Android’s Agentic Future: Building Gemini Intelligence on a Foundation of Security & Privacy

Android is evolving from an operating system into an intelligence system. With Gemini Intelligence, your device can help you get things done by deeply understanding your context, anticipating your needs, and completing tasks on your behalf. Because great AI experiences require uncompromising privacy, we’ve grounded Gemini Intelligence on Android in three core principles.

1. Explicit user control
2. Comprehensive data protection
3. Operational transparency

These principles apply across Gemini Intelligence features and form factors, from user-initiated tasks like asking Gemini to automate apps, autofill forms with Gemini Personal Intelligence, to AI operating in the background on your behalf, such as Magic Cue.

Explicit User Control

With AI powered features, users have granular authority to opt-in and out of entire features or disable specific components at any time. By putting the choice in your hands, we ensure that AI assistance feels like a helpful partner rather than an intrusive presence.

• Granular controls: You have the choice to explicitly enable or disable entire AI features, and you also have granular control over specific parts. For example, connecting Gemini to Autofill with Google is strictly opt-in, meaning you choose if and when you want to connect to Gemini - and you can always turn this connection on or off in your settings. And you will be able to turn on Gemini app automation for specific apps in your settings later this year.
• Security guardrails: Your Gemini assistant starts to automate a task only when you tell it to. Gemini can only access the apps you allow it to work in, and not the rest of your device. Gemini is designed to require user confirmation before making purchases on your behalf.
• Explicit intent: For any feature, whether user-initiated (e.g., asking Gemini to automate an app on your behalf) or proactive (e.g., Magic Cue), you decide whether your data is shared with applications or Gemini in settings, permission screens, or by action, like when you tap a suggestion from Magic Cue.

Comprehensive Data Protection

We are committed to protecting your data by employing Google's world-class security architecture and technologies to keep your information safe, regardless of whether it's stored on your phone or in the cloud.

• Cutting-edge technologies: We use technologies like Private Compute Core, Private AI Compute, or protected KVM to safeguard ambient data processed by proactive assistance features, like Magic Cue.
• Proven architecture: Many Gemini Intelligence features leverage the same infrastructure that already protects Google products used by billions of people everyday. Your data stays protected within Google’s secure ecosystem, ensuring it is handled with the same trusted safeguards.
• Advanced defenses: To counter emerging threats like prompt injection, we’re building new safeguards into Android for when Gemini takes action on your behalf. This adds another layer of security to your device, similar to the protections already found in Chrome’s auto browse feature.

Operational Transparency

We believe in transparency, ensuring you have visibility into what the AI assistant is doing on your device and how your data is being handled. This visibility is provided through real-time indicators, activity logs in the Privacy Dashboard, and the use of open-source components that allow for independent verification of our security claims.

• Visibility when working: When Gemini is automating an app’s interface, you can select “View progress” to watch its actions in real-time. If you navigate away, you'll still see a notification chip at the top of your screen that you can't dismiss — so it's always clear when it's running. And if you’re using Rambler, a Gemini-powered voice feature, it will clearly show you when you’ve enabled it to help convert your voice to text.
• AI assistant activity history: We’ll soon be enhancing Android Privacy Dashboard to show which AI assistants were active and which apps they used in the last 24 hours.
• Auditable code: For added transparency, key parts of our AI security architecture are open-source, binary transparent, and audited by third-party experts so you can be confident that your data is handled exactly as we say.

Continuing to keep you safe in the AI era

With Gemini Intelligence, we are demonstrating what's possible when agentic AI is built on a foundation of security and privacy. Our goal is for Android to be an open platform where third-party developers and device manufacturers can build unique and trusted agentic experiences.

We are actively working with the developer ecosystem to promote these rigorous security and privacy practices as industry standards for all AI assistants running on our platform. Look out for more announcements and updates coming soon as we continue to build the agentic future on Android responsibly.