What Signal’s President Says About AI Chatbot Privacy Risks — and What That Means for You

If you’ve used ChatGPT, Google Gemini, or any other large-language-model chatbot, you’ve probably noticed how convenient they are for drafting emails, brainstorming ideas, or answering questions. But that convenience comes with a trade-off that often goes unnoticed: the data you type into those chat windows may not be as private as you assume.

In late June 2026, Signal president Meredith Whittaker publicly warned about the privacy risks posed by mainstream AI chatbots. Her comments, reported by SC Media, came at a moment when millions of people are turning to these tools for everything from work tasks to personal advice. Whittaker, who leads the encrypted messaging app known for its strong privacy stance, cautioned that most chatbots lack end-to-end encryption (E2EE), store user inputs on company servers, and may use that data to train future models. For everyday consumers, the implication is straightforward: the private thoughts you share with a chatbot could be seen by employees, used for product improvement, or exposed in a breach.

What Happened

On June 22, 2026, SC Media published a brief report quoting Whittaker’s remarks. She highlighted that, unlike Signal’s own end-to-end encrypted messaging, popular AI chatbots do not guarantee that your conversations remain visible only to you. “When you type something into a chatbot, it goes to the company’s servers, is often stored, and can be used for training or shared with third parties,” Whittaker said. “There’s no encryption equivalent to what we expect in private messaging.”

The warning did not name specific products, but it applied broadly to services like OpenAI’s ChatGPT, Google’s Gemini, Anthropic’s Claude, and Microsoft’s Copilot. These platforms typically log conversations, retain them for varying periods, and may rely on human reviewers to improve quality. Even when companies claim to anonymize data, re-identification risks remain.

Why It Matters

The risks go beyond theoretical privacy concerns. Consumer chatbot services have already faced data breaches. In 2023, a bug in ChatGPT exposed some users’ chat titles and payment information. In other cases, saved conversations have been accidentally shared or accessed by unauthorized parties. Because chatbots often lack E2EE, anyone with server access — or an attacker who compromises the server — could read your messages.

There is also the less-discussed issue of profiling. Companies can analyze your chat history to infer your interests, health concerns, political leanings, or financial status. That data might be used to train the model, but it could also feed advertising or surveillance systems. Although many chatbot providers claim they do not sell personal data, terms of service often allow them to share information with affiliates or for legal compliance.

For consumers, the core takeaway is this: treat a chatbot like a public conversation. Do not share anything you wouldn’t want a stranger — or a future employer — to see.

What Readers Can Do

You do not have to stop using chatbots, but you can reduce your exposure with a few practical habits:

  • Avoid sharing sensitive personal information. Never type your Social Security number, full address, login credentials, or health records into a chatbot. Even if the service says it deletes data after a period, retention policies can change, and deletion is not always guaranteed.

  • Use pseudonyms or generic terms. When asking for advice about a situation, change names and identifying details. Instead of “My boss Sarah Johnson,” say “a manager at my company.” This protects real people if your chat logs are ever reviewed.

  • Review privacy settings. Many chatbot platforms let you opt out of using your conversations for training. For example, OpenAI offers a setting to disable chat history and model improvement. Google Gemini allows you to turn off activity saving. Check these settings and turn them on.

  • Clear chat logs regularly. Most platforms have a delete or clear history option. Make it a routine — perhaps weekly — to remove stored conversations. Do not assume the delete button is permanent; some services keep backups for a while.

  • Consider privacy-focused alternatives. Some tools, like Mistral’s Le Chat or DuckDuckGo’s AI Chat, offer more limited data collection. You can also run smaller local models on your own device using tools like Ollama or GPT4All, keeping all data offline. These options may lack the sophistication of major chatbots but are far more private.

  • Treat prompts as public. Before you hit enter, ask yourself: would I post this on social media? If the answer is no, revise your prompt.

Sources

  • SC Media. “Signal president warns about AI chatbot privacy risks | brief.” June 22, 2026.
  • Signal President Meredith Whittaker’s public remarks as reported by SC Media.
  • OpenAI privacy policy and settings documentation.
  • Google Gemini privacy and data usage information.
  • General cybersecurity practice guidelines from consumer protection organizations.

Ultimately, Whittaker’s warning serves as a good reminder: the ease of AI chatbots should not lull us into forgetting basic digital boundaries. With a few straightforward changes in how you use these tools, you can enjoy their benefits without handing over more of your life than you intend to.