Proton CEO on AI Privacy: What Keeps Him Up at Night and How You Can Stay Safe

A recent interview with Proton’s CEO offered a rare, straightforward take on AI privacy: it is possible to protect your data while using AI tools, but one specific threat still worries him. The conversation, published by Spiceworks, focused on the real-world risks that everyday users face and what the company behind Proton Mail and Proton Drive is doing about them. Here is what was said, why it matters, and what you can do right now.

What Happened

In the interview, Proton’s CEO (Andy Yen) acknowledged that AI services are becoming an essential part of daily digital life, from writing assistants to image generators. He stressed that privacy in this era is achievable, but conceded that one issue keeps him up at night: the risk that user data submitted to AI tools could be used to train models without clear consent, or that data might leak through insufficiently transparent providers. The interview did not name specific companies, but the concern aligns with documented cases where AI services have reused customer prompts or uploaded files to improve their models—sometimes buried in terms of service.

Proton itself has been working on AI features that run on-device or use end-to-end encryption, such as smart compose in Proton Mail and file search in Proton Drive. The CEO’s point was that technical safeguards exist, but adoption depends on both service providers and users making conscious choices.

Why It Matters

The threat is not abstract. When you paste a confidential email into a chatbot for summarization, or upload a contract to an AI document analyzer, you may be handing over data that the provider can later use for training—unless they explicitly commit otherwise. Even if the company does not sell your data, that information could influence the behavior of a public model, potentially exposing patterns or facts you never intended to share.

The CEO’s specific worry is about “data leakage for model training,” as the article notes. This is different from a data breach; it is a deliberate or incidental use of your input to improve a service, often without meaningful opt-in. For privacy-conscious consumers, the gap between “we don’t share your data” and “we use your data to improve our model” can be dangerously wide.

Proton’s approach is to keep processing local when possible and to avoid logging or storing prompts on servers. But not every tool does that, and most users do not read the privacy policies before clicking “generate.”

What Readers Can Do

You do not have to stop using AI to protect your privacy. Here are practical steps you can take today.

1. Choose tools that process locally or with end-to-end encryption.
Look for AI features that run on your device (like many smartphone assistants) or that clearly state no data leaves your account in plaintext. Proton’s own services are one example; others include Apple’s on-device models and some open-source alternatives. If a service cannot explain where your data goes, consider skipping it.

2. Opt out of model training whenever possible.
Many large AI providers offer a toggle to prevent your data from being used for training. In ChatGPT, for instance, you can disable “Improve the model for everyone” in settings. In Google Workspace, admins can turn off data sharing for generative AI features. Doing so does not break the tool, but it does limit what the company can learn from you.

3. Avoid pasting sensitive information into unknown AI interfaces.
Treat any prompt or upload as if it could become public. If you would not post the content on social media, do not feed it to a chatbot unless you are certain of the provider’s privacy commitments.

4. Use privacy-focused browser extensions and search engines.
Tools like DuckDuckGo’s AI Chat or Brave’s Leo offer some anonymity by not linking queries to your identity. They do not provide full encryption, but they reduce the footprint you leave.

5. Regularly review the terms of service and privacy policies of the AI tools you use most.
The CEO’s interview underscores that policies change. A service that promised not to train on your data last year may have updated its terms. Setting a reminder to check twice a year is not overkill.

Sources

The primary source for this article is the Spiceworks interview:
Privacy in the AI era is possible, says Proton’s CEO, but one thing keeps him up at night

Additional context about Proton’s privacy features can be found on their official blog and documentation, though those were not directly cited in the interview.

The key takeaway is that the CEO’s concern is not about the impossibility of privacy—it is about the gap between what is technically possible and what most users and providers actually do. Closing that gap starts with awareness and ends with a few deliberate choices.