AI writing Platforms and tools have exploded in popularity, offering content writers everything from draft generation to SEO optimization. But behind the convenience lurks a critical question: Which AI writing platforms secretly harvest user data?
This investigation peels back the curtain on leading free and paid AI writing services like ChatGPT, Jasper, Copy.ai, Writesonic, Rytr and others as well as browser plugins and mobile apps. We examine their privacy policies, share comparative global data-privacy insights, and give voice to experts and affected users.
The findings reveal that while many platforms promise improved writing efficiency, their data-collection practices vary widely. Some use every word you type as fuel to train future models, and even track metadata like IP addresses or browsing behavior. Others claim to keep data private for paid tiers only.
ChatGPT and similar tools often act like “data hoovers.” According to Wired, OpenAI’s privacy policy openly states it collects “all user input and reserves the right to train [its] models on this”. In practice this means prompts, drafts, and even notes you paste into these apps may be pooled to improve the AI. ChatGPT specifically gathers not only the text you enter but contact info (like email), device and network details, geolocation, and usage metrics.
Experts warn that OpenAI’s approach is to “take everything now and sort it out later,” storing broad categories of data as defined by a catch-all “user content” clausewired.com. The company admits its default behavior is to use free-chat data to train models, unless users turn off that setting or pay for an Enterprise account.
Since its debut in 2020, ChatGPT has faced regulatory scrutiny. Italy’s data watchdog fined OpenAI €15 million in late 2024, after finding ChatGPT had processed users’ personal data (including children’s messages) to train its AI without a clear legal basis. Italy briefly banned ChatGPT in 2023 over GDPR violations.
The Iranian-owned news agency ANI in India has also accused ChatGPT of improperly training on its published content, filing suit to force deletion of ANI’s data. In response, OpenAI told an Indian court it could not remove any training data, arguing US law requires it to preserve data during litigation. Such international cases highlight that ChatGPT’s data isn’t just in one country as OpenAI confirmed servers holding ChatGPT’s models are located outside India, raising jurisdiction and privacy questions.
OpenAI’s privacy controls offer some relief. Users can opt out of model training in settings, or use “temporary chat” mode so that inputs are deleted every 30 days. But even that may only prevent data from improving future models; due to ongoing litigation, a US judge has required OpenAI to retain all chat data on record. In short, when you feed sensitive information to ChatGPT (like business secrets or personal documents), it could be logged on servers indefinitely, and possibly shared with affiliates, service providers or even law enforcement as outlined in its policy.
As Jules Love, an AI consultant, warns: “It uses everything from prompts and responses to email addresses, phone numbers, geolocation data, network activity, and what device you’re using.”. The only guaranteed privacy is to refrain from sharing anything confidential information or to delete your account and pray the data is gone despite the court orders.
Jasper AI and Data Tracking Extensions
Jasper AI (formerly Jarvis) has positioned itself as a marketing-focused writing tool with enterprise features. The company publicly emphasizes data security: Jasper’s CTO told customers that the service does not train its AI on user-submitted content and does not retain ownership of user output. This claim is reinforced by third-party clients.
For example, Jasper implemented Transcend’s privacy suite and stated its policy is “as a matter of policy, Jasper does not retain ownership of user outputs and their third-party AI/ML models are not trained on user data.” Jasper also notes it encrypts data in transit and at rest, and holds SOC 2 compliance certifications.
Despite these assurances, others have uncovered aggressive data collection in Jasper’s browser extensions. Security researchers at Wizcase examined the “Jasper Everywhere” Chrome extension (which brings Jasper’s AI to any webpage). They found that simply installing the extension causes it to “meticulously send user activity to datahog servers, tracking every webpage you visit” even before you log in or use the tool.
In practice, the extension logs your full browsing behavior via calls to third-party domains (like datadoghq.com), capturing visited URLs, time stamps, and even mouse movements and clicks. The Wizcase investigation provides hard evidence: as soon as the extension is downloaded, it immediately contacts Jasper’s servers and pushes a “unique identifier” for your device.
It then listens to your browsing: for example, visiting example.com and gmail.com triggered dozens of background requests in the logs, all reported back to Jasper’s backend. The extension even sends detailed packets when you sign into or out of accounts, recording UI elements clicked and mouse positions.
In short, Jasper’s plugin turns on very detailed telemetry: beyond just capturing your text input, it can watch which pages you go to and how you interact with them. The Chrome Web Store listing confirms that “Jasper Everywhere” collects web history, website content, and even financial/payment information if entered. (These claims even exceed typical requirements, as Chrome’s policies normally forbid extensions from collecting more data than needed.)
After registering for the extension, any additional actions you take like typing in forms, clicking elements are also captured and sent. Notably, with the extension loaded, the researchers’ attempt to summarize a simple site yielded nonsense; the AI had all the data it needed but still hallucinated irrelevant content. This demonstrates not only the tracking, but that Jasper’s AI couldn’t properly interpret the captured data.
Jasper’s standard website (not the extension) uses more conventional tracking. It employs Google Analytics and remarketing tags (Twitter, Facebook, etc.) to optimize marketing. The privacy policy acknowledges data sharing with service providers, parent/affiliate companies and acquirers. In practice, if Jasper is acquired or merges, your account info and usage history could be transferred.
However, Jasper does not openly share data with advertisers (no targeted ads in the product itself). Its blog and documentation emphasize user trust: “Privacy is at the heart of trust,” says Jasper’s president Shane Orlick. But the browser-extension scandal shows that even privacy-minded companies can have blind spots; third-party apps connected to AI services can bypass those company promises entirely.
Comparative analysis finds Jasper is not alone in tracking. A May 2025 survey by Surfshark ranked AI chatbots by their data collection. It found Jasper’s mobile or web apps collect device IDs, user interaction and advertising data, which can be used to track and target users. In fact, Surfshark notes that among popular chatbots, only Copilot and Jasper explicitly record device IDs and ad-data for tracking purposes.
Similarly, Cybernews reports that Jasper, along with Microsoft Copilot and Poe, “collect data that could be used to track you, such as device IDs… product interaction data, advertising data, and other usage data”. In short, if a marketer uses Jasper’s analytics at all, your platform clicks and engagement could inform future ads or be sold to data brokers (depending on third-party policies).
Other AI Writing Tools: Copy.ai, Writesonic, Rytr, and More
Beyond the industry giants lie numerous specialized writing apps. Copy.ai, Writesonic, Rytr, QuillBot and others offer free tiers and freemium models. Many of these make privacy trade-offs even more quietly. For example, Copy.ai’s privacy policy explicitly allows the company to use your prompts and its generated text to “improve our services and algorithms.” That means copy-editing suggestions you type (or any confidential draft) can become part of Copy.ai’s training data. Industry analysts note that free users of Copy.ai have no explicit way to opt out of this: all submitted content is assumed available for model training.
Writesonic and Rytr similarly reserve the right to use user content. While their policies don’t attract headlines, digging into them reveals clauses like “we may share or transfer your personal information with affiliates and partners”. Writesonic mentions it uses standard analytics (Google, LinkedIn) to monitor product use, implying user actions on the site go to outside ad networks.
Rytr’s policy (as of 2025) states the company may process any content you feed it “in aggregate form,” though specifics on training are scant. All these tools, especially in their free/low-tier forms, follow a similar pattern: they collect user IPs, usage logs, device info and the text you enter, and use those to refine their AI or serve ads.
A recent risk analysis highlights a pervasive trend: most AI tools’ free tiers use your data for training unless explicitly stated otherwise.
The report concludes that “tools like ChatGPT, Google Gemini, Copy.ai, Leonardo.AI and others likely use non-paying users’ data to train their models”. Indeed, with large cloud providers (OpenAI, Google, Microsoft) under GDPR/CCPA constraints, they at least claim data is “anonymized” for safety.
But that often just means stripping names as your IP, location or file metadata may still flag back to you. Meanwhile, smaller apps may have weaker legal compliance. For example, Chinese app DeepSeek was found to leak over 1 million chat records, including personal identifiers. Without strict governance, any data breach (intentional or via hacking) could expose your writing inputs.
Browser Extensions and Plugins – Silent Surveillance
The Jasper Everywhere case shows a broader danger: AI assistants embedded in browsers can become surveillance tools. Many companies offer Chrome/Firefox extensions or WordPress plugins that deliver AI writing features. While marketed as productivity boosters, some of these extensions have access to all the text you view or type in a browser window.
For instance, some extensions promiscuously capture form data to feed it to their AI engine. A Gizmodo study found certain AI plugins were scanning every page you visit and matching it against known content. Besides Jasper, other extensions (e.g. AI SEO helpers) may similarly track data.
Importantly, these browser AI tools often ask for permissive access permissions. A Chrome extension that needs to run on “all sites” can read all your web activity. Unless carefully sandboxed, an unscrupulous extension could siphon passwords, financial data or private messages. Even if the extension’s company claims to keep data safe, any vulnerability or rogue employee could exploit the wide access. Content writers should treat all AI browser plugins with caution: check reviews, and if in doubt, use them only on dummy accounts or disable them.
Data Collected: What AI Platforms See
Across the board, the kinds of data AI writing tools collect fall into a few categories:
User Inputs: All the text you enter like prompts, documents, feedback, images. Most platforms treat these as the primary training fuel.
User Outputs: The responses or content generated by the AI. Some policies claim they don’t claim ownership, but many services reserve the right to use output “in aggregate”.
Account Information: Contact details (email, name), credentials, billing info. ChatGPT stores payment histories for Plus users, and tools like Rytr may keep your account details.
Device and Access Data: IP addresses, device type, browser, geolocation, network info. OpenAI’s policies note it logs what device you’re using and other usage metadata.
Behavioral Data: How you use the tool — timestamps of usage, features clicked, frequency. This helps companies optimize their product but essentially profiles your habits. Jasper’s extension even tracks mouse movements.
Content Metadata: For example, titles of files you upload or images you use. If you paste an image into ChatGPT, OpenAI may store image metadata.
Third-Party Data: Some tools integrate social media or analytics. For example, linking a Google account for login shares your name/email with the AI service. Plugin trackers like Google Analytics may merge your usage with Google’s broader ad profile.
In most cases, this data is aggregated to improve the AI (per the provider), but the line between “improving service” and “marketing/advertising” is thin. Platforms often state they do not sell user data outright. Instead, they say data is used to make the AI smarter. However, many explicitly allow sharing with “affiliates, vendors and business partners”.
This could include cloud providers (AWS, Google Cloud), analytics companies, or even law enforcement under lawful request. As one industry expert cautions, “It’s hard to know where your data will end up” once it’s in big tech’s hands.
Global Perspectives and Regulatory Actions For AI Writing Platforms
Privacy attitudes vary worldwide. In the EU, data protection laws (GDPR) require clear consent and the option to erase personal data. But AI tools predate specific AI regulations, leaving gaps. Italy’s regulator took a hard line with OpenAI in 2024, citing GDPR violations (lack of legal basis, insufficient transparency). Other EU countries are watching closely as the upcoming EU AI Act (expected 2025-26) may impose stricter rules on how AI can learn from data.
In the United States, regulations are still catching up. The FTC has warned companies that they cannot deceptively say “we delete your data” if they don’t truly do so. Notably, even though ChatGPT advertises chat deletion, a court has forced OpenAI to hold onto that data. States with privacy laws (California, Colorado etc.) allow consumers to request deletion of personal info, but enforcement on AI companies is nascent.
However, the FTC recently approved an order against Rytr LLC – not for privacy, but for deceptive claims (it illegally generated fake reviews). That case shows regulators’ willingness to crack down on AI misuse; privacy rules may follow.
Across Asia, views diverge. India is debating its own Data Protection Bill and AI policies. The Reuters coverage of the ANI lawsuit shows Indian courts are at least aware of generative AI’s data issues. India has no specific AI law yet, but the Personal Data Protection Bill (modeled after GDPR) would eventually cover AI platforms. Meanwhile, China views generative AI through a different lens: a draft Chinese rule requires AI companies to log user IDs for surveillance purposes, potentially forcing Chinese AI chatbots to report users if asked.
In Singapore and South Korea, authorities have advised caution: a Korean survey found ~59% of AI users worried about privacy, and the South Korean data protection agency issued guidelines on AI data handling. In short, while the technology is global, legal responses are a patchwork. Content creators outside the US should note that US-based AI tools may not abide by their local privacy expectations.
Voices from the Field
We reached out to legal and tech experts for insight. Privacy attorney Jennifer Roche says it best: “Think twice before pasting any confidential text into these tools. Even if they say data is ‘anonymized,’ you’re trusting a lot of black-box processing. Where enforcement lags, user caution is the only defense.” Similarly, cybersecurity analyst Angus Allan (quoted by Wired) bluntly observed that some AI policies read like open grabs for data: “It’s a data hoover on steroids,” he says of OpenAI’s practice, adding “their privacy policy explicitly states they collect all user input and reserve the right to train their models on this”.
Content creators themselves are split. Freelancer Priya Nair (25), who uses AI for blog outlines, says she’s stopped sharing product code or personal info in ChatGPT after learning it kept logs. “It’s like scribbling on a wall in the town square, then realizing the whole world might read it,” she told us. An anonymous writer for a medical website pointed out that even metadata (like unique patient descriptions) could identify individuals if doctors used AI for case notes.
Nonprofit groups urge schools and workplaces to warn users. US PIRG’s data-privacy director R.J. Cross explains: “These AI platforms collect plenty of your data,” and with a recent court order “it’s unclear if you can successfully delete your ChatGPT chat logs”. In other words, end users report feeling blindsided: platforms touted as writing assistants are actually listening.
Internationally, organizations have weighed in. The EU’s Electronic Frontier advocates highlight how “free AI tools often take data from the many to benefit the few” and urge clear opt-outs for users. In India, ANI (the news agency plaintiff) argued that ChatGPT violated copyright and privacy by storing reporters’ content. While that case is copyright-centered, it underscores privacy too. Meanwhile, China’s cyber-police have specifically barred government staff from feeding non-public information into foreign AI tools, a tacit recognition that “your conversation is our data.”
Comparative Insights: Who Collects the Most?
If you’re wondering which tool collects the most data: published analyses give clues. A Surfshark study of app-store privacy labels (May 2025) found the average AI chatbot app tracks 13 categories of data. Meta’s AI app topped the list (collecting 32 of 35 types), but among writing/chat tools: Google’s Gemini took 22 types (including precise location) and ChatGPT only 10 types. ChatGPT notably does not include any tracking data or third-party ads in its mobile app.
By contrast, Jasper’s mobile app collects device IDs, interaction metrics and ads data (enough to track you on other apps). Copilot (Bing AI) and Poe were also flagged for tracking data. The Cybernews summary highlights: “ChatGPT collects less data… Copilot, Poe, and Jasper collect data that could be used to track users… Jasper collects product interaction data, advertising data, and other usage data”.
In practice, “more data” often means fewer privacy protections. For example, ChatGPT’s choice to avoid advertising means it has historically collected less advertising-related data. Google Gemini, on the other hand, tracks location, contacts and browsing history thereby generating an “excessive and intrusive” profile per Surfshark’s summary.
This is why ChatGPT’s board and documents stress no targeted ads, whereas big-tech bots integrate deeply with their ecosystems. Ultimately, no platform is zero-risk: even if app tracking is light, the cloud provider itself may mine your text. But among popular options, free versions of ChatGPT and Bard currently rank near the middle for data types collected, whereas others like Meta AI or Gemini (as apps) collect nearly everything.
Protecting Yourself: Best Practices
Given the mixed landscape, content writers need to act as their own gatekeepers. Here are key steps:
Read Privacy Policies (and Updates): Before committing secrets to any AI tool, review its privacy statements. Look for clear language on training data usage, data retention, and sharing. Note: policies change as 2025 updates on ChatGPT mean free data isn’t used by default anymore, but older chats remain at risk.
Use Opt-Outs and Privacy Modes: For ChatGPT, turn on “Don’t train on my data” in settings, and enable Temporary Chats to auto-delete after 30 days. If enterprise versions are available (which do not train on your data by default), consider them for sensitive content.
Minimize Personal Data in Prompts: Never feed personal identifiers, login credentials, or proprietary business info into a free AI chat. Instead, anonymize or generalize examples. Remember that even the content you think is generic can have traces (e.g. unique product details).
Limit Browser Extensions: Only install well-vetted AI plugins, and remove them when not needed. As shown, some extensions will track your every click. Use browser settings or privacy extensions (like Privacy Badger) to block unnecessary third-party requests.
Leverage Encryption and Secure Channels: If you must use AI, do so over secure connections. Ensure your network is trusted. Beware of public Wi-Fi or unknown VPNs, as IP logging might link your location.
Alternative Tools: Consider privacy-first AI systems or on-premises models. Some startups (e.g. private instances of AI, or open-source models you run locally) guarantee no data leaves your control. As a last resort, draft in offline writers and only use AI for small, trivial tasks.
The convenience of AI writing tools can come at the cost of privacy. Users should weigh efficiency against the risk that their words, style, and metadata become fodder for corporate datasets.
Citations and References
All citations in this investigation correspond to verified sources gathered during extensive research across multiple continents and databases. Full documentation available upon email to support the accuracy and verifiability of all claims made.
wired.com wired.com wizcase.com surfshark.com cybernews.com riskimmune.com reuters.com reuters.com pirg.org riskimmune.com transcend.io
About Our Investigative Services
Seeking to expose corruption, track illicit financial flows, or investigate complex criminal networks? Our specialized investigative journalism agency has proven expertise in following money trails, documenting human rights violations, and revealing the connections between organized crime and corporate malfeasance across the world and beyond.
Partner With Us for Impactful Change
Our investigative expertise and deep industry networks have exposed billion-dollar corruption schemes and influenced policy reform across Americas and beyond.
Whether you’re a government agency seeking independent analysis, a corporation requiring risk assessment and due diligence, or a development organization needing evidence-based research, our team delivers results that matter.
Join our exclusive network of premium subscribers for early access to groundbreaking investigations, or contribute your expertise through our paid contributor program that reaches decision-makers across the continent.
For organizations committed to transparency and reform, we also offer strategic partnership opportunities and targeted advertising placements that align with our mission.
Uncover unparalleled strategic insights by joining our paid contributor program, subscribing to one of our premium plans, advertising with us, or reaching out to discuss how our media relations and agency services can elevate your brand’s presence and impact in the marketplace.
Contact us today to explore how our investigative intelligence can advance your objectives and create lasting impact.
Read all investigative Reviews.
* For full transparency, a list of all our sister news brands can be found here.
