Proton CEO: You Can Have Privacy in the AI Era — But Here's What Still Worries Him

Proton CEO: You Can Have Privacy in the AI Era — But Here’s What Still Worries Him

In a recent interview with Spiceworks, Proton’s CEO argued that strong privacy is still achievable for people who use artificial intelligence tools. But he also pointed to a specific risk that keeps him awake at night — and it has less to do with the technology itself than with how it is being controlled.

What happened

Proton, the company behind the encrypted email service Proton Mail and other privacy-focused products, has been vocal about building AI features that do not compromise user data. Its CEO, Andy Yen, told Spiceworks that he believes privacy in the AI era is possible, provided users choose services that are designed with encryption and decentralization in mind. However, he expressed a clear concern: the growing concentration of AI data and infrastructure in the hands of a small number of large technology corporations.

Yen did not name specific companies, but the implication is familiar to anyone who follows the industry. The most popular AI chatbots and tools today run on servers owned by a handful of firms. Those companies can collect, store, and analyze user inputs on a massive scale — often without clear limits on how that data is used. For Yen, this centralization is the single biggest threat to privacy as AI becomes more embedded in everyday life.

Proton has already begun offering encrypted AI features, such as Proton Scribe, an email assistant that processes text on-device or within the company’s end-to-end encrypted infrastructure. The company has also said it intends to expand its privacy-preserving AI offerings, though it has not released a detailed roadmap.

Why it matters

The worry from Proton’s CEO is not about AI being inherently invasive. The technology itself can be built in ways that respect privacy — for example, by processing data locally or encrypting it before it ever reaches a server. The problem is that the market is currently tilted toward convenience and free services, which often come with hidden costs to personal data.

When you paste a private document into a free AI chatbot, that text may be stored, used to train models, or shared with third parties. Even if a company promises not to do those things, the data is still sitting on someone else’s server, subject to their security practices and legal obligations. For users who handle sensitive information — whether personal emails, financial records, or work documents — the risk is real.

The conversation matters right now because AI adoption is accelerating. In 2025 and 2026, millions more people have started using AI tools for writing, research, and automation. Most of them have not changed their behavior to account for privacy. Yen’s argument is that the window for building a different model is still open, but it may not stay open forever.

What readers can do

If you want to use AI without handing over your data to big tech, there are practical steps you can take. None of them are perfect, but each reduces your exposure.

• Choose privacy-first AI services. Proton is one example, but others exist. Look for tools that explicitly say they process data on-device or use end-to-end encryption. Avoid services that claim to be “anonymous” but still store your conversations on their servers.
• Limit what you share. Even if you use a trusted tool, avoid feeding it personally identifiable information, passwords, or confidential documents. Treat AI interactions like conversations in a public space — assume someone might be listening.
• Use open-source models when possible. If you have some technical comfort, you can run AI models locally on your own computer using software like Llama or Mistral. This keeps everything under your control. The trade-off is less convenience and lower performance on older hardware.
• Check the privacy policy. This is tedious, but worth doing. Look for clauses about data retention, model training, and third-party sharing. If the policy is vague, assume the worst.
• Be skeptical of “free” AI tools. The business model for most free online services is data collection. If you are not paying for the product, your data is likely the product.

Sources

The interview with Proton CEO Andy Yen was published by Spiceworks and can be found here. Information about Proton Scribe and the company’s privacy-by-design approach is based on Proton’s public statements and product documentation. The recommendation to use open-source models is supported by the fact that local execution avoids any third-party server involvement, though it requires some technical skill.