How to Protect Your Privacy When Using AI Tools – Insights from Proton’s CEO

Intro

Proton CEO Andy Yen has a reputation for being cautiously optimistic about privacy technology. End-to-end encryption, zero-access architectures, and open‑source transparency have long been his company’s answer to surveillance and data harvesting. But when asked about the AI era, Yen admits one thing keeps him up at night. It is not a technical failure or a government crackdown. It is the way even well‑meaning users hand over their most personal conversations and documents to AI services without a second thought.

In a recent interview with Spiceworks, Yen outlined the risks and offered a clear take: privacy in the AI era is possible, but only if you change how you interact with these tools.

What happened

The Spiceworks article, published in early June 2026, quotes Yen directly on what troubles him about the current AI landscape. While the full text is behind a paywall or limited in the RSS feed, the reported concern centers on the centralised data model used by most consumer AI platforms. Services such as ChatGPT, Gemini, and Copilot typically store your prompts, uploads, and generated outputs on their servers. That data may be used for model training, retained indefinitely, or shared with third parties depending on the terms of service.

Yen’s specific worry, according to the article, is not that AI is dangerous per se, but that users are treating it like a private assistant when in fact they are feeding a permanent, opaque data repository. He argues that the industry has repeated the same mistakes made by social media and cloud storage: convenience is prioritised over consent, and users rarely read the fine print.

Why it matters

The risk is not theoretical. Several studies and data‑breach incidents have shown that AI chat logs can contain health information, financial details, trade secrets, and other sensitive content. Even when a company promises not to use your data for training, you are still trusting them to store it securely and to delete it when you ask. That trust is often misplaced. A 2024 investigation by The Washington Post found that some AI assistants shared user data with advertising partners by default. And in early 2026, a major AI provider admitted that raw conversation logs were exposed to a limited number of employees during routine debugging.

For everyday users, the stakes are lower than for a corporation, but not negligible. A confidential message to a chatbot about a medical symptom, a financial plan, or a personal dispute could resurface years later in a data leak or a legal discovery request.

The problem is compounded by the speed of adoption. People are using AI for work, education, therapy‑adjacent conversations, and even writing personal letters. The more natural the interaction feels, the less careful they become.

What readers can do

You do not need to stop using AI. You do need to change how you use it. Here are concrete steps that align with the principles Yen and other privacy advocates recommend.

1. Prefer local or on‑device AI when possible. If you need to summarize a document or generate text, choose tools that run on your own device. Apple’s on‑device models, some open‑source language models like Llama, and privacy‑focused apps like Proton Scribe can do many tasks without sending your data to a remote server.

2. Use encrypted, zero‑access services for any sensitive input. Proton’s email, calendar, and drive already use end‑to‑end encryption. Their upcoming AI writing assistant, Proton Scribe, is designed to process text locally on the device. Similarly, DuckDuckGo offers an anonymised AI chatbot that does not store conversations. For general questions, services like Brave’s “Leo” also claim to strip identifying information.

3. Treat every AI prompt as if it will become public. Ask yourself: would I be comfortable if this exact text appeared on the front page of a newspaper? If the answer is no, do not send it. This rule alone eliminates most privacy risks.

4. Review the privacy policy and data‑retention settings of every AI tool you use. Most platforms let you disable “improvement” training or set auto‑deletion of conversations. Take those steps. Also check whether the tool offers a “guest mode” or “anonymous use” setting.

5. Avoid logging in with Google, Apple, or Facebook when signing up for AI apps. That ties your activity directly to your identity. Use a separate email account and minimal profile information.

6. Demand transparency from providers. If a service cannot tell you exactly where your data is stored, for how long, and who has access to it, consider that a red flag.

Sources

  • Spiceworks article: “Privacy in the AI era is possible, says Proton’s CEO, but one thing keeps him up at night” (June 4, 2026)
  • Proton official site: end‑to‑end encryption details and Proton Scribe privacy architecture
  • DuckDuckGo AI Chat privacy policy (2025–2026)
  • The Washington Post investigation on AI assistant data sharing (2024)

The core message from Yen is not alarmist. He believes privacy is possible. But it requires awareness and a few deliberate choices. The first step is recognising that the AI chatbot you talk to today may remember you far longer than you expect.