Signal’s President Warns: AI Chatbots Are a Privacy Risk – Here’s What to Do
If you’ve typed a personal question into ChatGPT, Gemini, or any other large language model, you might have assumed that conversation stays between you and the software. Signal’s president, Meredith Whittaker, has a different message: treat those chats like a public square.
In a warning reported by SC Media on June 22, 2026, Whittaker made clear that many popular AI chatbots lack the privacy protections users expect. Her advice is blunt: do not share secrets, financial details, or any information you wouldn’t want stored, analyzed, or even sold.
What happened
Whittaker, who leads the encrypted messaging company Signal, issued the caution during a discussion about the privacy implications of generative AI. She pointed out that most chatbot platforms log conversations, use them for model training, and may share data with third-party service providers. Unlike Signal’s own end-to-end encrypted infrastructure, typical chatbot interactions are visible to the provider and often stored indefinitely.
The full details of her remarks appeared in SC Media, a cybersecurity news outlet. Whittaker did not single out any specific company, but the concern applies broadly across the industry. The warning is timely: as chatbots become embedded in everyday tasks—writing emails, drafting documents, troubleshooting tech issues—users may forget that these tools are not private by default.
Why it matters
AI chatbots run on vast server farms, and every query you send passes through systems controlled by the provider. Even if a company promises not to read your conversations, metadata such as timestamps, IP addresses, and session patterns can still be collected. Some providers explicitly state in their privacy policies that they may share aggregated data or use conversations to improve models.
The risk is not hypothetical. Several incidents have shown that chatbot logs can be exposed through data breaches or internal leaks. In 2023, a bug in ChatGPT’s open-source library allowed some users to see other people’s chat titles. More recently, researchers demonstrated that training data can be extracted from models, potentially revealing fragments of real conversations.
For the average consumer, the practical danger is that a casual chat about banking, health, or family disputes turns into a permanent record that could be subpoenaed, sold, or simply misused. Signal’s president framed it plainly: treat the chatbot the same way you would treat a stranger on a bus.
What readers can do
You don’t need to abandon AI tools. But you can reduce exposure by following a few straightforward steps.
First, choose providers that have clear, consumer-friendly privacy policies. Some companies, like Anthropic (maker of Claude) and Mozilla (which offers a privacy-focused AI service), publish detailed transparency reports and commit not to train on user data without consent. Still, claims vary, so read the fine print.
Second, avoid logging sensitive information. Do not paste passwords, credit card numbers, medical details, or private correspondence into a chatbot. If you need help composing something sensitive, write it offline first and only feed the non-identifying parts into the tool.
Third, use temporary or guest accounts where possible. Some chatbots require account creation but allow you to delete your history regularly. Set a reminder to clear conversations, or use incognito modes if offered. For mobile, avoid granting unnecessary permissions like contacts or location.
Fourth, consider using dedicated hardware or air-gapped environments for truly private AI tasks. This is overkill for most people, but if you handle confidential work, local models like Llama or Mistral that run entirely on your device are the safest option.
Finally, apply the same skepticism you use with any online service. If a chatbot asks for personal data or offers to “remember” your preferences, ask yourself whether that information is necessary.
Sources
- SC Media, “Signal president warns about AI chatbot privacy risks,” June 22, 2026. RSS article link (retrieved June 23, 2026).
Note: This article is based on publicly available reporting and does not contain direct transcripts of Signal’s president’s remarks. Readers seeking the full original statement should consult the SC Media source.