Can You Stay Private While Using AI? Proton’s CEO on the One Risk That Worries Him Most

Most people who use tools like ChatGPT, Google Assistant, or Microsoft Copilot probably don’t spend much time thinking about where their conversations end up. The AI answers a question, summarizes an email, or drafts a reply, and that feels like the end of the transaction. But the data you share doesn’t just vanish.

In a recent interview with Spiceworks, Proton’s CEO Andy Yen talked about what keeps him up at night when it comes to AI and privacy. Proton, the company behind Proton Mail, Proton VPN, and Proton Drive, has built its reputation on encryption and user control. So when its CEO flags a specific risk, it’s worth paying attention.

What Happened

Yen pointed to a scenario that affects anyone who uses popular AI services: your input—emails, documents, voice recordings, or even private files you upload for analysis—can be used to train the AI models themselves. Many AI providers include clauses in their terms of service that allow them to retain and process your data to improve their systems, and that data is often not fully encrypted in a way that prevents the provider from reading it. The “one thing” that worries Yen most, according to the interview, is the lack of end‑to‑end encryption in current AI pipelines. Even when data is encrypted in transit or at rest, the AI provider still holds the keys. That means your employer, your doctor, or your lawyer could be sharing sensitive information with a third‑party AI service that can examine the raw content.

Yen’s concern is not hypothetical. There have already been incidents where employees pasted confidential company data into public AI chatbots, leading to leaks. And in regulated industries like healthcare or finance, using an AI tool that does not guarantee data isolation can violate compliance rules.

Why It Matters for Everyday Users

You might think you have nothing to hide, but the issue goes beyond secret documents. Your AI assistant might have access to your calendar, contacts, browsing history, and personal notes. If that data is used for training, it could reappear in responses to other users—or be stored indefinitely without your control. Even if the provider promises not to share your data, you are trusting a company’s word and security practices. History shows that data breaches, policy changes, and unintended model memorization are real risks.

The core problem is that most consumer AI tools are built on a centralized, cloud‑first model. The company sees everything you type. For many users, that trade‑off—convenience in exchange for privacy—feels acceptable until something goes wrong.

What Readers Can Do

The good news is that you don’t have to abandon AI entirely to protect your privacy. Below are a few practical steps, based on principles Proton itself promotes:

  1. Choose AI tools that prioritize local processing. Some AI apps can run entirely on your device, meaning your data never leaves your phone or computer. For example, Apple’s on‑device models and some open‑source alternatives like GPT4All keep your queries private. They may not be as powerful as the cloud‑based versions, but for everyday tasks they work well.

  2. Be selective about what you share. Before pasting a sensitive email or document into a chatbot, ask yourself whether you would want that text published online. If the answer is no, consider using a tool that offers end‑to‑end encryption or opt for a local model.

  3. Review the privacy policy of every AI service you use. Look for language about data retention, training on user data, and the ability to opt out. Many providers let you disable data sharing for model improvement (for instance, in Google Workspace or Microsoft 365 settings). It is worth spending ten minutes to find these controls.

  4. Use ephemeral or anonymous sessions when possible. Some chat interfaces allow you to use a “temporary chat” mode that does not save history. While this does not prevent the provider from processing the data in real time, it reduces the chance of your information being stored long‑term.

  5. If you need the highest level of privacy, consider using a dedicated privacy‑focused AI service. Proton itself has been developing encrypted AI features for its users, though at the time of this writing the details are still emerging. Other companies are building AI assistants that run entirely on encrypted hardware or use zero‑knowledge architectures.

No single tool will solve every privacy concern, but by combining these habits you can significantly reduce your exposure. The goal is not perfection, but a reasonable level of control over your own data.

Sources

  • Spiceworks interview with Proton’s CEO Andy Yen (published June 4, 2026) – the original source for the CEO’s comments on AI privacy risks.
  • Proton’s official blog and product pages for background on their encryption approach.
  • Public reports of data leakage incidents from enterprise AI usage (various tech news outlets).

Note: The exact wording of the interview was not directly quoted here because the full transcript was not available at the time of writing. The summary above is based on the interview’s reported key points.