The Same Architecture, Again

The consent architecture is familiar because it is always the same architecture.

In "The Waiver Nobody Read," our series documented how edtech vendors outsource COPPA^[2] compliance to schools, and schools outsource consent to a blanket acceptable-use policy that names no specific platforms. The vendor points to the school. The school points to the form. The form points to nothing. The FTC called this arrangement illegal in 2023, in a six-million-dollar enforcement action against Edmodo.^[3] The architecture has not changed.

From Software to Soil

In "The Walled Garden," published in March 2026, this series documented Google's education lock-in at the software layer. NotebookLM generates mind maps that cannot be edited, in formats that cannot be exported, outside of downloading as an image. Gemini sits inside Docs, Sheets, Slides, and Classroom. The bundling pattern follows three stages: offer a free tool that solves a real problem, integrate it with everything else, then embed AI that makes the data maximally useful inside the ecosystem and minimally portable outside it.

The walled garden was software. The devices were vessels. Neutral hardware that ran whatever Google's services required, but that did not themselves carry AI capabilities the school had not chosen.

Vine growing through a stone wall at Greys Court, Henley-on-Thames. The garden was always the software. Now the roots are in the hardware. Photo: CC BY 2.0, via Wikimedia Commons.

Chrome Nano dissolved that boundary. The AI is no longer a cloud service accessed through a browser. It is a 4 GB file installed on the device itself, in the user's profile directory, through an update system the user does not control. The distinction matters architecturally. A cloud-based AI service can be blocked at the network level. A school firewall can deny access to a specific endpoint. A model installed on the device's local storage is behind the firewall. It is already inside the building without being invited.

Dana Kimura, the biology teacher in Portland whom "The Walled Garden" followed through her experience with NotebookLM's read-only mind maps, still uses Google's tools because her district's contract makes alternatives a bureaucratic impossibility. She prints the AI-generated mind maps and hands them to students with a red pen: "Fix this." It is a workaround. It is also a curriculum.^[6]

Kimura chose to use NotebookLM. She chose the workaround. She chose the red ink. Nobody asked her whether she wanted an AI model installed on every Chromebook in her classroom. The choice was not offered because Google's architecture does not distinguish between a security patch and a AI they control inside your machine.

The Environmental Cost Nobody Budgeted

At the scale of Chrome's installation base, the silent download is not merely a consent event. It is an environmental one.

Alexander Hanff, the researcher who first documented the installation, calculated the carbon footprint of a single global push of 4 GB to Chrome's install base, which he estimated conservatively at over 2 billion active installations. The figure: between 6,000 and 60,000 tonnes of CO2-equivalent emissions, depending on the energy mix of the data centers and networks involved.^[7] Sixty thousand tonnes is roughly the annual carbon output of 13,000 passenger cars driven for a year.

Google's own published research, released in August 2025 through a partnership with MIT Technology Review, shows that a typical Gemini text query uses 0.24 watt-hours of energy.^[8] The figure is small per prompt. At the scale of billions of devices running on-device inference^[9] triggered by any website through any page visit, the aggregate is not small.

Server room at CERN. One global push of 4 GB to Chrome's install base generates up to 60,000 tonnes of CO2-equivalent emissions. The schools that absorbed the bandwidth cost were never consulted. Photo: Florian Hirzinger. CC BY-SA 3.0, via Wikimedia Commons.

Schools absorbed the cost directly. A district managing 5,000 Chromebooks consumed roughly 20 terabytes of unplanned bandwidth. Districts in rural areas with metered internet connections paid for data they did not request, downloaded by software they did not choose to install, delivering capabilities they were never told about.

The mother in Charlotte does not know any of this. She signed a form in a cafeteria. The form said "digital learning tools." The tools now include a 4 GB large language model that arrived on her daughter's Chromebook without notification, without consent, and without a line item in the district's bandwidth budget. The form is still in a filing cabinet somewhere. The AI is on the device.

The question of what happens next, when any website can trigger the same download, is the subject of Part 3: "The Next Guest."

This article is Part 2 of "The Uninvited Guest" series. The views expressed are those of the editorial board and do not necessarily reflect the positions of any institution mentioned.

Footnotes

Sage.is AI-UI and Sage.Education are products of Startr LLC; their inclusion represents a disclosure of interest. No individuals quoted in this article were interviewed; all quotes are from published sources. Full disclosure and transparency is a feature, not a bug.