Can users change Gboard settings to prevent keystroke data being stored or sent to Google?
Executive summary
Users can reduce what Gboard shares with Google by turning off telemetry and deleting learned data in the app and Android settings, but there is evidence that Gboard stores typing-related data locally (in caches and learned dictionaries) and that some metadata or opt-in features still send information to Google under certain conditions, so total prevention of any keystroke-related data leaving the device is not guaranteed by the app’s visible toggles [1][2][3].
1. What Google publicly states about keystrokes
Google has repeatedly maintained that Gboard “doesn’t retain or send any data about your keystrokes” in normal use, and that the company only receives text when a user submits a query to Google services or explicitly uses features that transmit content (for example, Search) [2]. Wired’s reporting adds that some predictive features are built to run on-device or via Android’s system services to avoid Gboard itself transmitting typed content, and Google points to federated learning as a mechanism to improve models without moving raw typed text to central servers [2].
2. What settings users can change to limit sharing
Gboard exposes privacy-related toggles—most notably “Share usage statistics”—and the app’s Privacy section allows disabling automatic telemetry and deleting learned words and data; guides and tutorials show how to turn off Sharing and to clear learned dictionaries inside Gboard settings, and Android’s app-management screen can clear app cache and data to remove stored local information [1][4][5]. Kaspersky and other security guides note that disabling Share Usage Statistics “significantly reduces” the amount of information transmitted, removing metadata like word lengths and which app was used [6].
3. What independent forensics and researchers found on-device
Forensic analyses have shown that recent versions of Gboard store substantial local artifacts—caches and databases that can include typed words and message text visible in forensic images—meaning keystroke-related content can remain on the device even if not sent to Google by default; researchers have described these caches as periodic and size-limited but nonetheless rich for digital forensics [3][7]. Community reporting and developer/forum threads corroborate that language models, offline recognition packs and images can occupy megabytes of storage and that Gboard downloads language-specific data on first use [8][8].
4. Limits of app toggles and residual telemetry concerns
Multiple sources, including tech privacy guides and older investigative pieces, caution that there is no single Gboard switch that guarantees complete prevention of any data transmission: some telemetry may be enabled by default and certain conveniences require data sharing; third-party analyses also found Gboard and competing keyboards transmit metadata about typing activity unless explicitly disabled [9][6]. Wired’s framing that Android/OS-level processing can handle prediction points to design choices that reduce risk of app-level exfiltration, but it does not prove an absolute barrier against all possible data flows or against sophisticated system compromise [2].
5. Practical steps, tradeoffs, and realistic expectations
Users seeking maximal privacy can disable Share Usage Statistics, revoke extra permissions (microphone, contacts, storage), delete learned words/dictionaries, and clear Gboard app data and cache via Android settings—which reduces telemetry and clears locally stored learned text—but these actions degrade spelling corrections, personalized suggestions and offline features and do not erase evidence left in device images captured by forensic tools [1][5][3]. Security-minded users may prefer privacy-first keyboards that explicitly avoid telemetry, per comparative reporting, but switching apps carries its own convenience and compatibility tradeoffs [6].
6. Bottom line
Gboard provides controls that materially limit what it sends to Google and allows users to delete on-device learned data, yet forensic evidence and industry analyses show local caches and telemetry-like metadata have existed and that no single visible setting guarantees absolute prevention of any keystroke-related data from being stored or, in certain feature-driven cases, transmitted; the practical answer is that users can substantially reduce sharing but cannot rely solely on a single Gboard toggle to guarantee zero storage or transmission without additional measures or alternative keyboards [1][3][2].