Proton’s CEO on AI Privacy: What Keeps Him Up at Night and How You Can Stay Safe
Using AI tools like ChatGPT, Gemini, or Copilot has become as routine as checking email. But every time you paste a question, a draft, or a spreadsheet into these services, you’re handing data to a company that may use it to train its models, share it with vendors, or store it on servers you can’t control. In a recent interview with Spiceworks, Proton CEO Andy Yen argued that privacy in the age of AI is possible — and then pointed to the one gap that still worries him most.
What happened
Proton, best known for its end‑to‑end encrypted email, VPN, and cloud storage, has been expanding into privacy‑preserving AI tools. (Earlier this year, Proton launched Proton Scribe, an AI assistant that processes text locally on the user’s device.) In the interview, Yen said that mainstream AI companies have made “massive” privacy concessions by default: collecting user inputs, retaining them for model training, and sharing data with third‑party processors. He called this the “default‑to‑share” problem.
What keeps him up at night, according to the article, is that most users don’t realize how much of their personal or professional data ends up in those training pipelines — and that even a company with good intentions can accidentally expose data if its contracts with cloud providers aren’t airtight. Encryption alone doesn’t fix this. If a model trains on your private chat history, encryption during transit doesn’t matter; the data is already permanently embedded in the AI.
Why it matters
The gap Yen highlights is not technical but structural. Many AI services today rely on third‑party infrastructure (AWS, Azure, Google Cloud) and share data with annotation teams, moderation tools, and API partners. Even if you trust the AI company itself, you are also trusting every vendor in its supply chain. A single weak contract or misconfigured permission can leak everything you typed into a prompt.
For consumers, the consequences are real. Journalists, doctors, lawyers, and small‑business owners already paste confidential material into chatbots without a second thought. Once that data is used for training, it cannot be recalled. Privacy policies can change overnight, and some companies reserve the right to use inputs for product improvement unless you opt out — a step many users don’t know exists.
What readers can do
You don’t have to stop using AI. But you can take practical steps to keep your data out of training sets and off third‑party servers.
Use privacy‑focused AI tools. Look for services that process data locally or use end‑to‑end encryption by default. Proton Scribe, for example, runs on‑device. Other options include private‑cloud services where only you hold the encryption key.
Turn off chat history. Most major chatbots — including ChatGPT, Gemini, and Copilot — let you disable storage of your conversations. Find this setting in the account or privacy menu. Keep it off unless you have a specific reason to retain logs.
Prefer local models when possible. Tools like LLaMA or Mistral can run on your own computer or private server. No data leaves your machine. If you need cloud inference, choose a provider that offers a zero‑data‑retention policy and publishes independent audits.
Avoid pasting sensitive information. Even with privacy settings, treat every prompt as if it could be read by someone else. Don’t share passwords, financial details, medical records, or trade secrets.
Read the privacy policy — at least the data‑use section. Look for phrases like “we may use your inputs to improve our services” or “we share data with third‑party service providers.” If the language is vague, assume your data is not fully protected.
Sources
- Spiceworks: “Privacy in the AI era is possible, says Proton’s CEO, but one thing keeps him up at night” (June 4, 2026). Link