How AI Tools Are Eroding Your Privacy — and 4 Steps to Protect Yourself

Every time you ask an AI assistant a question, generate an image, or use a chatbot to draft an email, you are handing over data. Not just the text you explicitly type, but often the context around it, your account information, and sometimes even patterns from how you interact. The convenience is real, but so is the data trail.

A recent piece on Substack titled AI’s erosion of privacy (published April 2026) highlights how quickly these practices have become the norm. While the full article is behind a paywall, its central concern is one that has been echoed by consumer advocates and privacy researchers for years: many AI companies treat user input not as a private transaction but as raw material for future model training, product improvement, and sometimes third-party sharing.

What Happened: How AI Tools Collect and Use Your Data

The typical approach is straightforward. When you use a service like ChatGPT, Google Gemini, or Midjourney, your prompts, uploaded files, and even voice recordings are sent to the company’s servers. There, the data is processed and stored. The company’s privacy policy usually states that it may use this data to improve its models, develop new features, and even share anonymized data with partners.

But “anonymized” is not always what it sounds like. Researchers have shown that sequences of prompts can sometimes be re-identified. And many users do not realize that even if they never directly share personal information, the content of their prompts — work documents, medical questions, personal anecdotes — can reveal enough to be sensitive.

A few well-known incidents have made this real. In 2023, a bug in ChatGPT exposed chat histories to other users. Samsung employees accidentally leaked trade secrets by pasting confidential code into ChatGPT. And multiple consumer watchdog groups have filed complaints with regulators about how AI companies collect data without adequate consent.

Why It Matters

The stakes are not theoretical. The data you feed into an AI tool can be stored indefinitely, used to train models that may later be sold or deployed in ways you cannot control, and potentially exposed in a breach. Unlike a search engine, which typically logs a query and a timestamp, an AI conversation can contain a detailed portrait of your thinking, your work habits, your health concerns, and your relationships.

Once that data is used to train a model, it cannot be erased. Even if you delete your account and history, the model itself may retain patterns learned from your data. This is a fundamental shift from earlier privacy norms, where deleting a database record removed your information.

What Readers Can Do: Four Practical Steps

You do not have to stop using AI tools entirely. But you can significantly reduce your exposure with a few deliberate changes.

Step 1: Audit which AI tools have access to your data. Go through your accounts. Which AI assistants are logged into your browser? Which mobile apps have microphone or camera permissions? Which image generators have access to your Google Drive or Dropbox? Make a list. You will likely be surprised how many are linked.

Step 2: Adjust privacy settings on the tools you keep. ChatGPT allows you to turn off chat history and opt out of model training. Google’s AI services have a “data controls” page where you can disable “improve AI models” and set auto-delete. Midjourney and similar tools often have a way to request that your data not be used for training. These settings are usually buried, but they exist. Change them now.

Step 3: Use pseudonyms and anonymized accounts for experimentation. If you want to try a new AI tool without committing personal data, create a new account using a temporary email address and a name that is not your real one. Avoid logging in with Google or Apple ID, which attaches your primary identity. Treat AI tools like you would a public forum: assume anything you type could be seen later.

Step 4: Consider privacy-focused alternatives. Several AI tools now run locally on your device. For example, you can run open-source models like Llama or Mistral on your own computer using software like LM Studio or Ollama. These never send your data to any server. For chat, you can use encrypted services like Signal’s built-in AI (if available in your region) or look for tools that promise end-to-end encryption. No solution is perfect, but keeping the processing local eliminates the biggest risk.

Sources

  • Substack article: “AI’s erosion of privacy” by Heather Parry (April 2026). The piece discusses how AI companies collect user data and train models on it, though specific details were not fully accessible.
  • Electronic Frontier Foundation (EFF) – Consumer guides on AI and privacy.
  • Federal Trade Commission (FTC) – Statements and complaints regarding AI data practices, including the 2023 ChatGPT data leak.
  • Privacy policies of OpenAI, Google, and Midjourney (accessed April 2026).
  • Independent research on re-identification of AI training data, e.g., Carlini et al. (2021) on extracting sensitive information from language models.

This article is based on publicly available information and general knowledge of AI privacy practices as of April 2026. For the most current settings, refer directly to each service’s privacy controls.