What Proton’s CEO Fears Most About AI Privacy (and Why He’s Still Optimistic)
Proton, the company behind ProtonMail and ProtonVPN, has built its reputation on giving users control over their data. So when its CEO speaks about privacy in the AI era, it’s worth listening. In a recent interview with Spiceworks, the CEO laid out both a specific concern that keeps him awake at night and a measured case for why privacy hasn’t been lost yet.
What happened
The interview centered on the tension between the rapid adoption of AI tools and the erosion of personal privacy. Proton’s CEO pointed to a single overriding risk: the centralization of personal data into a handful of AI platforms, combined with users having little say in how that data is used. He specifically highlighted the practice of feeding private conversations, emails, and documents into AI models for training or inference, often without transparent consent mechanisms.
The concern is not hypothetical. Many popular AI assistants, chatbots, and productivity features send user data to cloud servers where it may be stored, analyzed, or used to improve models. Once data leaves a user’s device, control is effectively handed over to the service provider. For a company like Proton, which champions end-to-end encryption and zero-access architecture, this model is fundamentally at odds with privacy.
Why it matters
For the average person, the stakes are straightforward. Every time you paste a sensitive document into a free AI tool, or let a smart assistant read your calendar, you may be surrendering information that could be used in ways you didn’t intend. That includes everything from embarrassing personal messages to confidential work files.
What makes this different from earlier data collection is the scale and the persistence. AI models do not forget. Data used for training can surface later, be linked to other sources, or be exposed in a breach. Even if a company promises not to share your data, the centralization creates a single point of failure. Once your data is on someone else’s server, you rely entirely on their security and honesty.
But the CEO also offered a reason for optimism. He noted that technology already exists to keep data private even while using AI: end-to-end encryption, on-device processing, and open-source models that run locally. The challenge is not technical but economic and behavioral. Most users choose convenience over privacy because they don’t see the immediate cost.
What readers can do
You don’t need to stop using AI. But you can take concrete steps to limit exposure:
Choose privacy-first AI services. Look for tools that offer end-to-end encryption or run processing on your device. Proton itself is working on integrating AI while keeping user data encrypted. Other options include local-only models like Llama or Mistral that you can run on your own computer.
Avoid pasting sensitive information into free, ad-supported AI tools. Assume that anything you type into a public chatbot could be read by humans or used for training. Treat it like a public forum.
Use encryption wherever possible. If you must use a cloud-based AI service, ensure the connection is encrypted and check the provider’s data policy. Some services allow you to opt out of training data collection.
Stay informed about model updates and policies. Companies change terms of service frequently. What was private last year may not be private today. A quick read of the privacy policy before using a new feature costs little time.
Support companies that prioritize user control. The market responds to demand. When enough users choose services that respect privacy, the industry shifts. Proton is one example, but there are others.
Sources
This article is based on reporting by Spiceworks (June 4, 2026) in which Proton’s CEO discussed AI privacy risks and opportunities. Proton is a Swiss-based provider of encrypted email, VPN, and cloud storage services. Their public documentation and blog posts further detail their approach to AI and encryption.