Chrome Gemini · Control Framework Alignment

CONTROL FRAMEWORK VIOLATIONS — FULL ALIGNMENT

CTRL-001 · CONSENT

Consent Gate

CASL s.8 PIPEDA 4.3 GDPR Art.6 CPPA s.15 Quebec Law 25

Chrome installed 4GB LLM on ~3B devices via update channel, using a generic ToS clause ("software sometimes updates automatically"). No consent prompt, no opt-in, no opt-out until Feb 2026. The update exemption in CASL covers bug fixes, not new AI model deployments.

Required: express consent before install (CASL) · specific purpose disclosure (PIPEDA) · opt-in default (GDPR Art.25) · retroactive notification to all affected users

VIOLATED · ALL JURISDICTIONS

CTRL-002 · DATA MINIMIZATION

Scope Limitation

GDPR Art.5(1)(c) PIPEDA 4.4 CPPA s.13

4GB model with access to full browsing context — no scope limitation. Any website can invoke chrome.ai on the full DOM of the current tab. No restriction to "scam detection" use case. The stated purpose does not bound the data accessible to the API.

Required: API scope limitation to stated purpose only · DOM segmentation (scam detection = URL + form fields only, not full DOM) · purpose-bound invocation controls

VIOLATED · BROAD SCOPE

CTRL-003 · PRIVACY BY DESIGN

Default Protection

GDPR Art.25 OPC PbD Framework CPPA s.12

Opt-out default (must actively disable) until Feb 2026 — none before that. Privacy-protective default = opt-IN. Google inverted the default to maximize deployment speed. The fact that they added a toggle in Feb 2026 proves they knew a privacy-protective default existed; they chose not to implement it at launch.

Required: opt-in default at install · privacy-protective defaults at all layers · retroactive disable for all prior installs pending opt-in

VIOLATED · INVERTED DEFAULT

CTRL-004 · ACCOUNTABILITY

Controller Obligation

PIPEDA 4.1 GDPR Art.5(2) GDPR Art.13

No disclosure to data subjects at time of deployment. No update to privacy notices. No DPIA (Data Protection Impact Assessment) published. No record of processing activity updated. Google cannot demonstrate compliance — the accountability principle requires they can, on demand.

Required: updated privacy notice · DPIA published · record of processing updated · individual notification to all affected users

VIOLATED · NO DISCLOSURE

CTRL-005 · PURPOSE LIMITATION

Purpose Binding

GDPR Art.5(1)(b) PIPEDA 4.2 CASL s.8(1)

Chrome was consented to as a web browser. Gemini Nano deployment = new, materially different purpose (AI inference on browsing context). Prior consent for browser use cannot be inherited for LLM deployment. This is the "consent inheritance failure" theory — novel, no prior case has decided it.

Required: new consent for new purpose · purpose specified at consent time · no retroactive purpose expansion via ToS update

VIOLATED · NEW PURPOSE

CTRL-006 · SECURITY

API Surface Security

ISO 27001 A.14 SOC 2 Type II NIST CSF PR.DS PIPEDA s.4.7

chrome.ai API callable by ANY website, ANY extension — no enterprise access controls, no audit logging, no CASB visibility. The API surface was not in any enterprise threat model. EDR/XDR/SIEM tools have zero visibility into chrome.ai invocations. Google deployed before enterprise security tooling could adapt.

Required: enterprise API access controls (Group Policy) · audit log for all chrome.ai invocations · CASB integration · enterprise notification before deployment

VIOLATED · BLIND SPOT

CTRL-007 · PCI-DSS 4.0

Cardholder Data Scope

PCI-DSS 4.0 Req.12.8 Req.6.3 Req.11.3

If chrome.ai processes payment page DOM (including Google Pay, merchant checkout, banking), Chrome becomes a PCI-scoped component. No merchant, bank, or payment processor has included Chrome + Gemini Nano in their PCI scope assessment. Every PCI-compliant organization using Chrome has an unassessed component in their CDE (cardholder data environment).

Required: emergency PCI scope review for all organizations using Chrome · assess whether cardholder data is accessible to chrome.ai · remediation or compensating controls

VIOLATED · SCOPE EXPANSION

CTRL-008 · OSFI B-10

Outsourcing Risk

OSFI B-10 (2023) PIPEDA 4.1.3 Fin. Sector Regs

Canadian financial institutions using Google Workspace / Chrome on employee devices now have an undisclosed AI data processing arrangement. OSFI B-10 requires: due diligence, contract requirements, ongoing monitoring, regulatory notification for all outsourcing/third-party risk arrangements. None of these were applied to Chrome's Gemini Nano deployment.

Required: OSFI notification · B-10 due diligence on Chrome as AI processing component · contract review with Google · ongoing monitoring of chrome.ai invocations on financial institution devices

REGULATORY ACTION REQUIRED

CTRL-009 · INCIDENT REPORTING

Breach Notification

PIPEDA breach regs GDPR Art.33 (72hr) CPPA s.58

If chrome.ai is exploited (malicious extension harvests data via chrome.ai API), the incident triggers mandatory breach notification obligations for: Google (as platform) · enterprise employers (for employee data) · regulated entities (within sector-specific timelines). No existing incident response playbook accounts for chrome.ai as an attack vector.

Required: update IR playbooks to include chrome.ai vector · test detection capability for chrome.ai abuse · pre-register chrome.ai as monitored API surface before incident occurs

PLAYBOOK UPDATE REQUIRED

GOOGLE PRODUCT DOMAINS · INFECTION STATUS

📧 Gmail

OTP interception · account takeover chain · solicitor-client privilege

Criminal Code s.184PIPEDA

💼 Workspace

M&A docs · HR records · OSFI B-10 banking obligation

OSFI B-10Quebec Law 25

💳 Google Pay

PCI-DSS scope nuclear · cardholder data in DOM

PCI-DSS 4.0Bank Act s.459

🎓 Classroom

Minors · COPPA $51K/day · FERPA federal funding · auto class cert

COPPAFERPAMFIPPA

🔍 Search

Health inference · novel GDPR Art.9 theory · 93% market share

PHIPAGDPR Art.9

☁️ GCP

Credential harvest · API keys in DOM · OSFI B-10 cloud

CFAACriminal Code s.430

📊 Google Ads

Inference→targeting pipeline · GDPR Art.22 · B2B exposure

GDPR Art.22CASL s.6

▶️ YouTube

Viewing history · political/religious PI · $170M COPPA precedent

COPPABroadcasting Act

🗺️ Maps

Location PI · DV survivor risk · shelter search exposure

PIPEDAQuebec Law 25

🧩 Extensions

Platform liability · negligent design · 300K+ unaudited extensions

Products LiabilityConsumer Protection

🔑 Google Auth

OAuth token exposure · auth hijack · 3rd party site liability

Criminal Code s.342.1CASL s.8

📱 Android/Chrome OS

Mobile chrome.ai · OS-level API surface · device management gap

PIPEDAGDPR

ENTERPRISE REMEDIATION ROADMAP (IMMEDIATE)

Disable On-device AI NOW: Chrome Settings → System → "Turn On-device AI" → OFF. Verify: chrome://on-device-internals. Deploy via Group Policy for enterprise: ChromeAIEnabled=false

Extension audit: chrome://extensions → review all extensions for permissions (tabs, webNavigation, storage). Revoke any extension you can't immediately justify. Consider enterprise allowlist policy.

PCI scope review: If your organization handles cardholder data and uses Chrome — immediately assess whether chrome.ai was active during payment processing. Notify your QSA (Qualified Security Assessor). Document remediation.

OSFI B-10 (financial institutions): Notify your OSFI relationship manager that you've identified an undisclosed AI data processing arrangement via Chrome. Document: discovery date, remediation steps, controls implemented.

STC / major infrastructure projects: Brief IT security team immediately. Chrome policy must be applied to all project devices. Document all project-related browsing that may have been processed by Gemini Nano.

EOSE sovereign alternative: Enterprise-managed on-device AI with SOSTLE access control, PEMLAAM audit logging, no external API surface. The correct architecture. Available now.