1 in 3 Britons are fine with sharing sensitive data with AI chatbots

Nearly one in three Britons are sharing confidential personal information with AI chatbots like ChatGPT and Google Gemini, according to new research from cybersecurity company NymVPN. This widespread oversharing includes sensitive health, banking, and financial data, despite 48% of respondents expressing privacy concerns about AI tools, highlighting a concerning gap between awareness and behavior that extends into workplace environments.

What you should know: The research reveals alarming patterns of data sharing across both personal and professional contexts.

• 30% of Britons have provided AI chatbots with confidential personal information, including health and banking data.
• 26% admitted to disclosing financial information related to salary, investments, and mortgages to AI chatbots.
• 18% shared credit card or bank account data directly with these tools.

The workplace risk: Company data is equally vulnerable, with employees uploading sensitive business information to AI tools.

• 24% of respondents admitted to sharing customer data, including names and email addresses, with AI chatbots.
• 16% uploaded company financial data and internal documents such as contracts to AI chatbots.
• This occurs despite 43% expressing worry about sensitive company data being leaked by AI tools.

What they’re saying: Industry experts emphasize that convenience is overriding security considerations in AI adoption.

• “AI tools have rapidly become part of how people work, but we’re seeing a worrying trend where convenience is being prioritized over security,” said Harry Halpin, CEO of NymVPN.
• “High-profile breaches show how vulnerable even major organizations can be, and the more personal and corporate data that is fed into AI, the bigger the target becomes for cybercriminals,” Halpin added.

Why this matters: The research underscores an urgent need for companies to implement clear AI usage policies and guidelines.

• Nearly a quarter of respondents sharing customer data with AI chatbots highlights the immediate need for formal workplace AI policies.
• The disconnect between privacy concerns and actual behavior suggests users may not fully understand the risks of data sharing with AI systems.
• The findings come amid recent high-profile data breaches affecting major retailers like Marks & Spencer, Co-op, and Adidas.

Protection strategies: While complete avoidance of AI chatbots isn’t practical, users can take steps to minimize risks.

• Users should avoid sharing sensitive information with AI chatbots entirely.
• Privacy settings can be adjusted, such as disabling chat history or opting out of model training.
• VPNs (Virtual Private Networks) can add a layer of privacy by encrypting internet traffic and masking IP addresses, though they don’t protect against direct data sharing with AI systems.