AI Privacy Is Possible — Here’s What Proton’s CEO Says You Should Watch Out For

Using AI tools like ChatGPT, Google Bard, or Microsoft Copilot has become routine for millions of people. They help with writing, coding, research, and even personal advice. But every prompt you type into these systems is data — and how that data is handled remains a serious privacy concern.

In a recent interview with Spiceworks, Proton CEO Andy Yen argued that privacy in the AI era is achievable, but only if companies build their products with encryption and consent from the start. He also mentioned one specific worry that keeps him up at night.

What happened

Proton, the company behind Proton Mail, Proton VPN, and Proton Drive, has long positioned itself as a privacy-first alternative to big tech services. In the interview published on June 4, 2026, Yen said that AI does not have to mean the end of privacy. He pointed to end-to-end encryption and minimal data logging as core principles that can protect users even when using AI features.

However, Yen expressed concern about the current direction of many AI tools. The thing that worries him most, according to the interview, is the widespread practice of scooping up user inputs to train and improve models without clear, informed consent. Even when companies claim to anonymize data, the risk of re-identification or accidental exposure remains. He highlighted weak encryption in some AI platforms as another vulnerability that could lead to large-scale data leaks.

Why it matters

For the average user, the convenience of AI comes with trade-offs you may not realize. When you paste a draft email into ChatGPT for rewriting, or ask an AI assistant to summarize a confidential document, that text often becomes part of the model’s training data unless you opt out. Many services store your conversations indefinitely, and a breach could expose everything from business ideas to personal letters.

The problem is not hypothetical. In 2023, a bug in ChatGPT exposed chat histories to other users. More recently, researchers have shown that private data fed into AI systems can sometimes be extracted. If the platform uses weak encryption or no encryption at rest, the risk grows.

Yen’s point is that privacy is not inherent to AI — it has to be designed in. Without that design, users are left hoping that companies will do the right thing. And as he noted, hope is not a security strategy.

What readers can do

You do not need to stop using AI to protect your privacy. But you can take practical steps to reduce your exposure.

  1. Choose tools that prioritize privacy. Some AI services explicitly avoid storing your conversations or use end-to-end encryption. Proton itself does not currently offer a consumer AI chatbot, but services like DuckDuckGo’s AI Chat or certain open‑source models (run locally) give you more control. Look for platforms that let you delete chat history and that do not train on your inputs by default.

  2. Limit what you share. Treat every prompt as something you would be comfortable seeing on the front page of a newspaper. Avoid pasting passwords, financial details, medical information, or proprietary work documents. If you need to use AI for sensitive text, consider a local model that never leaves your device.

  3. Use a VPN and encrypted email for accounts. When signing up for AI services, use a VPN to mask your IP address and an encrypted email alias (such as a Proton Mail address) to avoid linking your real identity to your prompts. This makes it harder for companies to build a detailed profile of you.

  4. Check the privacy policy. It takes five minutes. Look for sections on data retention, third‑party sharing, and whether your inputs are used for training. If the policy is vague or reserves the right to share data without consent, treat the service accordingly.

  5. Enable opt‑outs. Many major AI providers, including OpenAI and Google, offer settings to prevent your conversations from being used for model improvement. Find them and turn them on. It is not a perfect safeguard, but it reduces the likelihood of your data being absorbed.

Sources

  • Spiceworks interview with Proton CEO Andy Yen, published June 4, 2026: “Privacy in the AI era is possible, says Proton’s CEO, but one thing keeps him up at night.”
  • Additional context on AI data risks from prior reporting by Spiceworks and independent security researchers.

The bottom line is that AI privacy is not an impossible goal — but it requires both company accountability and user vigilance. Yen’s biggest concern is that the industry is moving too fast to lock down the basics. For now, the safest approach is to treat every AI tool as a casual acquaintance, not a confidant. Share only what you can afford to lose.