The One AI Privacy Risk That Keeps Proton’s CEO Awake at Night
It’s easy to assume that privacy and modern AI tools can’t coexist. Every time you paste a paragraph into a chatbot or upload a file to an AI service, you’re handing data to a company you may not trust. Proton’s CEO, Andy Yen, recently spoke with Spiceworks about whether privacy is still possible in this landscape. His answer: yes, it is possible—but one specific risk keeps him up at night.
What happened
In a wide-ranging interview (published June 2026), Yen acknowledged that many AI services today are built on a data-hungry model. User prompts, uploaded documents, and even the metadata of how you use a tool can be collected, stored, and reused. The thing that worries him most? The lack of transparency and control around how your data is used to train or improve AI models. Without clear consent mechanisms, users often don’t realize their private information is being fed into a training pipeline—and once it’s in there, it’s nearly impossible to remove.
This concern isn’t hypothetical. We’ve seen instances where companies quietly used customer data to improve their AI, or where prompts containing sensitive business information were leaked through model outputs. Yen’s point is that the default in most AI products is data collection; privacy has to be deliberately engineered.
Why it matters for everyday users
If you use any online AI tool—whether it’s ChatGPT, Google Gemini, or a writing assistant built into your email—your inputs are likely being processed on servers you don’t control. That might be fine for checking a recipe or drafting a funny note to a friend. But many people also type confidential work emails, paste legal language, or ask for medical advice.
The risk isn’t just about a breach. It’s about your data becoming part of a permanent training dataset, where it could reappear in someone else’s conversation or be used to generate responses that reflect your private information. Even if the company has a strong privacy policy, policies can change, and enforcement can be inconsistent.
Yen’s frustration, according to the interview, is that most vendors don’t give users a straightforward way to opt out of training or to verify that their data has been deleted. That lack of control is the core threat.
What readers can do right now
You don’t have to stop using AI. But you can take practical steps to keep your data out of the training loop and under your control.
1. Choose AI tools with clear, auditable privacy practices. Look for services that state they do not train on user data by default, or that offer a paid tier without training. For example, Proton’s own AI writing assistant, Proton Scribe, runs encryption end-to-end so that even Proton cannot see your content. (Disclosure: Proton is a privacy company, and its approach is described in the interview.)
2. Use separate accounts for sensitive queries. When you need to ask something personal or work-related, avoid using the same free account tied to your real identity. A burner account or a privacy-focused alternative can reduce the data trail.
3. Review permissions and settings. Many AI platforms let you turn off chat history or data sharing. Go into your account settings and find the “data controls” section. Switch off everything that allows training. Screenshot the settings for your records.
4. Consider a VPN when using web-based AI tools. A VPN (like Proton VPN) encrypts your connection and hides your IP address, making it harder for the AI provider to build a profile based on your location or browsing habits.
5. Self-host or use local models when possible. If you have the technical comfort, running a local language model (like Llama or Mistral) keeps everything on your device. It’s not for everyone, but it’s the most private option.
6. Be mindful of what you paste. Before you copy-paste anything into an AI prompt, ask yourself: would I be comfortable if this appeared on a public website? If not, anonymize or skip it.
The bigger picture
Yen’s message is cautious but not pessimistic. He believes privacy in the AI era is achievable, but only if users demand it. Companies like Proton are building tools that prove encryption and AI can work together. However, the industry as a whole still defaults to collecting as much data as possible.
The takeaway for you: start treating every AI interaction as a potential data leak unless you’ve verified otherwise. The threat that keeps Proton’s CEO up at night is real—but with a few deliberate choices, you can sleep a little easier too.
Sources
- Spiceworks interview with Proton CEO Andy Yen, June 2026. Link
- Proton Scribe privacy documentation (referenced for best practices)