and the constant push from employers of using AI for things it clearly isn't suited for. Not to mention the constant "Let me talk to a real person" requests -- people see AI's everywhere and often have no desire to interact with them.
Tempora mutantur, nos et mutamur in illis
It's because it's 4gb and Apple still sells devices with 256gb hard drives.
> just shut up and sit down and accept it?
I mean, that's absolutely your only option other than simply choosing another browser. This will be a non-issue for 99% of Chrome users.
I'm surprised so many people still use Chrome. there are perfectly serviceable browsers which block ads. do normies not know you can block ads if you use a different browser?
They don't. A large number of them don't even care. Some even click on all of the "allow this site to send you notifications" and then proceed to get spammed by hundreds of notifications on their phone/PC. And don't mind it.
It clearly isn't the only other option - otherwise you wouldn't have people like you and others in this thread being outraged about people taking one of the other options.
That we as a society are beholden to corporations is a myth those corporations want you to believe but its not how things actually work. If we come together to say no then those corporations either comply or will cease to exist.
quietly uninstalls Chrome
It's a Brave new world.
https://www.spacebar.news/stop-using-brave-browser/
https://thelibre.news/no-really-dont-use-brave/
It's not "becoming the norm." It's been the norm for decades. And yes, you should not be mad about the norm.
> And yes, you should not be mad about the norm.
Right and if slavery and virgin sacrifices happen for decades we should just join in
Deeply incongruous example tbh.
Is it? It's kind of the heart of the matter - just because something is common doesn't mean it's acceptable. The difference is that in our society we've all agreed the sacrificing is no longer acceptable.
>Is it?
Yes, I would say comparing the gross violation of fundamental biological, psychological and social human needs to an annoyance resulting from a voluntary business relationship is highly incongruent.
The comment above was literally gaslighting against complaining about bad behavior that is common and going on for a long time.
> That is a far cry from 4 GiB
Equating a 4GB file installed without explicit consent to the installation of a language dictionary is comical. That's like saying an unwanted political mailer left in your mailbox is the equivalent of a pallette of hammers left in your driveway.
It sounds like you have a specific number of GB in mind that an app can take up, below which it's totally their business, and above which they need to plead their case, disclose the purpose, and allow me to choose.
What's that number? How did you arrive at it and why?
My Chrome binaries are about 700MB on Mac and 500MB on Windows. Is this below or your line, or are they actually in trouble as soon as they're extracted?
My point is just that it seems there may be an arbitrary limit here that may not be the same for everyone (and 90% of users are nontechnical and thus couldn't give an answer whether 4GB is "worth it" for whatever the features are). Rather than add another whole ecosystem of "Cancel or Allow?" dialogs I'd rather operating systems did a better job of letting users put piggish applications on a strict space budget. Most of the apps on my phone are storing half a gig of "stuff" (called "Documents & Data" but not itemized, and even apps that have none of my 'data' such as browsers), which I can't force them to dump even in an extreme emergency. I can only delete the whole app.
I'm talking about Apple platforms as examples because I use those a lot and with their epic stinginess of SSD, anyone who doesn't pay $400 more than the base model will exhaust their storage within hours to months.
People don't typically have specific numbers already set aside whenever they discuss what is too much. The example given was people can handle a political flyer in the mailbox but not a pallet of hammers delivered in their driveway. Do you have specific amounts (probably will need to be a weight limit and a volume limit) already figured out when you think of how much junk someone can mail to you reasonably? Or how much HD space a browser is allowed to install before it gets to be not-their-buisness?
agreed that not everyone has the same limit, but 4GB is big enough to be annoying to many. that still costs real money (in bandwidth) and storage (on low-end hardware) for a lot of folks.
My arbitrary limit is "not 5x from when I installed it". Like if my gallon milk jug was suddenly 36 inches tall.
Skinny milk jug.
So as long as I'm allowed to bump into you I can also smash your face in, right? After all there isn't any clear point where I'm applying too much force.
> My Chrome binaries are about 700MB on Mac and 500MB on Windows
That's kind-of the point though right? An application that has been say <700 MB for decades, suddenly deciding it'll take a multiple of it's size without asking seems pretty unreasonable, I think it's pretty fair to say the expectations for Chrome were set already.
It'd be similarly unreasonable for a video game that once took 50 GB, to suddenly decide to take 400 GB.
That depends on how you count, though.
Local storage and cache only have limits relative to available disk space in Chrome, IIRC, and can easily bloat to 100 GB without intervention. Personally I think that's a design flaw and they need customizable hard limits as well, but web browsers wasting space without asking is not a new or sudden development.
What a completely asinine post. I'm sick of seemingly smart people in the technical world think they are being so clever by trying to literally rehash the continuum fallacy. You hear this literally everytime anyone even so much as suggests a standard, norm or god forbid a regulation. It seems especially common among libertarian types who think governance of any kind of simply impossible because of it.
Just because there is a gradual spectrum between two states doesn't mean we can't draw distinctions. For example, just because we cannot define the exact, precise color when blue turns into green, it does not mean that blue and green are the same color for any normal person discussing an issue publicly in good faith.
When someone says "X and Y are on a spectrum, X is good and Y is bad", the point is to highlight the differences. Pointing out that the spectrum or continuum might not have a precise boundary has literally zero weight towards the validity of the ultimate conclusion a person is making here and really is just a complete derail done by people who have no substantive points to make.
Agreed. If anything your comment is too charitable. This is just one of the GP's highly sophistic comments here. Considering how he is exploiting the sorites paradox, I wouldn't be surprised if he bases his sophism on Zeno's paradox from time to time.
Excuse me while I go count the hairs on my chin to see if they are >= MIN_BEARD_THRESHOLD.
Is your objection just to the bloat, or also to what the bloat is for?
Personally I'm pissed at both. A large jump in requirements without warning is bad, if I want to avoid it I now need to take immediate less considered actions or get stuck with the consequences. Plenty of decent software actually lets you decide what plugins to install for added functionality, chrome actually has a extensions store that they could have put this crap in.
Yes it's also that it's AI and mostly that chrome is foisting off all the cost of that AI model to me and other users. Without warning and explaining what this model is, is my workplaces power cost going to be up 10% because of whatever they want to run it for? Who knows.
There'd be a lot less complaining if they'd actually warned and less still if they asked.
I'm picturing a splash screen announcing the feature(s) it enables, with a Download button
Honestly this is 2026. Chrome on my phone is nearly 2gb. Google on my phone is 1gb. 4gb storage isn't outrageous, Windows barely runs on anything below 128gb storage. Right now my phone has 445gb unused memory and usage isn't likely to go up much. My PlayStation eats 500gb for breakfast. Heck I use a 2011 Thinkpad for casual use and it should still be fine with it.
This is also GOOGLE chrome, it serves their ends, in the past that was to render internet unimpeded (they saw a need then), needs change. I'd rather models serve most requests locally anyway, so long as it's not destroying my battery life.
Remember the whole chrome-RAM-gate saga? This shouldn't be shocking to anyone. PC's shipping 8gb ram, Google removing ad blocker extensions, these should be the real rally points.
Except this mythical pallet of hammers takes up 0.1% of my hard drive instead of 0.0001%. And it isn't blocking me from moving my car. And...
yea your analogy doesn't even remotely make sense
The issue is the size of the 'update' and the impact it'z going to have on your computer performance.
If tomorrow Google was to include a Blockchain miner in Google chrome, you'd still say you consented to it by using their software ?
Because I'm pretty sure that this LLM is also going to be used by Google to gather data on the user and feeding it to Google, hence just like the Blockchain miner using our computer ressources (space & performance) to feed Google yearly benefits.
Hey, you got the point. Is there a chance that Google actually plans to use users' computers as their edge computing devices?
> Reminds me a bit of back when installing software was a minefield due to all of the integrated "promotions" for things like toolbars, only now they've vertically integrated the unwanted software, cutting out the middleman.
You know, I never thought about it like that, but it is true. The bloat and spyware is a core part of the OS now.
It's just more efficient that way!
> It's additional software that many users didn't ask for, don't want and will not be aware of
You mean like Siri? It does the exact same thing and no one asked for it, either. That shit barely works too.
Chrome installs additional software that 99% of users don't use. It can intercept and modify code running on your computer, and spies on all network requests. Hackers use it to analyze potential vulnerabilities. 90% of users aren't even aware that it exists!
That 4 GiB will also update daily, because without churn it will be dead.
You could say the same thing about shipping V8 with Chrome. Some users disable JS so shipping V8 with Chrome is additional software they didn't ask for.
The old unix administrator would expect a platform to ship choice of JS that would be in /usr/bin/JS. The local administrator would add their local choice of JS /usr/local/bin/V8.
The browser would then have a configuration option of which JS interpreter to use.
Bad analogy. "Some users disable it" is very different from "it was introduced without any notification or information about what it does and the vast majority of laypeople have negative sentiment toward it".
> vast majority of laypeople have negative sentiment toward it
Citation very much needed. Technologists are not laypeople, and are almost certainly a vocal minority.
An AI is not additional software. Infact, a model is not software.
It's not processor op-codes, but sure it's part of the software. You wouldn't say that a set of precomputed weights in a numerical integrator aren't part of the software, would you? Or say that the graphics in a game aren't part of the software?
> a model is not software
When does code become software?
How does that change anything? It doesn't matter if you categorize it as software or not, unwanted is unwanted. And frankly I just flatly disagree, you could certainly make the case that model weights are a form of software.
If they downloaded a 4GiB media file of some Irish band that nobody asked for, people would be upset as well. It doesn't matter what the 4GiB contains. If it is not going to be used by the user and the user didn't ask for it, that's just idiotic to think people would not be upset about it.
I think we are agreeing.
If someone puts a camera and a microphone on devices that don't need them, then it's a) pushing up the price of goods for everyone with features that mainly serve corporate, b) there are bad actors out there even if you think corporate is a good one, c) no reason to think corporate is a good actor.
Shipping an AI model with a browser is starting to look like sticking cameras on ALL glasses, not just smart glasses, regardless of whether anyone wants that. Saying this is fine and not unusual is clearly motivated reasoning and just normalizes the surveillance state. It's very obvious the way this ends. Browser-based models will eventually be using your computer at the edge to save corporate money in the cloud while they do ever more expensive and invasive stuff to profile you.
Shipping the model with the browser is exactly the opposite of what you are claiming.
The alternative is sending the data to Google.
Back to the assumptions.
If the onboard LLM means no data sending and you get your own little service wholly subservient to you like a good little program. That's nice!
If the onboard LLM means better data filtering, possibly even exploration of the local system, to send information to Google while lessening their datacentre bills running LLM services. That seems a little underhanded to just bake into things without notification.
Pick your assumption, you get your outcome. What are your assumptions?
Why assume? it should be observable. You can check the code and data traffic to see how it is used.
Can't observe the future, so learn from the past.. or use common sense. You don't react to a stranger or a mysterious camera in your household by saying, wow ok, let's see if anything bad happens.
No, what's misguided is equating the legal definition of consent ("It's in the ToS") with actual consent. When everyone (especially google) knows 99% of users don't read the ToS. Can they sue over it in a court of law? Maybe, maybe not. But they can write articles, spread the word and generate bad press for google. Then maybe consent will be actual rather than constructive.
> Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
For me the most significant problem is the lack of consent. I assume it's just not how you want to frame the problem. Ignoring the problematic parts or behavior of some sort of behavior is a common problem in modern software, and it's actually what the article is complaining about.
I don't think this is a question of framing or ignoring problematic behavior at all. I'm quite certain that you wouldn't find it anywhere near comparably egregious if Google added a new developer option without your consent- the most significant problem is the 4GB and the LLM. And, of course, you did consent to their software terms. You are free to switch browsers. What does consent have to do with this?
yes, no one would have a problem with it if it were useful, so what, they're hypocrites if they don't like it because it's useless? actually, people generally only complain about consent when they didn't like what happened. the takeaway is that if it's an update that will be thrusted upon a user, deliver value for them. and it's your problem, not the user's, to persuade them that what you're thrusting upon them has value.
Exactly this. My issue with Microslop isn't that they're using AI, that is its own can of worms.
It's the fact that they were forcing it into MY computer, using MY bandwidth for THEIR profit goals. The lack of consent was the final nail in the coffin for me, no computer in my house uses Windows now, and it will at best be a long time before that changes.
I got rid of Chrome ages ago as well. Chrome's only redeeming feature is its user base. It's slower, uses more system resources, ugly as a browser, and now its an AI rapist too.
That's like saying users have no right to push against certain features. It's like saying Windows Recall was always ok and there was never any reason to demand it not be installed. The only difference is one can choose to use a different browser easier than they can choose a different OS.
You're right in the sense that practicality and consent are orthogonal issues. There are probably stronger arguments to complain about a feature than the disk use.
> The only difference is one can choose to use a different browser easier than they can choose a different OS.
I'm not even sure that is actually true for most people. If you mainly work in the browser, which many do, then you can change the OS under it without impacting the user too much but change the browser and there will need to be much more to adapt/relearn.
> It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
So where is the line we draw where bait-and-switch goes from being acceptable to unacceptable?
MA Chapter 93A for example clearly says that businesses are prohibited from "unfair or deceptive practices" including misrepresentation or concealing defects. Where do you think the line should be?
If you market a product as a Browser and it's codebase is 10% browser related and 90% some other program... Should Google have to correctly represent that product?
Related; If you didn't like when Apple forced you to use Siri on your phone, why did you purchase a Mac? Did you not expect them to continue disrespecting your sovereignty after you let them get away with it the first couple dozen times?
In principle I agree, but chrome has an auto-update setup and using that mechanism to download several GBs of data that is not critical to the app itself is cause for question.
Chrome is not entitled to my disk space just because I installed it and Microsoft has been excoriated for the exact same behaviour with AI.
>Chrome is not entitled to my disk space just because I installed it
When you install any program it becomes entitled to your disk space, by the definition of installation. If you don’t like the program, you can just uninstall it and it’ll no longer take up your disk space.
This is a good point, given there is no shortage of alternative browsers, even if there is a relative paucity of alternative browser engines.
Couldn't the same argument be made for Chrome suddenly including a bitcoin miner? Seems like that would be a difference in degree rather than in kind.
The difference would be intent. A nearby comment worries that the endgame is the ODM being used to monitor you and report back. Certainly wouldn't put it past the world's biggest ad company to think of that! And if that is what purpose it's put to, I think I'll be mad too.
If Chrome shipped a crypto miner and used the resulting coins generated on my device to let me automatically bypass paywalls with micropayments that would be way better than if they shipped the same and just took the coins.
> It's just part of the software.
What isn't part of the software? Can they just install as much garbage they want to, as long as they claim it is part of the "browser"?
Also, scale absolutely matters. If I pull up in front of your house and say "hey, mind if I park here?" and you say yes, then I park, walk away, and 10 minutes later park a fleet of 18 wheelers in front of your house, you're going to feel like I wasn't...entirely forthcoming about what I intended.
Where does this line of thinking end? What couldn't be construed as part of the software?
It ends at the usual place, the shrink-wrap agreement. What did the license agreement say?
Nobody knows because its unreasonable to expect people to read them.
agreements don't always hold up to legal scrutiny. In cases where it is unreasonable, it won't be able to stand up in court. And in any case, this is not a legal matter but a user experience / public opinion one
You're right, it's not a legal matter. You and I will readily agree that bundling a 4 GB language model with a Web browser is unreasonable, but how do you envision making that case in court?
My guess is that maybe one in 1000 Chrome users will even notice it.
What is the line is a good question. I'm strongly pro-user agency, but I still think consent is more around what actually impacts the user. If there's some safeguards, for exceptional cirumstances that users can get into if they need it, I feel like the software has to be doing more, having more of an impact on you for there to be an offense or problem here.
That said, I do want to amplify agency. I don't immediately know what to expect for disarming this. If a website starts hitting the API heavily and my machine's fans are spinning up, where am I at, and what do I expect? It feels like the web is close already, with a pretty sophisticated permissions model, where we go to look for things. I'm interested in an evolved permissions model for the web, where even when permissions are on by default, it's the same flow to turn them off. I think that would remove a lot of the grounds for "I don't want this" that seems so persistently abundant these days.
Even it feels like the risk is so low/non-existent, if the user's demanding less agency from the their user agent, in principle I guess we ought give them the less that they asked for. Usually. But that always has some kind of practical limit too. CSS made some people mad! It's ok for this not to be the software for you, for you to go need to go somewhere else.
I believe that relatively inert capabilities like this, where mostly it's taking up some storage space and joules, is generally not really altering the contract, and is fine.
When you decide to build autoupdate features into your product, in some way you are building trust that you wont break expectations with your users. If google wants to pull a microsoft and try to force me to use another of their products I dont want to use, they are welcome to die in the same way as IE did.
I think it falls more into the category of needing consent like a crypto miner would. If I use a piece of software to do X and it begins using more resources to do Y that can be a serious issue and is at the heart of this discussion.
A crypto miner needs consent because it burns your battery and CPU power with no benefit to you. This AI model would only be used when you invoke it so the only problem is disk space, which the comment you're replying to acknowledges as a point of issue.
Or some website decides for you that you now want to talk to your local AI chatbot using google chrome prompt api.
https://developer.chrome.com/docs/ai/prompt-api
> This AI model would only be used when you invoke it
You sure about that? How explicit is the invocation? assuming it’s only run when the user does something (big assumption), does the user know clicking that summarize button is going to bog their system down and crank up their electricity use?
Indeed. Trusting that it will only be processing the user's queries - as opposed to, say, becoming part of a distributed grid of AI processing nodes - isn't a bet I'd be willing to place much money on.
You would be right if there's a popup box with two buttons appearing before installing the model and before every time it's used by some site.
Button 1: "Stop the AI now to save X GB of RAM".
Button 2: "Erase all browser AI to save X GB of RAM and Y GB of disk"
This isn't asking for consent, it's simply informing the user about what oversized resources are optional and providing an honest way to save them.
The only alternative to that is formal consent.
A crypto miner generates revenue needed to run the service, similar to ads.
It is changing the product significantly. I wanted/consented to a browser. Nothing more. Agreeable, nothing new with the browser vendor pushing plugins down our throat which are not browser core features, nevertheless not right.
Welcome to 2026, in which a browser is an operating system!
OS bloat is no less of a problem.
> I wanted/consented to a browser. Nothing more.
I agree. I want just a browser. No non-browser-related features, such as JavaScript, CSS, WebRTC, WebGPU, Wasm, etc. Nope, just browsing.
Edit: /s, obviously
That's a dumb argument to make as all of those things are used to render the browsing experience. You can disagree with them being necessary or not, but they are part of the experience.
You'd be much better off arguing you wanted/consented to a browser, but you got 3 toolbars installed as well and a couple of extensions that report back every keystroke to their respective mothership.
I think you missed my sarcasm. Sorry if I was being too subtle. My intent was to point out that "just a browser" is a meaningless phrase as the functionality of browsers changes.
Yup, I did. I read it as an HTML purist that thinks all of that stuff is ruining the web never leaving Reader mode pining for the days of Gopher
A better example of a non-browser feature that crept into browsers would be PDF viewing.
> nothing new with the browser vendor pushing plugins down our throat which are not browser core features
You need to find another browser, if your desire is only browser core features. You have that freedom!! You can do it!
On the other hand: I don't think anyone caters to that position, because it's a bad/nonsense position, that users don't want. There are some browsers that come closer to this, but this idea of "browser core features" is, on the face of it, to me, reduction deeply into the absurd.
> this idea of "browser core features" is, on the face of it, to me, reduction deeply into the absurd.
To counter this, the idea that the BROWSER should be doing other things than BROWSE is insane to me.
It is very clear that you and I came of age in a very different environment with a very different mindset.
The moment somebody starts forcing additional packages, some which may even be larger in scope and code than the primary software, throw them in the woodchipper. That's dirty, disgusting behavior that removes user agency and exploits the trust between those developers / company and the user.
Absolutely not.
We've been down this road before and people hated it. Most, if not all of those companies, died.
My biggest beef with the browser's unchecked scope creep is that its role as an application platform is fulfilled in a manner that's completely at odds with the original purpose of a browser as a user agent. They're running untrusted third party code by default, letting sites embed spyware, and constantly adding more anti-features. Treating this as normal is insane from an unindoctrinated viewpoint. Acting like people who question this status quo are being unreasonable is an insult to everyone who cares about privacy or security.
Yeah, I came up with BBS and being amazed at watching us connect & grow capabilities, in ways that anyone could easily use. That was and is incredible & amazing. I struggle to see what reached out & touched you, has you (from my perspective) so shook & anti- willing! I can't imagine not seeing the hope & awesomeness!! I agree: we do have very different backgrounds, it seems like!
There's libraries, still: big buildings with books on them, if you want to go browse static dead information that sits there! You can even check out books on your phone now; thanks Libby app! Your use case is already super well fulfilled! Has been for a long time! You can go do that!
It's absurd to me how conservative & constraining some people want the world to be. A reduction of possibility, that itself feels absurd, taken to even more absurd anti existence, anti possibility. There's been no platform on earth where it's so easy to make cool neat software and experiences for yourself & friends, where we can do so much. From a static website! That power is incredible. That power had been locked away forever and somehow it became very easy, yet still reasonably sandboxed, and is available to all, so easily: and that's nothing short of a miracle.
And as ever it's always the same! The same shit! "The story so far: after packaged software, the web was created. This has made a lot of people very angry and been widely regarded as a bad move."
Just go use a browser that works for you, and stop trying to ensnare the whole world in your very limited very constrained narrow view of expectations/desires. Don't expect the universe to reduce itself to your level! Especially because: the web will let you have the browser you want! There's other media-forms that are everywhere that are even more set, as per your desires! But man, to moralize & outrage against those who don't want the web to be but a book that's online? I don't sympathize at all, and I don't understand the basis where this comes from, and I so strongly feel there's been way way way too much of this frankly bad attitude; I think this is very broadly a popular anti-sentiment to whinge over, that is far too over-expressed. And it's so small, so limiting a world, that's so unclear & so unexplained. The world wide web doesn't need to fit in such a tiny box. This is human capability, that increasingly is the means open to all, for the Dream Machines to be made with, for intergalactic internets to connect people with. Sure! A lot of that hasn't gone great, we don't like what has been built!
But it's always seemed so clear and so obvious to me that this democratic access to platform, available on any device, that let's us do so much, is a fragile sacred thing. And that taking that away is to give up all hope of ever having systems that are good for us.
It’s actually really useful for web devs to have access to a local model. Whether or not browsers should bundle their own rather than using the system-provided model(s) is up for debate, however. For the time being, though, Google does have some of the better small ones.
Furthermore, users aren’t going to want to have to wait for an extra thing to download before their web apps can use AI.
That’s the thing… Without context of why, users probably wouldn’t want a 4 GB download. But they do want their web apps to work properly. When there’s a specific use case they’re interested in, they will want to have it, and they won’t want to wait.
You haven't even tried to provide a hypothetical example of what a web app should try to do using a local LLM, nor addressed the obvious questions about how that kind of thing should be standardized, what level of local LLM capability is reasonable for a web app to expect, or how permissions for that should be managed given that a local LLM is not just a tax on local storage capacity.
So why should anyone take it as a foregone conclusion that this is an instance where web devs should get what they want? In general, the browser should be acting in the best interests of the user and not automatically granting the wishes of every web site that wants to drain your battery.
One example I have that made me excited for this feature is the free recipe manager website I run.
Many of the paid-for competitors give users the ability to import unstructured recipe data these days from sites like instagram or at least text-only websites.
I can't afford to offer this as a feature since my website has no advertising and I just pay for it out of pocket, but it's an incredibly easy feature to add if you have the money to pay for tokens.
If I could use a local llm to do it though that runs in the person's own browser then I think it would definitely be valuable.
That said, I'm not sure the state of local llms provides a good enough experience yet (small models and slow) but that doesn't mean that in the future it might not be useful.
The propsosed apis do work for this purpose, albeit more slowly and lower quality
> not automatically granting the wishes of every web site that wants to drain your battery.
Pretty sure that ship sailed way back when Flash ruled the Internet, and it's still sailing more than ever today.
Browsers are just weird sandboxed VMs now. They have nothing to do with their original purpose. Don't be mad at me, I like shipping webapps that render documents server-side and use even JS incredibly sparingly. I'm just reporting what I see. The browser exists as a way to make developing completely proprietary apps with proprietary UIs for several platforms cheaper, and Chromium exists to help further that goal including, if necessary, being packaged up and shipped with those apps (Electron).
There is a link elsewhere in this comment tree addressing all of that:
https://developer.chrome.com/docs/ai/prompt-api
Google's marketing for their latest new browser feature nobody asked for shouldn't be taken at face value. Somebody outside Google needs to provide a well-reasoned assessment of the feature proposal.
And having skimmed that page, it really doesn't answer most of the important questions. Are other browsers expected to ship Google's model, or put a different model behind the API that Google has documented as being specifically for Gemini Nano?
> Somebody outside Google needs to provide a well-reasoned assessment of the feature proposal.
I'm sure that exists already, I've personally been waiting for some version of this to make it into browsers since like GPT 3.5. Every day on HN there is conversation about the tradeoffs of local vs. hosted models; the uses this API is intended for are perfectly within the capabilities of local models.
> And having skimmed that page, it really doesn't answer most of the important questions. Are other browsers expected to ship Google's model, or put a different model behind the API that Google has documented as being specifically for Gemini Nano?
Most of this is answered under the tag "Intent to Experiment" and the associated link. It's not a mandate that they're forcing on the web today, it's a public experiment intended in part to solicit feedback for a potential spec: https://groups.google.com/a/chromium.org/g/blink-dev/c/6uBwi...
> Most of this is answered under the tag "Intent to Experiment" and the associated link. It's not a mandate that they're forcing on the web today, it's a public experiment intended in part to solicit feedback for a potential spec: https://groups.google.com/a/chromium.org/g/blink-dev/c/6uBwi...
That does pretty much settle the question: if it's still just an experiment, Google should be asking for consent and web developers should not be assuming that this is the future of browsers, and nobody should be acting like this is a foregone conclusion.
> really useful for web devs to have access to a local model
I’m not opposed to this. I don’t want Google, an advertising quasi monopoly, to be auto-installing its own AIs on everyone’s computers.
I agree to install it, but I don’t agree to automatic updates. The bigger problem is, I can hardly find where to disable Google’s automatic updates. In the end, I just locked the file permissions to stop that virus-like auto-update program from running.
Auto-updating browsers is one of the best advances in the web dev space in the past decade. I find it hard to believe that anyone who did web development before evergreen browsers became a thing would ever disagree.
I think automatic updates that offer no easy way to refuse are completely unreasonable.
Can you imagine going to see a doctor, and in the middle of your appointment, the doctor drags you into the operating room to automatically update your body?
That's roughly how I feel about automatic updates. If you apply the concept of automatic updates to any industry outside of software, it would very easily be illegal. But strangely, this concept is considered legal when it comes to software.
Best advances for whom? Lazy web developers?
Considering that most websites are optimized to just barely run on what the developers are targeting, letting them target the "state of the art" instead of what came installed on grandmas machine is been a huge negative for website efficiency and thus average user experience, not to mention global resource waste.
Web developers, users who want don't want security issues in their browser, and anyone who wants consistent rendering of sites
Incorrect. What you consent to, is the software, with its intended use and design. It is not consent to allowing the vendor to install what ever software, for what ever use case, of infinite size, forever. With your interpretation, MS could install a torrent client, child porn or what ever, and that cleraly shows that your interpretation leads to a reductio ad absurdum.
When I download a web browser, it is reasonable to assume a piece of software that allows me to view web pages. Not an AI model.
The correct way to handle this, is for the vendor to announce the feature, the size and capacity required, and offer an opt-in, and not an opt-out.
This is beyond dispute.
> This is beyond dispute.
My top-level comment has stayed the #1 comment on this post since I wrote it, and currently has over 300 upvotes.
So it is extremely clear this is not "beyond dispute". A valid dispute can exist even if you're personally not happy about it.
Even Microsoft doesn't install a spellcheck dictionary unprompted; that happens when a user/admin goes into the app configuration and changes the language support options.
Under the EU AI act this REQUIRES disclosure. The user should be informed that the system is installing an LLM
Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Java installed an ask.com toolbar without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
wellackshually the bloatware explicitly asked for consent. There was a checkbox at the end of the EULA asking you "I also don't agree to not install the ask.com toolbar. You wouldn't do that, would you?". There is a state of that checkbox which would not install the toolbar, because, as you know, it's not part of the software I'm trying to install. That state, however, is left as an exercise for the decompiler. :)
Though I kinda agree that framing it as "consent" feels a bit off even if I myself would say no if only Chrome had the courtesy to ask. What icks me more is a 4GB[1] blob that has no relevance to the primary business of being a web browser; this is basically the IE anti-trust issue all over again. And it's an experimental feature! Under saner policies this thing would be a plugin from "Google Chrome Labs".
[1] I found weights.bin in Ubuntu 22.04 Chrome v147.0.7727.137 but it's "only" 2.7GB. Still, my ick stands.
I thought the issue with Java was that checkmark would check itself on update?
I was trying to draw that parallel but maybe I'm misremembering
that's not true. ask.com nonsese did ask consent and it was trivial to uninstall.
I think the disk space and bandwidth are what make consent needed, because it’s implied that the browser may download small pieces of data but the user would not expect such a large file be downloaded so it should check with them
But then they should state that minimum size of Chrome is 5-6GB (lol, OS size). Sure this feature should be installed by informing the user what are the pros/cons; just installing without asking - means that you are using user's traffic (huge for mobile, for example) and disk (quite a large part) without notice, which is probably a bit shady.
i wonder how exactly it makes it harder to have a discussion. would it be okay to talk about spyware in terms of consent, or would that make it harder to discuss as well? can you think of a situation that it wouldn't be unhelpful to frame what software does in terms of consent?
If Rockstar games can be criticized for Hot Coffee then Chrome can absolutely be criticized for such bloat ware.
Invoking a different case with bad logic doesn't make this one any stronger. I never understand this impulse, is it just "nuh uh!"?
That was also stupid
TIL, what a nutty situation.
please don't defend this anymore.
People installed an html client, not a backdoor into their computer.
Incorrect. Adding LLMs in the browser IS the backdoor into your computer.
You’re probably right in a literal technical sense, but a very large number of people (maybe most?) would choose “no” if properly informed and asked for consent, and lots of people are morally opposed even in principle to downloading a large AI model onto their computer. I’m not one of them, but they’re out there. So in a cultural sense, it is different.
What % of Chrome users (this is the default browser that nearly every 'normal person' uses) do you think is confident (and knowledgeable) enough to answer this quiz:
I'd say maybe 5% could get 80% of those right. So, most people would be purely guessing the same way I'd be guessing if you asked me if I want 800mg of Beta-Carotene for $1. I don't know for sure if I need any Beta-Carotene, and if I did need some I wouldn't know if 800mg is a little, just right, or way more than I'd ever need, because I'm not a nutritionist.This kind of unwanted software installed with a product you want used to be clearly considered malware. But these days software companies all think they own your computer and can do whatever they want.
Chrome's model is based on copyright infringement and court cases are pending regarding legality. Even if spellcheck dictionary was 4 GB, installing bloated but legal software is different.
Can't stand this kind of corporate apologism. It's one thing to disagree about whether this is a reasonable thing to do, but there's no need to additionally gaslight people about whether their category of grievance is even valid. Of course it's consent. They did it, without consent, that is a simple and factual statement. You consented to one thing (a browser) and not another (a giant AI file). And then the question with consent is whether the thing is something a person ought to seek consent for, which is entirely relative to how the person will feel about it. Installing a dictionary, probably not because it's small. Installing a 4GB file, probably yes. Obviously.
They are abusing our trust. That's the issue.
not just that, unfortunately
This is just today
"Tech giants Microsoft, Google and xAI say they will allow the United States federal government access to their new artificial intelligence models for national security testing." https://www.aljazeera.com/economy/2026/5/5/microsoft-google-...
Its not misleading, AI models (unlike English spelling check) has the potential to mine data on users and invade privacy all under the name of "training the model". I am very skeptical of AI models. Governments and big corp have the ability to exploit AI models and none of them a righteous for us to feel safe from a move like that.
Local models exist as part of the solution to privacy invasion. Not saying google has never been nefarious, but the whole point of local models is that your data doesn't leave your device.
Yes plus there is lot of confusion; the author is citing ePrivacy and GDPR that are about PIIs, not at all about consenting to an install.
News from the year 2030: Google takes your credit card info, sells it on the black market for pennies and kicks you in the groin.
Framing this as needing "consent" is deeply misguided. It's as silly as claiming that Google stole your credit card info without your consent. It's just part of the software. You consented to installing the software and having it autoupdate. That covers it.
Now we can argue whether or not it's an appropriate amount of physical abuse to use, but that's just a reasonable practical discussion to have. Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
You're arguing in bad faith.
It’s not in bad faith, it’s reductio as absurdum.
Installation is not consent.
Disagreed; it's not a download you'd expect and it's also at least an order or two of magnitude than you'd expect to find reasonable for browsing a page.
I have a 2GB mobile data plan. If I was using Chrome, then some site triggers the Prompt API, that will cause Chrome to not only wipe out my data plan, but need 2 of my data plans. I don't find this reasonable.
This is exactly a consent problem, because I'm not denying it might be a useful feature, but it should be at the user's own informed choice. The fact that Chrome developers don't appear to see this might be due to them living in a bubble where they've never had to think about the costs.
So… every software package you’ve installed has the right to consume an unlimited amount of your system’s resources? It’s an absurd argument. By that logic it can fill your hard drive, RAM, and max out your network bandwidth and the user would have somehow agreed.
Except spellcheck is a reasonably foreseeable part of a word processor. An AI model isn't really a common component of a typical web browser.
Disagree
It is consent - and its a pattern ubiquitous in tech.
Idk a random model being part of the software is not a given as much as things are trying to be pushed.
i think if google can show that they know what it does and able to contain it then sure, it's a tool they have power over. if not then I don't see how it is being contained by the terms
A spellchecker is a standard function of a text program.
Since when is an AI part of the browser?
On top it’s another abuse of their market domination. What if users prefer other models?
By that reasoning, any novel/cutting-edge addition to a browser or other software is wrong? Every standard was new at some point.
The question of whether web browsers will one day be expected to normally include an LLM is not at all relevant to the situation at hand, where that absolutely is not the expected or typical behavior of a browser. Google should be asking for consent now even if they expect in several years time to be able to presume consent for this.
So the principle is that any as of yet non-standard addition to software needs explicit consent from the user?
Major feature updates require consent, yes. Automatic updates are for bug fixes and security patches. It is disrespectful to the user to automatically deploy any update that changes the UI without warning or consent. I like my toolbar buttons to stay where I left them.
> By that reasoning, any novel/cutting-edge addition to a browser or other software is wrong?
This is IME the default position on HN. Seemingly a complete showcase of the appropriate scope of web technology can be found at http://info.cern.ch.
I am against built-in VPN for the same reason I am against this. There is nothing novel or cutting edge about them. Any browser could have done it back in 2003, but they didn't do it for a reason.
Of course, it's not like any of this matters in the end.
Any addition that has nothing to do with the purpose of the program is wrong.
That why ERPs added CRM and DMS functionalities, CRM added DMS and ERP features and DMS got messenger parts.
Of course those new functions can’t compete with the programs made for these functions in the first place and at the end of the day even the main functionality got worse.
Here is the additional point that Google enforces their own model without asking.
Usually programs with additional features give you an option page to select/deselect unwanted features
At least Word lets me choose which dictionaries I want to install during its installation. With an estimate on how much disk space it will take.
There was a point in time when a spellchecker was not a standard function of a text program, and a spellcheck dictionary would have been considered a large file to include with that kind of software.
I'm not a fan of Google's actions here, but I do think it's possible that at some future time we'll say, "but a local AI model is a standard function of a web browser."
> at some future time we'll say, "but a local AI model is a standard function of a web browser.
And before that point ask the user for consent.
It’s not that hard.
If you make a sudden big change, ask for consent.
Hey if people could go for their pitchforks and torches over Apple giving them a free U2 album that ate up limited device storage space,
we have every right to be upset at Google's audacity to suddenly gobble up 4 fucking GB
Also from the same webiste, Claude installing spyware: https://www.thatprivacyguy.com/blog/anthropic-spyware/
but discussion about that seems to have been suppressed on HN: https://hn.algolia.com/?q=Anthropic+spyware
That was an even more ridiculous post. It wasn't spyware, it was a messaging bridge being installed for exactly the purpose it was intended. It was Claude Desktop installing a bridge that would allow Claude browser plugins to communicate with it. It was only used if the user had installed the browser plugin, and all it did was grant that plugin access to the app that had installed it!
So it's a backdoor to bypass the browser sandbox. Spyware is an apt label for that.
It's not a backdoor: it's using a feature for the purpose for which it was designed. It's not granting plugins access to anything except itself
It's the sheer gall of doing shit like that on my system without asking me. Creating a shitload of files to modify the settings of OTHER apps, wtaf?
I asked Codex to look into it: https://i.imgur.com/lvOjR0x.png
> You consented to installing the software and having it autoupdate.
You make a good case for much stronger laws and regulations on what such consent can legally allow.
> Framing it around consent is unnecessarily inflammatory and makes it harder to have a discussion, not easier.
Spoken like a Google shareholder. It’s wild to see this level of gaslighting being presented as some sort of reasonable position.
I disagree. Its a browser, damnit. Framing it as non-consentual AI is the right way. BTW, how much does Google pay you for this comment?
hey i found google ceo here!
Disagree. By your framing, might as well add a 4 Gb LLM to grep as an unasked for and downloaded option.
you are being very disingenuous. there are certain expectations from a software vendor. taking things into extreme, if something install malware as an update on your computer, is it not a silly claim that it is free for vendor to do so?
"You consented to installing the software and having it autoupdate. That covers it."
Were the terms something like
https://chromium.googlesource.com/chromium/chromium/+/refs/h...
"11.1 The Software which you use may automatically download and install updates from time to time from Google. These updates are designed to improve, enhance and further develop the Services and may take the form of bug fixes, enhanced functions, new software modules and completely new versions. You agree to receive such updates (and permit Google to deliver these to you) as part of your use of the Services."
https://www.gdpreu.org/the-regulation/key-concepts/consent/
"Where should the consent request go?
Consent information must be easily identifiable by the user. It should be presented separately from any terms and conditions."
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-re...
"You cannot rely on silence, inactivity, pre-ticked boxes, opt-out boxes, default settings or a blanket acceptance of your terms and conditions."
https://www.edpb.europa.eu/sites/default/files/files/file1/e...
"The element free implies real choice and control for data subjects. As a general rule, the GDPR prescribes that if the data subject has no real choice, feels compelled to consent or will endure negative consequences if they do not consent, then consent will not be valid.13 If consent is bundled up as a non-negotiable part of terms and conditions it is presumed not to have been freely given."
https://www.dpo-consulting.com/blog/gdpr-data-consent
"GDPR Article 7 further tightens consent. It requires clear requests (separate from general terms), a right to withdraw at any time, and documentation to demonstrate that consent was validly obtained. In short, you must prove that a person knowingly opted in. Records of data consent (who, when, how) are mandatory so that you can show regulators you followed GDPR consent requirements."
"You wanted a banana but what you got was a gorilla holding a banana and the entire jungle." - Joe Armstrong
You installed a banana with autoupdates enabled by default. Therefore you consented to installing a gorilla and an entire jungle
Anyway, joking aside, what's missing from this blog post is discussion of potential remedies for the alleged violations
It may be acceptable to Google to violate GDPR, etc. if the remedies enforced are merely a "cost of doing business" and not a threat to business success
First of all I want to thank you for your intelligent and reasoned post. As the author of the article in question, I have been mostly shocked at how many people are excusing this behaviour and playing Google Apologist.
Now to answer your question on the remedies. I didn't put them in this article because I covered them in another article that went viral a week or so earlier (the first reference in the Google article). The Google article was already a long read, I didn't want to repeat information I had already posted elsewhere.
As for my actions - well I will take the same actions I took against Anthropic.
I am currently preparing two legal complaints:
The first is under the GDPR and ePrivacy Directive here in the EU and will be sent to the IDPC (Information and Data Protection Commissioner) who will then initiate a Cross Border investigation with the Irish Data Protection Commissioner (Google is "established" in Ireland for the purpose of GDPR) for the GDPR aspects and conduct their own investigation on the ePrivacy violations.
The second will be a criminal complaint against Google under Chapter 9 of the Maltese Criminal Code for alteration of the configuration of my device (Google remotely flipped a profile flag to enable the download which I witnessed in real time and have logs for) and for unauthorised access and use of my computer (to download and redownload the model) under computer misuse and access statutes (think CFAA in the US and how it was used against Aaron Swartz if you are looking for a way to file a criminal complaint against Google for this - the arguments used against Swartz are just as applicable to Google here).
So again, thanks for the post, it was nice to read someone actually understanding (unlike Reddit where it seems they do anything but read what they are talking about despite being called Reddit).
I also want to take this opportunity to thank everyone else in this thread for their time and comments and to YC for hosting the discussion.
Also my apologies for the 503's some people got yesterday (and thanks for posting mirrors) my blog runs on my home server and I had the rate limit set too low (I increased it once I saw the messages on here and it seemed to have fixed it).
Now that said - wait until you see what I am publishing next week (the project I was working on when I discovered this), it makes this look like child's play...
Yeah, no. I installed a browser, I expect it to install the required components for it to work _as a browser_. I do not need a local AI model for it to do that. If there are features that need that, fine, but I expect it to at the very least ask permission since those are absolutely not required functions. It’s like if Word installed a bunch CAD modeling software in the background. There’s just no way it needs that to function for it’s primary purpose.
[dead]
[dead]
You're missing that this is anti-AI activism
I am a computer scientist and have studied AI for over 30 years, I use AI every single day and I speak all over the world about the responsible and ethical use of AI... not sure how that makes me anti-ai?
I am a privacy activist and I strongly object to corporations reaching in to my device, changing the configuration and installing things I never asked for without telling me or requesting my permission. If that makes me anti-ai, then it is a hat I will wear with pride, thanks.
If you don't like that the law protects my position as opposed to your's, perhaps you could lobby to have the law changed, just as I have done for the last 20 years to make these laws stronger?
We should be actively anti-AI being part of a web browser just like that though.
Why? The AI assistance in Chrome dev tools is really useful. And I also use Google AI mode all the time.
Sure, but what's the point of obfuscating that?
This article is activism. The re-framing of software that you install intentionally being about breaking your 'consent' is ideological and incendiary. It implies that this is evil. It isn't.
Please stop assuming everyone thinks like you. If I can replace even something like translate with a local model that's just a single thing, off the top of my head, that could potentially benefit. I see no reason why these experiments should not be taking place.
And the reason they can't do something as simple and easy as ask for consent is...?
They probably didn't even think about that. Admittedly, 4GB is quite big, but if I were in their shoes, I would have expected that people are thrilled about using a local LLM instead of sending data to a cloud-based LLM.
I am still stunned that there are people who hate AI so much that they have a problem with the weights of an LLM being on their computer. To me, that sounds rather esoteric.
Disk space is one thing, but the actual download size is higher than some people's data allowances altogether! It baffles me that a lot of people don't seem to be aware of this
You provide consent by using the software.
You consent by reading this comment.
Imagine Amazon deciding to take out $1000 from a credit card just because you use it to buy a phone case. Because you "consented" by using their marketplace.
I am not assuming everyone thinks like me, I’m advocating for my position.
It's not about AI. I'm pretty sure most people wouldn't be ok with eg a calculator app shipping a 4GB word processor.
Maybe it’s pro-browser activism.
A browser should render web pages not bring its own AI
Yeah, it's already egregious how resource intensive browsing the web can be, between the browser and the content its loading. Why should we just accept that Google will force another performance hit by loading up an AI model as well?
I guess they took all the Chrome RAM usage memes as feature requests.
It is? Or is it just a pragmatic dislike?
We don't have AI. We have language models trained by rapacious companies on copyrighted material with no concern for copyright violations and with a penchant for intentionally anthropomorhizing their models.
I'm an anti corporate malfeasance activist.
Hacker News and it's underemployed and underpaid user base gets these two confused all the time. I assure you, your tolerance for language models, or your willingness to use them, will have _zero_ impacts on your pay scale in the coming decade.
Finally you should be aware that Google markets this addition as an "anti fraud" and "anti spam" feature. They should have to justify that, I shouldn't have to justify my expectations as a consumer.
It's not a copyright violation if courts have ruled it's not
I have no pay scale to worry about, I own the software I build and don't rely on wages
> It's not a copyright violation if courts have ruled it's not
Courts can't rule aprioi on civil issues. I would not expect the current status quo to count for anything.
> I own the software I build and don't rely on wages
Cool. So now everyone with $200 is your competition. It seems like a fools paradise to me.
It is if we as a society decide it is.