AI Safety for Humans

The conversation about AI safety is not just for researchers and policymakers. It is for you, right now, every time you open a chat window and start typing.

The Ground Rule

Always assume that whatever you type into an AI tool is being recorded, stored, and potentially accessible to people other than you. This is not cynicism. It is a practical starting point that protects you regardless of what any company promises in their terms of service.

We want to believe that the companies building these tools are acting in good faith with our data. Many of them are making genuine efforts to protect user privacy. But good intentions do not prevent data breaches. They do not stop bad actors who spend their entire careers finding ways around security systems. And they do not change the fact that once your data exists on someone else's server, you no longer have full control over what happens to it.

This is not a new concept. It is the same reason you do not shout your credit card number in a crowded restaurant. The waiter is probably trustworthy. The restaurant probably has decent security. But you still keep your voice down because you understand that controlling who has access to sensitive information is your responsibility first.

What Never Goes Into an AI Conversation

There are categories of information that should never be typed into any AI tool, regardless of the platform, regardless of their privacy policy, regardless of how helpful it might seem in the moment.

Social Security or government ID numbers

These are permanent identifiers. If they leak, you cannot change them like a password.

Passwords, PINs, or security questions

Even if you are asking AI to help you organize accounts, never paste actual credentials into a conversation.

Bank account or credit card numbers

Financial data is among the most targeted information in any data breach.

Medical records or health details

Health information is protected by law for a reason. An AI chat window is not a secure medical system.

Home addresses, phone numbers, or your children’s information

Location data and family details can be combined with other leaked data to build a complete profile of you.

Photos of IDs, documents, or sensitive correspondence

Images uploaded to AI tools may be processed and stored in ways the text-based privacy settings do not cover.

Proprietary work documents or trade secrets

Your employer’s confidential information does not belong in a third-party AI conversation, regardless of how helpful the tool might be.

The Opt-Out Illusion

Most AI platforms now offer the ability to opt out of having your data used for model training. This is a good thing, and you should take advantage of it. But it is important to understand what opting out actually does and what it does not do.

Opting out of training typically means your conversations will not be fed back into the model to improve future responses. That is genuinely useful. But your data is still transmitted to and stored on their servers. It may still be reviewed by employees for safety and policy compliance. It still exists in their infrastructure, subject to their security practices, their legal obligations, and their vulnerability to attack.

Think of it this way. You can tell a hotel not to share your room number with other guests. That is reasonable and they will probably honor it. But your room number still exists in their system. If someone breaks into their reservation database, your information is there whether you opted out of the loyalty program or not.

Opting out is a layer of protection. It is not a guarantee. Treat it accordingly.

The Real Threat Landscape

Data breaches are not rare events anymore. They are a constant feature of the digital landscape. Major companies with enormous security budgets get breached regularly. The question is not whether a given platform will ever be compromised. The question is what data will be exposed when it happens.

Here is what makes the current moment particularly concerning. The same AI technology that helps you write emails and organize your thoughts is also being used by people with bad intentions. AI has made it significantly easier and faster to craft convincing phishing emails, generate realistic fake identities, write malicious code, and automate attacks that used to require specialized technical knowledge.

A person who five years ago did not have the skills to exploit a data breach can now use AI tools to analyze stolen data, identify valuable targets, and craft personalized scams at scale. The barrier to entry for cybercrime has dropped dramatically, and it would be dishonest not to acknowledge that.

This is not meant to frighten you away from using AI. These tools have genuine, significant value. But using them with awareness of the risks is the difference between driving a car with a seatbelt and driving one without. The car is useful either way. One approach is just a lot smarter.

Your Data Behind the Curtain

When you type a message into an AI tool, that text travels from your device to a data center owned by the company that built the tool. What happens to it after that depends on the platform, but here is the general picture.

Your conversation is processed to generate a response. In many cases, it is also stored, sometimes for days, sometimes for months, sometimes indefinitely. If you have not opted out of data training, your conversation may be reviewed by human employees, used to fine-tune future models, or analyzed for patterns that help the company improve their product.

Even the conversations you delete may not be immediately removed from all backup systems. Digital deletion is rarely as clean as emptying a physical trash can. Data can persist in backups, logs, and redundant systems long after you hit the delete button.

None of this means these companies are acting maliciously. Most are following standard industry practices. But standard industry practices were designed around the assumption that users understand how their data is handled, and most users simply do not.

AI-Powered Deception

Beyond the question of what you share with AI tools, there is a broader safety concern that everyone should understand. AI is being used to deceive people in ways that were not possible even two years ago.

Deepfakes, which are AI-generated videos or audio recordings of real people saying things they never said, are becoming increasingly difficult to distinguish from genuine content. Voice cloning technology can replicate someone's voice from just a few seconds of sample audio. There are documented cases of people receiving phone calls from what sounds exactly like a family member in distress, asking for money or personal information.

Phishing emails used to be easy to spot because they were poorly written and generic. AI has changed that. Attackers can now generate perfectly written, highly personalized messages that reference real details about your life, your workplace, or your recent activity. These are not theoretical risks. They are happening right now, and they will only become more sophisticated.

The best defense is awareness. If something feels urgent and unusual, verify it through a separate channel. If you get a call from a family member asking for money, hang up and call them back directly. If you receive an email from your bank that seems slightly off, navigate to your bank's website directly instead of clicking any links. Skepticism is not rudeness. It is self-preservation.

Protecting Yourself in Practice

1

Treat Every Conversation as Public

Before you type anything into an AI tool, ask yourself a simple question: would I be comfortable if this showed up in a data breach? If the answer is no, do not type it. This is not paranoia. It is the same common sense you apply to email. You would not send your Social Security number in an email to a stranger, and the same logic applies here.

2

Review Your Privacy Settings

Every major AI platform has privacy and data-sharing controls. Find them. Read them. Turn off anything that allows your conversations to be used for training if that option exists. This will not make you bulletproof, but it reduces your exposure. Check these settings periodically because platforms update their policies, and sometimes those updates reset your preferences.

3

Use Separate Accounts When Possible

If you use AI for both personal and professional purposes, consider using separate accounts. This limits the amount of context any single account accumulates about you. The less any one system knows about the full picture of your life, the less damage a breach can cause.

4

Clear Your Conversation History

Most AI platforms let you delete your conversation history. Make it a habit. If you no longer need a conversation, remove it. Data that does not exist cannot be stolen. Some platforms also offer options to auto-delete conversations after a period of time. Use those features if they are available.

5

Stay Informed About Breaches

Sign up for breach notification services like Have I Been Pwned. If a service you use gets compromised, you want to know immediately so you can take action. This is good practice for all your online accounts, not just AI tools.

6

Talk to Your Family

If you have kids or family members using AI tools, have the conversation about what is and is not safe to share. Children are especially vulnerable because they may not understand that the friendly chatbot on the other end of the screen is storing everything they type. Make it a household rule: no personal details go into AI conversations.

AI is not going anywhere. It is becoming more embedded in our daily lives with every passing month. That is not inherently good or bad. It is simply the reality we are living in. The people who navigate it best will not be the ones who avoid it entirely or the ones who use it blindly. They will be the ones who understand both its value and its risks, and who make informed choices accordingly.

You do not need to become a cybersecurity expert. You do not need to stop using AI tools. You just need to use them with the same awareness you bring to any situation where your personal information is involved. Lock the door, close the window, and think before you share.

The goal is not fear. The goal is awareness. And awareness is something you now have.

Last updated: March 2026