Google rolled out an update to its Gemini AI that lets the tool scan user photos, Gmail, and YouTube history to create personalized images — a move drawing sharp criticism from EU regulators. The feature, available to US subscribers starting April 2026, uses facial recognition data from Google Photos to generate AI content tailored to individual users.

The EU has flagged this as a potential GDPR violation, citing concerns over biometric data processing without explicit consent. Critics argue Google's opt-in framing — buried in settings — mirrors past practices where privacy toggles are hard to find. This follows similar backlash over AI tools like Microsoft's Copilot accessing device data without clear user control.

The controversy highlights tensions between personalized AI and data sovereignty. While Google claims the feature improves creative tools, privacy advocates warn it enables surveillance capitalism by monetizing intimate user data. The EU's stance suggests stricter enforcement of biometric data rules, potentially forcing tech giants to redesign AI workflows.

Technical details remain sparse, but the backlash underscores a growing rift between Silicon Valley's data-driven innovation and European privacy-first policies. Users face a choice: embrace hyper-personalized AI or risk exposing sensitive data to corporate ecosystems.