Is Privacy Possible in the AI Era? Proton’s CEO Says Yes, But Warns of This One Threat

Intro

As AI tools like ChatGPT, Microsoft Copilot, and Google Gemini become part of everyday life, many people are beginning to ask a tough question: can you still keep your data private when using these systems? Proton’s CEO, Andy Yen, recently spoke with Spiceworks about this exact concern. His answer is cautiously optimistic: privacy is possible in the AI era, but there is one threat that he says keeps him up at night.

What Happened

In an interview published on Spiceworks, Andy Yen discussed the challenges and opportunities for privacy-focused technology companies as AI adoption accelerates. Proton—best known for ProtonMail and ProtonVPN—has been working on integrating AI features while maintaining its core commitment to encryption and data minimization. Yen acknowledged that AI offers real benefits, but he pointed to a growing danger that many users overlook: the centralization of personal data inside large AI models.

Yen’s specific worry is that as more people rely on third-party AI assistants, their conversations, files, and behavioral data flow into massive training sets controlled by a small number of corporations. Once absorbed, that data can be difficult or impossible to retract, and it may be used in ways the original user never expected. He did not name any particular company, but the implication covers the major cloud-based AI services that store and process user input on remote servers.

Why It Matters

Centralization of data in AI models matters because it shifts control away from the individual. When you type a prompt into a free AI chatbot, you are often giving that company permission to store, analyze, and even train future models on your words. The terms of service for many popular AI tools allow this by default. The result is that even if you later delete your account, traces of your data may remain embedded in a model’s parameters.

For privacy-conscious users, this creates a fundamental problem: you lose visibility into where your information goes and who has access to it. Unlike a simple file on your hard drive, data that has been incorporated into a machine-learning model is very hard to remove. Yen argued that the only sustainable path forward is to build AI systems that do not require centralizing user data in the first place.

Proton’s approach, according to the interview, is to develop AI features that run on-device or use end-to-end encryption so that the company itself cannot read the content. This mirrors the philosophy behind ProtonMail, where even Proton cannot access the contents of your emails. The company’s upcoming AI assistant for its productivity suite is designed along these same lines.

What Readers Can Do

You don’t need to be a privacy expert to reduce risk when using AI tools. Here are practical steps you can take today:

  • Check the privacy policy of any AI service before you use it. Look for language about data retention, training on user input, and sharing with third parties. If the policy is vague, assume your data is being collected.
  • Prefer tools that offer end-to-end encryption or on-device processing. Services like Proton’s upcoming AI assistant, as well as some open-source language models that run locally on your computer, keep your data out of central servers.
  • Avoid pasting sensitive personal information into AI chat interfaces. Treat any input as potentially visible to others. Do not share passwords, financial details, medical records, or private correspondence.
  • Use a dedicated account or burner email for AI tools if you must try one that does not meet your privacy standards. This limits the amount of personal data linked to your activity.
  • If you use a ChatGPT-like service, regularly export and delete your chat history if the platform allows it. Be aware that deletion does not guarantee removal from training data.

Sources

The information in this article is drawn from the interview titled “Privacy in the AI era is possible, says Proton’s CEO, but one thing keeps him up at night,” published by Spiceworks on June 4, 2026. You can read the original piece here.