Gboard data collection policy on keystroke retention

1. What Google says: keystrokes aren’t sent as a rule

Google and reporting that quotes Google have repeatedly stated Gboard does not collect or transmit raw keystrokes to its servers during ordinary typing; the company says it only receives text you explicitly submit (such as a search) ^[1]. This is the baseline corporate policy cited by Wired and other outlets when explaining how Gboard’s smart-reply and prediction features are built to avoid shipping raw keystrokes off-device ^[1].

2. What independent analyses and reporting found: local retention and caches

Forensic investigators have found that recent Gboard versions retain typed content and related metadata in local caches and databases on the device; those caches are size-limited and periodically deleted, but they can contain user-typed words and even message contents accessible in a forensic image ^[2]. Macworld’s packet observations on iOS also showed that while no typing traffic was observed during entry, Gboard stores words locally (“remember[s] words you type”) and only transmits when you use features that require server access ^[5].

3. Telemetry, “share usage statistics,” and what that sends

Gboard includes a “Share usage statistics”/telemetry option whose default state and effects have been questioned by privacy writers; guides instruct users to disable that toggle to stop Gboard from automatically sending keyboard usage statistics and snippets of typing to Google ^[3]. Security- and malware-focused reporting notes disabling that option “significantly reduces” information transmitted — researchers found telemetry can include metadata like word lengths, timing, and the app where typing occurred ^[4].

4. Product design choices that reduce server-side models — and their limits

Google has described architectural work (e.g., federated learning and moving prediction to Android/system-level components) intended to keep sensitive data on-device while improving models without centralizing raw inputs ^[1]. But federated learning and on-device models do not by themselves guarantee zero telemetry: usage statistics and optional cloud features remain pathways for some data to leave devices when enabled ^{[1] [4]}.

5. How permissions and “full access” affect iOS and Android behavior

Writers comparing platform behaviors point out platform permission models matter: on iOS you must grant “Allow Full Access” for cloud-backed features, and Apple warns that full access allows a keyboard to transmit typed data — yet packet-level testing still showed no typing traffic during input while features like GIF search caused network traffic ^[5]. On Android, additional permissions (contacts, SMS) and enabling personalization/backup features can allow broader local learning or cloud sync ^{[6] [4]}.

6. Conflicting claims and contested headlines — read the fine print

Some high-profile, alarmist claims assert “every word you type” is sent to Google ^[7], but mainstream technical reporting and forensic studies present a more nuanced picture: local retention exists and telemetry/usage stats can transmit metadata or samples unless disabled, yet Gboard’s stated policy and network tests have not shown continuous streaming of raw keystrokes to Google during normal typing ^{[1] [2] [5] [4]}. The difference is critical: local caches exist and telemetry can be enabled — but continuous remote keystroke capture is not what multiple independent sources observed or what Google claims ^{[1] [2] [4]}.

7. Practical steps and trade-offs for users

Guides and security blogs recommend disabling “Share usage statistics” and revoking nonessential permissions (contacts, SMS) to limit what leaves the device; doing so reduces telemetry and the amount of typed-data samples that could be uploaded ^{[3] [4]}. The trade-off: disabling these features may degrade personalization, next-word prediction, or cloud-synced dictionaries that improve convenience ^{[3] [6]}.

8. What reporting does not (yet) settle — and what to watch for

Available sources do not mention precise retention timeframes for all cached data across Gboard versions beyond “periodically deleted” and “size-limited” descriptions, nor do they provide a verifiable, up-to-date Google transparency log showing exactly what fragments are sent when telemetry is enabled ^{[2] [4]}. Continued independent packet captures, updated forensic analysis across versions, and explicit disclosures from Google about retention windows and telemetry payloads would resolve remaining uncertainties ^{[2] [4]}.

Bottom line: corporate statements, forensic work, and security reporting converge on this: Gboard stores and uses local typing data to power features, and some telemetry/usage‑stats options can send metadata or small samples to Google unless disabled — but available, cited reporting does not support the sweeping claim that Gboard continuously streams every keystroke to Google servers under default behavior ^{[1] [2] [4] [3]}.