At a Glance
- AI agents now need deep device access to function
- Big tech companies are already collecting user data for training
- Privacy experts warn of new risks and lack of opt-outs
- Why it matters: Users could lose control over personal data and security.
The rise of generative AI agents means companies can now act on your behalf-booking flights, researching, or adding items to carts-if they can access your device. To do so, they must reach the operating-system level and read your calendar, messages, emails, and cloud files. This deep reach raises fresh privacy and security concerns.
Why Agents Need Data
AI agents promise to be autonomous helpers that can perform multi-step tasks. To personalize responses and make decisions, they rely on a continuous stream of personal information. The more data they see, the more useful they become.
Current Data Practices
Many firms already collect user data for training and operation. For example, Microsoft’s Recall product takes screenshots of your desktop every few seconds so you can search everything you’ve done. Tinder’s AI feature scans photos on your phone to infer interests and personality. OpenAI and Google agents can read calendars, emails, and cloud files to execute tasks.
| Company | Feature | Data Accessed |
|---|---|---|
| Microsoft | Recall | Desktop screenshots every few seconds |
| Tinder | AI photo analysis | Phone photos for interest analysis |
| OpenAI / Google | Agents | Calendar, emails, messages, cloud files |
Privacy Risks and Expert Views
- Harry Farmer, a senior researcher at the Ada Lovelace Institute, warns that agents can pose a profound threat to cybersecurity and privacy.
- Carissa Véliz, associate professor at the University of Oxford, says most consumers have no way to verify how data is handled and that companies are “very promiscuous with data.”
- Meredith Whittaker, president of the Signal Foundation, states that agents that can touch the operating system pose an “existential threat” to Signal and application-level privacy.
Harry Farmer said:
> “AI agents, in order to have their full functionality, in order to be able to access applications, often need to access the operating system or the OS level of the device on which you’re running them,” and that this creates a data trade-off.
Carissa Véliz added:
> “These companies are very promiscuous with data. They have shown to not be very respectful of privacy.”
Meredith Whittaker told News Of Austin:
> “What we’re calling for is very clear developer-level opt-outs to say, ‘Do not touch us if you’re an agent.'”
Industry Push vs. Consumer Rights
Tech giants argue that deeper data access is essential for building useful agents, while privacy advocates insist that users must have control and transparency. The lack of opt-out mechanisms forces many consumers into a trade-off between convenience and privacy.
What Users Should Do
Users should review the permissions granted to AI agents and consider revoking access to sensitive data. They can also keep their devices and operating systems up to date, use privacy-focused tools, and stay informed about new AI features that may request additional data.
Key Takeaways
- AI agents require deep device access, increasing privacy risks.
- Big tech companies already collect extensive personal data for AI training.
- Experts call for clear opt-out options and stronger safeguards.
The growing power of AI agents highlights a pressing need for tighter privacy controls and user awareness.
