Last month, a security researcher found 300 million messages from 25 million users sitting in a publicly accessible database. No hack. Just a misconfigured backend on a wrapper chatbot built on top of Claude, ChatGPT, and Gemini.
Medical questions, legal discussions, personal confessions, all of it free for the taking. The worst part? It wasn’t even an attack. Just negligence.
It’s enough to give those concerned about privacy a scare, and then there’s the more deliberate stuff some companies are doing: LinkedIn quietly opted users into AI training. Google flipped Gmail access on by default for its AI model Gemini. Meta cited “legitimate interest” to train on years of EU users’ Facebook posts. A court ordered OpenAI to preserve all ChatGPT logs—including deleted ones—for legal discovery.
As Moxie Marlinspike, the cryptographer who built the privacy-focused messaging app Signal, put it: using mainstream AI is like confessing to a “data lake.”
So if you still want AI in your life—and many of you probably do—here are some tools that at least make a serious effort to keep your data private.
Confer: What if Signal was a chatbot?
Moxie Marlinspike developed Signal so users could have privacy in the middle of the Web 2.0 revolution. Confer, his AI project launched in December 2024, is the logical continuation now that interactions with AI are found everywhere on the internet.
With Confer, your message encrypts on your device before it goes anywhere. It then travels to a Trusted Execution Environment: a hardware-isolated vault on the server that even Confer’s own engineers cannot access or read. The response comes back encrypted. The entire codebase is open source and verifiable. Anyone can check that what’s actually running on the servers matches what’s published.
That last part is called remote attestation. It’s a big deal. It means you don’t have to trust their privacy policy; you can verify the architecture itself.
