Proton CEO on AI Privacy: What Keeps Him Up at Night and What You Can Do

Proton CEO on AI Privacy: What Keeps Him Up at Night and What You Can Do

Intro

If you use tools like ChatGPT, Gemini, or Microsoft Copilot, you’ve probably wondered what happens to the data you feed them. Many people assume their conversations are private, but the reality is more complicated. AI companies often collect and store inputs to improve their models, and that data can be exposed in ways users don’t expect.

Proton, the company best known for encrypted email and VPN services, has long argued that privacy and convenience don’t have to be trade-offs. In a recent interview, Proton’s CEO discussed where the AI industry is falling short—and what keeps him up at night.

What happened

In an interview published on June 4, 2026 by Spiceworks, Proton CEO Andy Yen laid out his biggest worry about the current AI landscape. According to Yen, the central problem is that most AI tools are built on a business model that treats user data as raw material. The data people type into these tools is often used for training—and that creates a fundamental privacy risk.

Yen did not name specific companies, but the interview made clear that the lack of clear regulation around data collection and model training is a systemic issue. He noted that many users are unaware that their prompts and uploaded files can become part of the permanent training data, potentially reappearing in future outputs.

Why it matters

This concern matters for anyone who uses AI tools for work, study, or personal tasks. When you ask an AI assistant to summarize a confidential document, or you paste in a draft contract, you are effectively handing that information to a third party. Even if the service has a strong privacy policy, the data may still be used in ways you didn’t intend—like training the model to respond to other users.

Yen’s specific worry is that without meaningful regulation, companies have little incentive to limit data collection. Consumers are left to rely on vague promises and trust. And once your data is absorbed into a model, there is no easy way to remove it.

The broader lesson is that privacy in the AI era is possible, but it requires deliberate choices by both companies and users.

What readers can do

Here are the practical steps Yen and other privacy advocates recommend:

• Use services that offer end-to-end encryption. If your AI tool sends data to a server that the company can read, your privacy is limited. Proton recently launched Proton Scribe, an AI writing assistant that runs on encrypted infrastructure and does not store user data for training. Other companies like Skiff and some open‑source alternatives also offer privacy‑focused options.

• Check the privacy policy and settings. Many AI services let you opt out of data reuse for training. For example, ChatGPT allows users to disable chat history and training through account settings. It is worth taking five minutes to confirm your account does not automatically share your conversations.

• Avoid pasting sensitive personal information. Even if you trust the service, reduce risk by not sharing anything you would not want to see published. Use generic placeholders instead of real names, addresses, or financial details.

• Use separate accounts for sensitive work. Consider keeping personal and professional AI use separate. That way, if one account’s data is mishandled, the exposure is contained.

• Look for models you can run locally. Open‑source models like Llama, Mistral, or Gemma can be downloaded and run on your own computer. No data ever leaves your device, giving you full control.

Yen’s advice is not to stop using AI tools, but to treat them like any other service where you should understand how your data is handled.

Sources

• Spiceworks, “Privacy in the AI era is possible, says Proton’s CEO, but one thing keeps him up at night,” June 4, 2026.
• Proton press materials on Proton Scribe and encryption practices (available at proton.me).