From Gmail to Word, your privacy settings and AI are entering into a new relationship
The Microsoft 365 website on a laptop arranged in New York, US, on Tuesday, June 25, 2024.
Bloomberg | Bloomberg | Getty Images
The beginning of the year is a great time to do some basic cyber hygiene. We’ve all been told to patch, change passwords, and update software. But one concern that has been increasingly creeping to the forefront is the sometimes quiet integration of potentially privacy-invading AI into programs.
“AI’s rapid integration into our software and services has and should continue to raise significant questions about privacy policies that preceded the AI era,” said Lynette Owens, vice president, global consumer education at cybersecurity company Trend Micro. Many programs we use today — whether it be email, bookkeeping, or productivity tools, and social media and streaming apps — may be governed by privacy policies that lack clarity on whether our personal data can be used to train AI models.
“This leaves all of us vulnerable to uses of our personal information without the appropriate consent. It’s time for every app, website, or online service to take a good hard look at the data they are collecting, who they’re sharing it with, how they’re sharing it, and whether or not it can be accessed to train AI models,” Owens said. “There’s a lot of catch up needed to be done.”
Where AI is already inside our daily online lives
Owens said the potential issues overlap with most of the programs and applications we use on a daily basis.
“Many platforms have been integrating AI into their operations for years, long before AI became a buzzword,” she said.
As an example, Owens points out that Gmail has used AI for spam filtering and predictive text with its “Smart Compose” feature. “And streaming services like Netflix rely on AI to analyze viewing habits and recommend content,” Owens said. Social media platforms like Facebook and Instagram have long used AI for facial recognition in photos and personalized content feeds.
“While these tools offer convenience, consumers should consider the potential privacy trade-offs, such as how much personal data is being collected and how it is used to train AI systems. Everyone should carefully review privacy settings, understand what data is being shared, and regularly check for updates to terms of service,” Owens said.
One tool that has come in for particular scrutiny is Microsoft’s connected experiences, which has been around since 2019 and comes activated with an optional opt-out. It was recently highlighted in press reports — inaccurately, according to the company as well as some outside cybersecurity experts that have taken a look at the issue — as a feature that is new or that has had its settings changed. Leaving the sensational headlines aside, privacy experts do worry that advances in AI can lead to the potential for data and words in programs like Microsoft Word to be used in ways that privacy settings do not adequately cover.
“When tools like connected experiences evolve, even if the underlying privacy settings haven’t changed, the implications of data use might be far broader,” Owens said.
A spokesman for Microsoft wrote in a statement to CNBC that Microsoft does not use customer data from Microsoft 365 consumer and commercial applications to train foundational large language models. He added that in certain instances, customers may consent to using their data for specific purposes, such as custom model development explicitly requested by some commercial customers. Additionally, the setting enables cloud-backed features many people have come to expect from productivity tools such as real-time co-authoring, cloud storage and tools like Editor in Word that provide spelling and grammar suggestions.
Default privacy settings are an issue
Ted Miracco, CEO of security software company Approov, said features like Microsoft’s connected experiences are a double-edged sword — the promise of enhanced productivity but the introduction of significant privacy red flags. The setting’s default-on status could, Miracco said, opt people into something they aren’t necessarily aware of, primarily related to data collection, and organizations may also want to think twice before leaving the feature on.
“Microsoft’s assurance provides only partial relief, but still falls short of mitigating some real privacy concern,” Miracco said.
Perception can be its own problem, according to Kaveh Vadat, founder of RiseOpp, an SEO marketing agency.
“Having the default to enablement shifts the dynamic significantly,” Vahdat said. “Automatically enabling these features, even with good intentions, inherently places the onus on users to review and modify their privacy settings, which can feel intrusive or manipulative to some.”
His view is that companies need to be more transparent, not less, in an environment where there is a lot of distrust and suspicion regarding AI.
Companies including Microsoft should emphasize default opt-out rather than opt-in, and might provide more granular, non-technical information about how personal content is handled because perception can become a reality.
“Even if the technology is completely safe, public perception is shaped not just by facts but by fears and assumptions — especially in the AI era where users often feel disempowered,” he said.
Default settings that enable sharing make sense for business reasons but are bad for consumer privacy, according to Jochem Hummel, assistant professor of information systems and management at Warwick Business School at the University of Warwick in England.
Companies are able to enhance their products and maintain competitiveness with more data sharing as the default, Hummel said. However, from a user standpoint, prioritizing privacy by adopting an opt-in model for data sharing would be “a more ethical approach,” he said. And as long as the additional features offered through data collection are not indispensable, users can choose which aligns more closely with their interests.
There are real benefits to the current tradeoff between AI-enhanced tools and privacy, Hummel said, based on what he is seeing in the work turned in by students. Students who have grown up with web cameras, lives broadcast in real-time on social media, and all-encompassing technology, are often less concerned about privacy, Hummel said, and are embracing these tools enthusiastically. “My students, for example, are creating better presentations than ever,” he said.
Managing the risks
In areas such as copyright law, fears about massive copying by LLMs have been overblown, according to Kevin Smith, director of libraries at Colby College, but AI’s evolution does intersect with core privacy concerns.
“A lot of the privacy concerns currently being raised about AI have actually been around for years; the rapid deployment of large language model trained AI has just focused attention on some of those issues,” Smith said. “Personal information is all about relationships, so the risk that AI models could uncover data that was more secure in a more ‘static’ system is the real change we need to find ways to manage,” he added.
In most programs, turning off AI features is an option buried in the settings. For instance, with connected experiences, open a document and then click “file” and then go to “account” and then find privacy settings. Once there, go to “manage settings” and scroll down to connected experiences. Click the box to turn it off. Once doing so, Microsoft warns: “If you turn this off, some experiences may not be available to you.” Microsoft says leaving the setting on will allow for more communication, collaboration, and AI served-up suggestions.
In Gmail, one needs to open it, tap the menu, then go to settings, then click the account you want to change and then scroll to the “general” section and uncheck the boxes next to the various “Smart features” and personalization options.
As cybersecurity vendor Malwarebytes put it in a blog post about the Microsoft feature: “turning that option off might result in some lost functionality if you’re working on the same document with other people in your organization. … If you want to turn these settings off for reasons of privacy and you don’t use them much anyway, by all means, do so. The settings can all be found under Privacy Settings for a reason. But nowhere could I find any indication that these connected experiences were used to train AI models.”
While these instructions are easy enough to follow, and learning more about what you have agreed to is probably a good option, some experts say the onus should not be on the consumer to deactivate these settings. “When companies implement features like these, they often present them as opt-ins for enhanced functionality, but users may not fully understand the scope of what they’re agreeing to,” said Wes Chaar, a data privacy expert.
“The crux of the issue lies in the vague disclosures and lack of clear communication about what ‘connected’ entails and how deeply their personal content is analyzed or stored,” Chaar said. “For those outside of technology, it might be likened to inviting a helpful assistant into your home, only to learn later they’ve taken notes on your private conversations for a training manual.”
The decision to manage, limit, or even revoke access to data underscores the imbalance in the current digital ecosystem. “Without robust systems prioritizing user consent and offering control, individuals are left vulnerable to having their data repurposed in ways they neither anticipate nor benefit from,” Chaar said.
Microsoft CEO Satya Nadella speaks at the Axel Springer building in Berlin on Oct. 17, 2023. He received the annual Axel Springer Award.
Ben Kriemann | Getty Images
Among the thousands of Microsoft employees who lost their jobs in the cutbacks announced this week were 830 staffers in the company’s home state of Washington.
Nearly a dozen game design workers in the state were part of the layoffs, along with three audio designers, two mechanical engineers, one optical engineer and one lab technician, according to a document Microsoft submitted to Washington employment officials.
There were also five individual contributors and one manager at the Microsoft Research division in the cuts, as well as 10 lawyers and six hardware engineers, the document shows.
Microsoft announced plans on Wednesday to eliminate 9,000 jobs, as part of an effort to eliminate redundancy and to encourage employees to focus on more meaningful work by adopting new technologies, a person familiar with the matter told CNBC. The person asked not to be named while discussing private matters.
Scores of Microsoft salespeople and video game developers have since come forward on social media to announce their departure. In April, Microsoft said revenue from Xbox content and services grew 8%, trailing overall growth of 13%.
In sales, the company parted ways with 16 customer success account management staff members based in Washington, 28 in sales strategy enablement and another five in sales compensation. One Washington-based government affairs worker was also laid off.
Microsoft eliminated 17 jobs in cloud solution architecture in the state, according to the document. The company’s fastest revenue growth comes from Azure and other cloud services that customers buy based on usage.
CEO Satya Nadella has not publicly commented on the layoffs, and Microsoft didn’t immediately provide a comment about the cuts in Washington. On a conference call with analysts in April, Microsoft CFO Amy Hood said the company had a “focus on cost efficiencies” during the March quarter.
WATCH: Microsoft layoffs not performance-based, largely targeting middle managers
Technology
IPO market gets boost from Circle’s 500% surge, sparking optimism that drought may be ending
Jeremy Allaire, CEO and co-founder of Circle Internet Group, the issuer of one of the world’s biggest stablecoins, and Circle Internet Group co-founder Sean Neville react as they ring the opening bell, on the day of the company’s IPO, in New York City, U.S., June 5, 2025.
NYSE
For over three years, venture capital firms have been waiting for this moment.
Tech IPOs came to a virtual standstill in early 2022 due to soaring inflation and rising interest rates, while big acquisitions were mostly off the table as increased regulatory scrutiny in the U.S. and Europe turned away potential buyers.
Though it’s too soon to say those days are entirely in the past, the first half of 2025 showed signs of momentum, with June in particular producing much-needed returns for Silicon Valley’s startup financiers. In all, there were five tech IPOs last month, accelerating from a monthly average of two since January, according to data from CB Insights.
Highlighting that group was crypto company Circle, which more than doubled in its New York Stock Exchange debut on June 5, and is now up sixfold from its IPO price for a market cap of $42 billion. The stock got a big boost in mid-June after the Senate passed the GENIUS Act, which would establish a federal framework for U.S. dollar-pegged stablecoins.
Venture firms General Catalyst, Breyer Capital and Accel now own a combined $8 billion worth of Circle stock even after selling a fraction of their holdings in the offering. Silicon Valley stalwarts Greylock, Kleiner Perkins and Sequoia Capital are set to soon profit from Figma’s IPO, after the design software vendor filed its public prospectus on Tuesday. Since its $20 billion acquisition agreement with Adobe was scrapped in late 2023, Figma has been one of the most hotly anticipated IPOs in startup land.
It’s “refreshing and something that we’ve been waiting for for a long time,” said Eric Hippeau, managing partner at early-stage venture firm Lerer Hippeau, regarding the exit environment. “I’m not sure that we are confident that this can be a sustained trend yet, but it’s been very encouraging.”
Another positive sign for the industry the past couple months was the performance of artificial infrastructure provider CoreWeave, which went public in late March. The stock was relatively stagnant for its first month on the market but shot up 170% in May and another 47% in June.
For venture firms, long considered the lifeblood of risky tech startups, IPOs are essential in order to generate profits for the university endowments, foundations and pension funds that allocate a portion of their capital to the asset class. Without handsome returns, there’s little incentive for limited partners to put money into future funds.
After a record year in 2021, which saw 155 U.S. venture-backed IPOs raise $60.4 billion, according to data from University of Florida finance professor Jay Ritter, every year since has been relatively dismal. There were 13 such offerings in 2022, followed by 18 in 2023 and 30 last year, collectively raising $13.3 billion, Ritter’s data shows.
The slowdown followed the Federal Reserve’s aggressive rate-hiking campaign in 2022, meant to slow crippling inflation. As the lower-growth environment extended into years two and three, venture firms faced increasing pressure to return cash to investors.
‘Backlog of liquidity’
In its 2024 yearbook, the National Venture Capital Association said that even with a 34% increase in U.S. VC exit value last year to $98 billion, that number is 87% below the 2021 peak and less than half the average for the four years from 2017 through 2020. It’s a troubling dynamic for the 58,000 venture-backed companies that have raised a total of $947 billion from investors, according to the annual report, which is produced by the NVCA and PitchBook.
“This backlog of liquidity drought risks creating a ‘zombie company’ cohort — businesses generating operational cash flow but lacking credible exit prospects,” the report said.
Other than Circle, the latest crop of IPOs mostly consists of smaller and lesser-known brands. Health-tech companies Hinge Health and Omada Health are valued at about $3.5 billion and $1 billion, respectively. Etoro, an online trading platform, has a market cap of just over $5 billion. Online banking provider Chime Financial has a higher profile due largely to a years-long marketing blitz and is valued at close to $11.5 billion.
Meanwhile, the highest valued private companies like SpaceX, Stripe and Databricks remain on the sidelines, and AI highfliers OpenAI and Anthropic continue to raise massive amounts of cash with no intention of going public anytime soon.
Still, venture capitalists told CNBC that there are plenty of companies with the financial metrics to be public, and that more of them are readying for the process.
“The IPO market is starting to open and the VC world is cautiously optimistic,” said Rick Heitzmann, a partner at venture firm FirstMark in New York. “We are preparing companies for the next wave of public offerings.”
There are other ways to make money in the meantime. Secondary sales, a process that involves selling private shares to new investors, are on the rise, allowing early employees and investors to get some liquidity.
And then there’s what Mark Zuckerberg is doing, as he tries to position his company at the center of AI innovation and development.
Mark Zuckerberg, chief executive officer of Meta Platforms Inc., during the Meta Connect event on Wednesday, Sept. 25, 2024.
Bloomberg | Bloomberg | Getty Images
Last month, Meta announced a $14 billion bet on Scale AI, taking a 49% stake in the AI startup in exchange for poaching founder Alexandr Wang and a small group of his top engineers. The deal effectively bought out half of the stock owned by investors, leaving them with the opportunity to make money on the rest of their holdings, should a future acquisition or IPO take place.
The deal is a big win for Accel, which led Scale AI’s Series A round in 2017, and is poised to earn more than $2.5 billion in the transaction. Index Ventures led the Series B in 2018, and Peter Thiel’s Founders Fund led the Series C the following year at a valuation of over $1 billion.
Investors now hope the Federal Reserve will move toward a rate-cutting campaign, though the central bank hasn’t committed to one. There’s also ongoing optimism that regulators will make going public less burdensome. Last week, Reuters reported, citing sources familiar with the matter, that U.S. stock exchanges and the SEC have discussed loosening regulations to make IPOs more enticing.
Mike Bellin, who heads consulting firm PwC’s U.S. IPO practice, said he anticipates a diversity of IPOs across sectors in the second half of the year. According to data from PwC, pharma and fintech were among the most active sectors for deals through the end of May.
While the recent trend in IPO activity is an encouraging sign for investors, potential roadblocks remain.
Tariffs and geopolitical uncertainty delayed IPO plans from companies including Klarna and StubHub in April. Neither has provided an update on when they plan to debut.
FirstMark’s Heitzmann said the path forward is “not at all clear,” adding that he wants to see a strong quarter of economic stability and growth before confidently saying that the market is wide open.
Additionally, other than CoreWeave and Circle, recent tech IPOs haven’t had big pops. Hinge Health, Chime and eToro have seen relatively modest gains from their offer price, while Omada Health is down.
But virtually any activity beats what VCs were experiencing the last few years. Overall, Hippeau said recent IPO trends are generally encouraging.
“There’s starting to be kind of light at the end of the tunnel,” Hippeau said.
-
Sports3 years ago‘Storybook stuff’: Inside the night Bryce Harper sent the Phillies to the World Series
-
Sports1 year agoStory injured on diving stop, exits Red Sox game
-
Sports2 years agoGame 1 of WS least-watched in recorded history
-
Sports2 years agoMLB Rank 2023: Ranking baseball’s top 100 players
-
Sports4 years ago
Team Europe easily wins 4th straight Laver Cup
-
Environment2 years agoJapan and South Korea have a lot at stake in a free and open South China Sea
-
Sports2 years agoButton battles heat exhaustion in NASCAR debut
-
Environment2 years agoGame-changing Lectric XPedition launched as affordable electric cargo bike