AI is here to stay, and companies are just starting to figure out how to harness its power to drive their business. Every day, companies rush to integrate AI into countless workflows: It’s being used to summarize documents, automate reports, create predictive analytics, and deliver support with chatbots. These changes are happening rapidly and opening new doors for businesses big and small, but these changes are also potentially exposing companies’ valuable proprietary data to new risks.

When businesses make their confidential information accessible to AI, it’s not always clear if this information could be reused or indexed by large language models (LLMs) as training data. There are also numerous examples of sensitive information being inadvertently exposed by AI tools. These aren’t simply privacy concerns; they are security risks that any company must consider before they use AI tools on their stored files.

How AI can put your files at risk without you knowing

AI has evolved and spread at an exponential rate. While most people are most familiar with the chatbots, like ChatGPT or Claude, Big Tech has been integrating generative AI systems that can ingest, index, and summarize content into spreadsheet, document, and email services. This integration brings powerful capabilities, but it introduces significant risk that few people are aware of.

According to a 2025 AI security survey(nuova finestra), Microsoft Copilot — which is embedded into tools like Excel, Word, and SharePoint — accessed nearly 3 million sensitive records per organization in the first half of the year alone. It also found that organizations averaged more than 3,000 interactions with Copilot in which sensitive business information could have been exposed. And a Google study said 90% of workers(nuova finestra) in the tech industry use AI to write or modify code. Even if these numbers are inflated, organizations need to factor AI tools into their threat model.

This is a new type of security risk. These files weren’t shared externally. In fact, they may not have been shared at all. But because they were stored in files Copilot could access, the information they contain could have been collected without users realizing it.

This can have serious ramifications. The police in Switzerland(nuova finestra) (source in French) and the FBI in the US(nuova finestra) have already been found using ChatGPT logs as part of their investigations. If Big Tech companies are an example, you can expect AI companies will soon receive hundreds of thousands of data requests from the US and EU government, if they’re not already.

Secure data storage is incredibly difficult when AI tools are this deeply embedded in the applications you use every day. Files stored in enterprise drives become searchable, summarizable, and ultimately vulnerable, blurring the traditional security concepts of access, permission, and oversight.

What about Google Workspace & Gemini?

These risks aren’t limited to Microsoft Copilot. Google Workspace is similarly integrating its AI tool, Gemini, directly into Drive, Sheets, and Docs.

Many enterprises will likely look at Google Workspace with Gemini integration as a strong default. According to Google’s own site(nuova finestra): “Your data is not reviewed by humans or used for generative AI model training outside your domain without permission.”

However, the rules that Google uses to take information to train its AI system are outlined in a way that creates a gray zone and raises questions:

  • Google now does use consumer chats and file uploads to train Gemini by default unless opted out of.
  • Google Gemini(nuova finestra)‘s support pages warn that information shared with its Gemini Apps will be reviewed by humans and could be used as a dataset to train AI.
  • In its Gemini privacy explainer, Google warns users(nuova finestra) to not share confidential information.
  • Enterprise documentation leaves room for interpretation with phrases like “without permission.”
  • Security vendors have flagged conditions in which business data could become training input, especially as AI features become more tightly integrated into file storage, search, and workflow tools.

This lack of clarity is concerning when Gemini is integrated into Drive, Docs, and Sheets. It’s not just a question of mis-sharing files, but about how these files inadvertently become part of AI workflows. How will the AI ingest, index, analyze, and store prompts or outputs, and will those logs still be under your organization’s control?

Even a well-governed system like Google Workspace is non-private and closed-source. Such systems may mitigate many risks, but for businesses holding highly sensitive data, the level of trust required might still be too high.

How to find a private AI for your business

Every file you upload to or share with an AI‑enabled system extends your attack surface. Simply uploading files to cloud storage could expose those files to AI training, depending on your service and plan. If those uploads are retained, indexed, or accessible in ways you’re not aware of or cannot control, your proprietary value is at risk.

Before your business chooses an AI tool, you should ask if you can guarantee that it or its file storage system won’t retain or expose critical data.

Here are two concrete demands you should make of any business AI tool:

  • Zero‑data retention: The AI system should not log or store prompts, responses, or file uploads beyond the business session unless explicitly required — and those logs should be under your business’s full control.
  • No external training: Your business’s data (including stored files) must not be used to train other models outside the business domain or shared across tenants.

What you can do now

Before you can choose the right tools, you need to appraise your situation and make sure you’re not inadvertently exposing sensitive data already:

  • Conduct an AI‑file‑storage risk audit: Identify all shared drives, team folders, and cloud storage where AI tools connect, and then map which tools ingest or index those files.
  • Define a clear governance policy for file ingestion into AI: Specify which AI tools are approved, what file types are allowed, whether indexing of repository files is turned off, etc.
  • Demand a vendor/solution that offers private AI with stringent controls: Choose an AI assistant that offers “no logs, no training, no sharing” as a baseline.
  • Monitor and restrict “shadow AI”, or individual members of your team using AI outside your security team’s framework, and unauthorized file uploads into AI tools. Enforce via data loss prevention and identity and access management practices as well as audit logging.
  • Choose a vendor whose business model does not rely on selling or extracting data. This ensures that its incentives always align with keeping your data secure.

Proton offers AI’s productivity without the risk

No business wants to unwittingly hand over its sensitive information. That’s why the Proton for Business tools are built around powerful encryption that puts you in control of who can access your information.

Proton Drive uses end-to-end encryption on all your files, so no one, not even Proton, can access them unless you share them. This prevents your files from every being exposed to or used to train AI. Proton Drive also gives you the ability to password-protect sharing links or turn off access in a single click, meaning you retain control.

We also built Lumo for Business, a private AI assistant that only works for you, not the other way around. With no logs kept and every chat and file you upload encrypted, Lumo keeps your conversations confidential and your data fully under your control — never shared, sold, or stolen.

At Proton, we build all our products with privacy by design. Businesses should be able to store files and use AI with confidence, knowing their most sensitive information remains protected.

In contrast to Big Tech, Proton doesn’t make money by selling your data. We’re supported exclusively by our community, not advertisers, and our base in privacy-friendly Europe gives us the legal protections to ensure that we can live up to our promises. Most important, we are owned by the nonprofit Proton Foundation, whose sole mission is to advance privacy and freedom.

By using Lumo for Business(nuova finestra), you can enjoy the benefits of an advanced AI assistant without the risk of your data being misused.