Proton CEO Warns About AI’s Memory Problem – Here’s How to Protect Your Data

AI tools like ChatGPT, Gemini, and Claude have become part of daily life for many people. They help with writing, brainstorming, coding, and research. But as adoption grows, so do questions about what happens to the data you feed these systems.

Proton CEO Andy Yen recently spoke about this tension between convenience and privacy. In an interview with Spiceworks, he said that privacy in the AI era is possible – but one thing keeps him up at night: data permanence.

What Happened

Yen’s concern isn’t abstract. Most mainstream AI services record your conversations, store them on their servers, and in some cases, use them to train future models. Even if a company offers an “opt-out” option, there is often no guarantee that past inputs have been deleted or removed from training datasets. Once your data has been ingested, it’s difficult to retract.

Proton, best known for its encrypted email and VPN, has taken a different approach with its own AI assistant, Proton Scribe. The company claims it uses end-to-end encryption and never trains its models on user data. Yen’s point is that the technical ability to offer private AI exists – but most companies choose not to use it.

Why It Matters

The problem goes beyond privacy settings. When you paste a draft email, a business plan, or personal notes into a chatbot, you are handing over content that could be stored, analyzed, or even exposed in a data breach. Unlike a password, which you can change, the content of a conversation about a medical condition, a legal issue, or a sensitive project may have long-term consequences if it leaks.

Data permanence also makes compliance harder. If you later need to delete a conversation under regulations like GDPR, the provider may claim that your data is already incorporated into a model and cannot be removed without retraining. Courts and regulators are still arguing about whether that is legally acceptable, but the safe approach is to assume that anything you share with a typical AI tool is not fully erasable.

What Readers Can Do

You don’t need to stop using AI to protect your data. The following steps can reduce your exposure without sacrificing the utility of these tools.

1. Opt out of training data use.
Most major chatbots – including ChatGPT, Gemini, and Claude – have settings that let you prevent your conversations from being used for model training. Review the settings page in your account. Keep in mind that this typically applies only to future conversations. Past interactions already in the system are rarely retroactively removed.

2. Use incognito or anonymous access.
Some services offer a “temporary chat” mode that does not save the conversation to your history. For example, ChatGPT’s “incognito” mode (available in many regions) does not retain the chat or use it for training. For maximum privacy, avoid logging in at all when possible – though some tools require an account.

3. Avoid sharing sensitive personal information.
Treat any AI chat as you would a post on a public forum. Do not paste passwords, Social Security numbers, full addresses, medical records, or trade secrets. Even if the tool offers encryption, the output may be cached or logged for quality control.

4. Review and clear your chat history regularly.
If you have been using a chatbot for months, there may be a backlog of conversations that contain personal details. Delete old threads periodically. Some services allow bulk deletion; others require manual removal. Make it a habit to clean up every few weeks.

5. Consider privacy-first AI alternatives.
A growing number of tools are designed around data protection. Proton Scribe (integrated into Proton Mail) processes messages locally or with end-to-end encryption. Other options include local-only AI models that run on your own device (like Llama 2 running on a laptop) or services that explicitly promise no data retention, such as Brave’s AI (summarizer) or DuckDuckGo’s AI Chat (which acts as an anonymizing proxy). Read the privacy policy before you start using any new tool.

6. Check the provider’s deletion policy.
Before you trust a service with sensitive data, look for a clear statement about what happens when you delete a conversation. Some companies state they delete the data within a set period; others remain vague. If the language is ambiguous, assume the worst.

Sources

  • Spiceworks (2026). Privacy in the AI era is possible, says Proton’s CEO, but one thing keeps him up at night.
  • Proton AG. Proton Scribe – privacy-first AI assistant.
  • OpenAI. Data controls for ChatGPT.
  • Google. Gemini privacy settings.
  • Anthropic. Claude data usage policy.

Bottom line: Privacy in the AI era does require deliberate choices. The technology exists to protect your conversations, but most mainstream providers have not made it the default. By understanding the risks and adjusting how you use AI, you can reduce your data exposure without giving up the benefits.