Privacy in the Age of AI: What Proton’s CEO Fears Most—and How to Protect Yourself

AI tools are convenient. They help draft emails, summarize articles, and generate code. But every time you paste a private document or ask a personal question, you’re handing data to a company that may use it to train its next model—or lose it in a breach. That tension between usefulness and privacy has become one of the most pressing consumer tech issues of the last two years.

Proton CEO Andy Yen recently told Spiceworks that privacy in the AI era is possible, but one thing keeps him up at night: the way user data is collected and retained by AI services without meaningful consent. Yen’s company built its reputation on encrypted email and VPNs, so his warning carries weight. His specific worry, according to the interview, involves AI platforms storing and training on personal inputs, often in ways users don’t fully understand.

What happened

Yen’s comments come amid a growing list of AI privacy incidents. In 2023, a bug in ChatGPT exposed payment information and chat histories. Samsung employees inadvertently leaked trade secrets by pasting code into the same tool. Researchers have shown that so-called “model inversion” attacks can extract snippets of training data from a finished AI system. These are not theoretical risks—they’ve already happened.

The core problem is that many free AI services treat your conversations as training material by default. You may have a right to opt out, but the option is often buried in a settings menu. Even if you delete your account, the data already ingested into the model may linger, embedded in its weights.

Why it matters

For everyday users, the threat is concrete. Suppose you use an AI assistant to draft a medical note, describe a family conflict, or summarize a business contract. That text becomes part of the model’s memory. It could reappear (in altered form) in someone else’s session. It could be exposed in a data breach. And because most AI companies operate on a “cloud-first” model, your data travels to their servers—often in jurisdictions with different privacy laws.

Proton’s CEO isn’t the only one sounding alarms. The European Data Protection Board has issued guidelines on AI and data protection, and the FTC has investigated companies for using customer data to train models without clear disclosure. The risks are real and the burden currently falls on users to defend themselves.

What readers can do

You don’t have to stop using AI. You just need to use it more carefully. Here are practical steps based on the concerns Yen raised:

  • Check your training control settings. In ChatGPT, go to Settings > Data Controls and toggle off “improve the model for everyone.” In Google Gemini (formerly Bard), in Activity settings, turn off “Gemini Apps activity.” In Claude, look for “training data opt-out.” These options exist, but they’re not enabled by default.
  • Use temporary sessions. Some tools offer a “temporary chat” mode that isn’t saved. ChatGPT has one in its web app. Use it for any conversation that touches personal or work-sensitive information.
  • Never paste raw sensitive data. Treat AI prompts like postcards—anyone might read them. Avoid full names, account numbers, private messages, or internal documents. If you need to anonymize, paraphrase or redact first.
  • Prefer services that promise zero training. A few AI companies, including Perplexity AI and some enterprise-focused tools, state clearly that your data will never be used to train their models. Look for explicit language in the privacy policy.
  • Consider running AI locally. Open-source models like Llama or Mistral can run on your own computer using tools like Ollama or LM Studio. No data ever leaves your machine. It’s not as capable as the big cloud models, but for private tasks like summarizing notes, it’s good enough.
  • Review and delete old conversations. Every major AI platform lets you view your chat history and delete individual threads. Set a reminder to do this weekly. It reduces the amount of your data sitting on someone else’s server.

Quick wins (settings to change today)

  1. In ChatGPT: Settings → Data Controls → turn off “improve the model” → delete all conversations from history.
  2. In Google Gemini: Settings → Gemini Apps Activity → turn off → delete activity.
  3. In Microsoft Copilot: Go to privacy dashboard and disable “save my chat content” for Copilot.

These three changes take less than five minutes and immediately reduce your exposure.

Conclusion

Andy Yen is right: privacy in the AI era is possible, but it’s not automatic. Companies design defaults to benefit themselves—training on your data is valuable to them. The trade-off can be accepted if you’re aware and adjust accordingly. By checking settings, using temporary sessions, and being mindful about what you share, you can enjoy the benefits of AI without handing over your entire digital life.

The interview with Spiceworks serves as a timely reminder: the thing that keeps a privacy CEO up at night is the same thing that should keep you alert during the day. Act on it.

Sources

  • “Privacy in the AI era is possible, says Proton’s CEO, but one thing keeps him up at night,” Spiceworks (June 2026)
  • OpenAI data breach disclosure (March 2023)
  • FTC settlement with a major AI platform over data training practices (2024)
  • EDPB guidelines on AI and data protection (2025)