AI Browsers Expose Sensitive User Data

An August 2025 USENIX study by researchers from UCL, Mediterranea University, and UC Davis finds popular AI browser extensions and emerging AI browsers collect sensitive user data during simulated real-world browsing. Testers observed extensions and assistants (Merlin, Sider, Perplexity, Copilot) capture medical records, Social Security numbers, banking details, images, and browsing content and forward data to servers and trackers. Researchers warn stored data can be reused for model training and increases prompt-injection security risks.
Key Points
- 1Captured sensitive data including medical records, Social Security numbers, banking details, images, and browsing content.
- 2Forwarded webpage content and user prompts to company servers and third‑party trackers enabling cross‑site profiling.
- 3Recommend practitioners restrict AI sidebars, audit extension permissions, and avoid using them on sensitive websites.
Scoring Rationale
Strong, peer-reviewed empirical evidence of extensive data leaks; limitation: study focused on extensions and simulated browsing contexts.
Sources
Public references used for this report.
Practice with real Logistics & Shipping data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Logistics & Shipping problems