Research Warns: Your Conversations with Artificial Intelligence May Not Be as Private as You Think
Variety

Research Warns: Your Conversations with Artificial Intelligence May Not Be as Private as You Think

SadaNews – A research study published on the "LeakyLM" website has revealed privacy risks affecting some of the most prominent generative artificial intelligence platforms, including "ChatGPT," "Claude," "Grok," and "Perplexity." Researchers describe these issues as data leaks of conversations and user-identifying data to third-party tracking and advertising services. According to the research, the problem is not only related to the presence of analytics and tracking tools within these services, but also the way that conversation links and user data can be associated with advertising identifiers and online profiles.

The study's authors state that they tested four artificial intelligence platforms and found over 13 external tracking tools, noting that all four platforms tested were affected to varying degrees. The site also mentions that these practices are not explained to users in a direct and clear manner, despite the companies' privacy policies confirming the collection of conversations and usage data and reliance on third-party cookies for analytics and advertising purposes.

Links Exposing Conversations

One of the most sensitive points in the study focuses on the conversation links themselves. Researchers assert that links from some conversations are sent to tracking services like "Meta Pixel" and "Google Analytics," where these links may, in some cases, be sufficient to access the content of the conversation or information revealing its subject. The report adds that the URLs or page titles of the conversations can carry sensitive indicators about the user's interests, concerns, or the nature of the topic being discussed with the intelligent assistant.

Researchers found that "ChatGPT" was sending the full conversation link and page title to "Google Analytics" when loading the page for users registered under the free tier, regardless of whether they accepted or rejected cookies, according to the report. They also detected in "Grok" the leakage of the conversation link and title to "Google Analytics" and "DoubleClick," and in some cases to "TikTok" and "Meta," noting that some conversations or associated images may be publicly available in sharing contexts.

In the case of "Claude," the study indicates different types of leaks, including the sending of email addresses and conversation titles to "Intercom," along with signals linking user activity across various tools on the server side when accepting non-essential cookies. In "Perplexity," the study states that the company stopped "Meta Pixel" in April 2026, but researchers observed continued sending of other data like raw email addresses or conversation titles and metadata to tools such as "Datadog" and "Singular."

Linking Conversation to Identity

The report asserts that the risk extends beyond merely transmitting a link or page title; it also involves the potential to link conversations to user identities. Researchers explain that some tracking services receive cookies and other identifiers with conversation links that can, according to those companies' own policies, help associate online activity with behavioral or advertising profiles. In some cases, the report states that tracking also includes email hashes or profile syncing mechanisms, which could facilitate re-identification of users or the removal of their anonymous identities.

These findings carry even greater sensitivity, according to the study; users of smart assistants share many personal and sensitive pieces of information because they consider them to be trusted assistants. The site references prior studies that showed users disclose personal data to generative systems in unexpected contexts, including health, psychological, or personal matters. Researchers believe that these risks are not limited to individuals but also extend to companies and the public sector; valuable intellectual property or sensitive institutional information can be leaked as well.

Opacity in Privacy

The research critiques what it describes as opacity in privacy tools. It states that the studied platforms offer privacy control settings and visibility of conversations, but they may imply stronger protections than what is actually implemented in certain scenarios. It adds that cookie consent models themselves suffer from a lack of transparency; researchers observed instances where tracking occurs despite user options, or in ways that are challenging to detect through the browser due to the use of server-side tracking channels.

The report does not claim to have evidence that these third parties actually "read" the conversations, but it states that the access or linking is technically possible, which in itself creates a structural risk to privacy. Therefore, researchers conclude that what is happening reflects the transition of the web model based on tracking and advertising to the environment of generative assistants as these services rapidly expand and become an essential part of users' daily and professional lives.

Thus, the study highlights a less prominent aspect of the AI race related to not only what these platforms can do but also the structure of their digital economies, how user conversations are managed within them, and how private these conversations actually remain.