The Privacy Risks of Sharing Sensitive Data With AI

Imagine this: it is late in the evening, you are under pressure, and an AI chatbot offers exactly the kind of help you need.
You paste in a workplace email thread and ask it to write a response. Then you upload a medical report so it can explain the difficult language. A few minutes later, you share a bank message, a customer spreadsheet, or a photograph of an identification document because removing the details feels like extra work.
The chatbot answers quickly. The task is done. Nothing visibly goes wrong.
That quiet moment is what makes the risk easy to underestimate. Privacy mistakes do not always arrive with an alarm, a hacked screen, or an immediate financial loss. Sometimes the problem begins with a single prompt that contains far more information than the AI ever needed.
I have learned to treat an AI prompt the way I would treat an email being sent outside my organisation: before pressing enter, I pause and ask, “Would I be comfortable if this information were stored, reviewed for safety, exposed through an account compromise, or seen by someone I did not intend?” If the answer is no, I remove or replace the sensitive details.
This does not mean AI tools are automatically unsafe or that people should stop using them. It means we must use them with the same care we apply to online banking, cloud storage, workplace systems, and confidential conversations.
Quick Navigation
AI Feels Like a Private Conversation, but It Is Still a Digital Service
A polished chatbot can feel surprisingly personal. It responds instantly, remembers context within a conversation, and may speak in an empathetic tone. That experience can lower our natural caution.
However, typing into an AI service is not the same as speaking privately to a trusted friend, doctor, lawyer, counsellor, or colleague. Your message is transmitted to a provider’s systems, processed by software, and handled according to that service’s privacy policy, security architecture, account settings, retention rules, and product type.
Different AI services handle data differently. Some consumer services may allow conversations to be used to improve models unless the user changes a setting. Some business or enterprise products may exclude organisational data from model training by default. Temporary-chat features may also have different retention rules from ordinary chats.
The practical lesson is simple: never assume that every chatbot, AI writing tool, browser extension, meeting assistant, image generator, or “free AI” website provides the same privacy protections.
A useful privacy rule: Do not give an AI system the real information when anonymised, fictional, summarised, or redacted information would produce an equally useful answer.
What Counts as Sensitive Data?
Most people know that passwords are sensitive. The harder part is recognising the ordinary-looking information that can become dangerous when combined with other details.
Sensitive data includes information that could identify someone, unlock an account, expose a private condition, damage a reputation, violate a duty of confidentiality, or help an attacker build a convincing scam.
- Login and security details: passwords, one-time codes, recovery codes, PINs, API keys, secret questions, private encryption keys, Wi-Fi credentials, access tokens, or session cookies.
- Identity information: national ID or passport numbers, birth certificates, signatures, tax numbers, driving licences, employee numbers, biometric data, or full photographs of identity documents.
- Financial information: card numbers, bank account details, mobile-money messages, payslips, loan statements, transaction histories, insurance documents, and investment records.
- Health and highly personal information: diagnoses, prescriptions, laboratory results, disability information, reproductive health details, counselling notes, and intimate photographs.
- Workplace and business secrets: internal emails, unpublished reports, tenders, contracts, source code, network diagrams, incident reports, customer lists, pricing models, strategic plans, and legal advice.
- Third-party data: another person’s phone number, address, CV, complaint, medical condition, disciplinary record, school report, or private conversation.
- Location and routine data: a child’s school, home address, daily route, live location, travel itinerary, office access times, or information showing when a home will be empty.
Even a document that appears harmless may contain hidden information. Uploaded Word files, PDFs, photographs, spreadsheets, and screenshots can reveal names, comments, revision history, email addresses, GPS information, document properties, account numbers, or confidential text in the background.
What Can Happen After You Press “Send”?
The exact data flow depends on the service, but a prompt may pass through several layers. It can be transmitted over the internet, logged for reliability or security, linked to your account, retained for a period, processed by safety systems, included in backups, or handled by approved service providers.
Depending on the product and your settings, content may also be eligible for model improvement. That is why users should check the privacy policy and data controls of the particular service rather than relying on assumptions about “AI” in general.
Security controls reduce risk, but no online service can honestly be treated as immune to account takeover, software defects, insider misuse, misconfiguration, legal demands, or future policy changes. The safest confidential prompt is the one you never submit.
The Biggest Privacy Risks of Sharing Sensitive Information With AI
1. Account compromise can expose your chat history
If someone gains access to your AI account, email account, browser session, or unlocked device, they may be able to read past conversations and downloaded files. A reused password or successful phishing attack can turn months of helpful chats into a detailed profile of your work, health, family, and finances.
Use a unique password, enable multi-factor authentication when available, review active sessions, and avoid leaving accounts signed in on shared computers.
2. A prompt can expose someone who never consented
Many privacy mistakes involve other people. An employee may paste a customer complaint into a chatbot. A parent may upload a child’s medical report. A manager may share an applicant’s CV. A friend may submit private messages for “relationship analysis.”
The fact that you possess information does not automatically permit you to send it to a third-party AI service. In Kenya, the Data Protection Act establishes rights and obligations concerning how personal data is collected, used, retained, and shared. Organisations must have a lawful, specific purpose and apply appropriate safeguards.
3. Sensitive details can be revealed through outputs or connected tools
Modern AI systems may connect to files, email, calendars, databases, web pages, plugins, or organisational knowledge bases. These connections make AI more useful, but they also expand the possible attack surface.
OWASP identifies sensitive-information disclosure as a major risk in applications built around large language models. Poor access controls, unsafe integrations, prompt injection, excessive permissions, or insecure output handling can expose personal, financial, health, legal, or business information.
4. “Deleted” does not always mean instantly erased from every system
Deleting a chat can be useful, but people should read the provider’s policy before assuming that deletion removes every copy immediately. Security logs, legal holds, backups, de-identified records, or fixed retention periods may be treated differently.
Privacy decisions are therefore best made before submission, not after regret.
5. Small details can be combined into a powerful profile
A first name may seem harmless. So may a workplace, town, job title, child’s age, medical condition, or travel date. Together, those details can identify a person and help a criminal write a highly believable phishing message.
This is called the mosaic effect: separate pieces of information become more revealing when assembled. AI makes summarising and connecting those pieces easier, which is another reason to minimise identifying context.
You May Also Like to Read About
Why Workplace AI Use Requires Extra Care
One of the most tempting uses of AI is also one of the riskiest: pasting real work into a public chatbot because it saves time.
An employee may ask AI to summarise a police file, rewrite a legal letter, debug proprietary source code, analyse a customer database, prepare meeting minutes, or review an internal investigation. The output may be excellent, yet the input may breach organisational policy, professional secrecy, a contract, or data-protection law.
Before using AI for work, confirm whether your organisation has approved a specific tool. Business-grade services may offer stronger administrative controls, contractual protections, identity management, retention options, audit features, and different training defaults than ordinary consumer accounts.
Never paste these into an unapproved public AI tool
- Client names, case numbers, witness statements, personnel records, or disciplinary files
- Passwords, API keys, database credentials, server addresses, or security configurations
- Unreleased financial results, bids, contracts, pricing, strategy, or intellectual property
- Production source code containing secrets or proprietary business logic
- Any document marked confidential, restricted, privileged, secret, or for internal use only
Children’s Data Deserves an Even Higher Level of Protection
Parents naturally use technology to seek help with feeding, illness, schoolwork, behaviour, and development. But a child cannot realistically control what an adult uploads about them today or how that digital record may affect them later.
Avoid submitting a child’s full name, face, school, home address, birth certificate, medical number, live location, private photographs, or complete health report. Describe the issue in general terms and consult a qualified professional for medical, legal, safeguarding, or emergency matters.
A safer prompt would say, “A seven-year-old has had a mild cough for two days; what warning signs require urgent medical attention?” It usually does not need the child’s name, photograph, school, exact address, or patient number.
How to Use AI Without Giving Away More Than Necessary
1. Redact before you upload
Remove names, telephone numbers, email addresses, signatures, account numbers, addresses, identification numbers, QR codes, barcodes, faces, and unique case references. Do not simply draw a transparent shape over text; use a proper redaction tool or create a clean copy in which the information is genuinely removed.
2. Replace real details with placeholders
Use labels such as [CLIENT], [EMPLOYEE A], [COMPANY], [DATE], [AMOUNT], or [LOCATION]. Keep a separate private key only if you need to restore the details later.
Instead of pasting a real letter, you can say: “Rewrite this complaint response professionally. A customer alleges delayed service, and the company needs to acknowledge the concern without admitting liability.”
3. Share the minimum useful excerpt
An AI assistant rarely needs a complete 30-page document to improve one paragraph. Extract only the section needed for the task and remove unrelated personal information.
4. Check privacy settings before sensitive work
Review whether chat history, model-improvement settings, memory, connected applications, file retention, temporary-chat options, and data-export controls are enabled. Recheck them occasionally because services and settings can change.
5. Use approved organisational tools
For workplace data, use only tools approved by your employer’s ICT, legal, information-security, or data-protection teams. Approval should consider contracts, data location, access controls, retention, incident response, audit logs, and whether submitted content is used for training.
6. Verify browser extensions and “AI wrapper” websites
A website may advertise access to a famous AI model while collecting prompts through its own servers. A browser extension may request permission to read every webpage you visit. Use the official service where possible, review permissions, and be suspicious of free tools that provide no clear company identity or privacy policy.
7. Treat AI output as potentially shareable
Do not ask an AI tool to repeat secrets into a report, presentation, code file, or email. Generated content can be copied into logs, shared folders, version-control systems, or public documents without anyone noticing the hidden sensitive material.
The 10-Second Safety Check
Before submitting a prompt, ask:
- Does this contain a password, code, account number, ID, address, or private document?
- Does it identify another person who has not agreed to this use?
- Would disclosure cause financial, legal, professional, emotional, or safety harm?
- Can I replace the real details with placeholders?
- Is this AI tool approved for the type of data I am using?
What to Do If You Have Already Shared Sensitive Information
Do not panic, but act according to the type of information exposed.
- Delete the conversation or uploaded file using the service’s available controls, while remembering that the provider’s retention policy may still apply.
- Change exposed passwords immediately. Revoke API keys, recovery codes, tokens, sessions, or credentials rather than merely deleting the chat.
- Contact your bank or mobile-money provider if card, account, PIN, verification, or transaction details were exposed.
- Inform your employer promptly if the information belongs to your organisation, a colleague, a client, or the public. Early reporting can reduce harm.
- Review account security by changing reused passwords, enabling multi-factor authentication, and checking active sessions.
- Document what was shared, when, and where. This can help an information-security or data-protection team assess the incident.
- Use the provider’s privacy request process where appropriate to request access, deletion, correction, or other available rights.
Where another person’s data, protected workplace information, or a large dataset is involved, seek advice from the responsible data-protection, legal, compliance, or cybersecurity officer. A serious incident may create notification duties under applicable law.
What Organisations Should Put in Place
Telling employees “do not share confidential data” is not enough. People need approved alternatives and clear examples that match their daily work.
- An acceptable-use policy defining approved tools, prohibited data, permitted tasks, and escalation procedures.
- Data classification so staff can distinguish public, internal, confidential, restricted, and legally privileged information.
- Enterprise access controls including single sign-on, multi-factor authentication, role-based access, logging, and prompt-retention settings.
- Vendor assessment covering data use, subcontractors, breach handling, deletion, international transfers, security certifications, and contractual obligations.
- Practical staff training using realistic examples such as CVs, invoices, code, customer complaints, medical documents, and meeting transcripts.
- Incident-reporting channels that encourage fast, blame-free reporting when a person makes a mistake.
- Data protection impact assessments for high-risk AI uses involving profiling, sensitive data, children, large-scale monitoring, or automated decisions.
NIST’s AI Risk Management Framework encourages organisations to govern, map, measure, and manage AI risks rather than treating privacy as an afterthought. Kenya’s Office of the Data Protection Commissioner has also emphasised the importance of applying data-protection principles when personal data is processed through AI systems.
Final Takeaway: Be Useful to the AI Without Becoming Identifiable to It
AI can help us write, learn, troubleshoot, analyse, translate, brainstorm, and communicate more effectively. The goal is not to fear the technology. The goal is to stop confusing convenience with confidentiality.
Before sharing anything sensitive, remove what the AI does not need. Replace names with roles. Replace account numbers with placeholders. Summarise private documents instead of uploading them. Use approved business tools for workplace information and review the privacy controls of every service you use.
The best prompt is not always the one containing the most detail. It is the one containing the minimum safe detail required to get a useful answer.
Once sensitive information leaves your device, you may lose control over where it is processed, how long it is retained, and who could eventually gain access. A few seconds spent redacting a prompt can protect your identity, finances, career, organisation, clients, and family for years to come.
Editorial note: This article provides general privacy and cybersecurity education. It is not legal, medical, or financial advice. Privacy settings, product terms, and laws may change; confirm current requirements with the relevant provider or qualified professional.
References and Further Reading
- Office of the Data Protection Commissioner, Kenya — Compliance With Data Protection Regulations in the Wake of Growing AI Regulation
- Kenya Data Protection Act, 2019
- ODPC Kenya — Rights of a Data Subject
- OWASP GenAI Security Project — Sensitive Information Disclosure
- National Institute of Standards and Technology — AI Risk Management Framework
- U.S. Federal Trade Commission — AI Companies Must Uphold Privacy and Confidentiality Commitments
- UK Information Commissioner’s Office — Guidance on AI and Data Protection
- OpenAI — Consumer Privacy Controls
- OpenAI Help Centre — Data Controls FAQ
About the author
Caleb Muga is the founder of SurgeTechKnow, an ICT professional and software developer with BBIT, CCNA training, cybersecurity awareness and OPSWAT file-security training. Articles are written to simplify practical technology, cybersecurity, networking and ICT support topics for real users.
Read the full SurgeTechKnow profile →
