How Gemini in Chrome Tracks Your Most Sensitive Personal Data
Artificial intelligence (AI) is reshaping how we search, browse, and consume information online. Traditional web browsers are beginning to integrate AI assistants that can summarize content, anticipate queries, and personalize recommendations in real time.
For instance, Google is embedding its Gemini AI model into Chrome, the world’s most used web browser, with a 70% market share, including an AI assistant and AI mode integrated into the address bar.
All the major AI model developers are keen to move into web search in some way to maximize their data collection, which has triggered a new battle in the browser wars, with OpenAI and Perplexity expressing interest in acquiring Chrome.
On the surface, these advancements promise users convenience and efficiency. But they also raise questions about privacy, surveillance, and the ownership of user data.
Surfshark, a VPN service and digital privacy tool provider, warns:
“With the Gemini-in-Chrome integration, life will become so much easier for many. However, while convenience is important, users should be aware of the amount of data collected.”
Key Takeaways
- AI-powered browsers collect far more than search history – they can log users’ device IDs, private documents, and even banking and health data, raising privacy concerns.
- Google’s mobile Gemini-in-Chrome browser collects 24 different data types, according to analysis by SurfShark.
- Privacy-focused browser Brave is the most private mobile browser among the five analyzed, collecting only two data points for analytics and app functionality.
- Current data privacy regulations lag behind AI advances, and some AI assistants violate these rules.
- Privacy-first design is crucial for user trust, including transparency, local data processing, and independent audits.
AI Browsers & Data Collection: A Double-Edged Sword
Unlike traditional web browsers, which primarily track search history, cookies, and cached data, AI-powered browsers collect far more granular data. To “learn” from users, they can track how long they spend on each page, which passages they highlight, what information they copy and paste, and how they phrase prompts or queries.
This data is valuable for training large language models (LLMs), as AI developers can use it to fine-tune results, personalize ads, and improve predictive algorithms. But if this data is mishandled, it can expose sensitive details about the user’s work, health, finances, and private communications.
With AI browsers and the new generation of AI agents able to see, track, and interact with everything users do, they are exposed to a new type of surveillance.
Karolis Kaciulis, Leading System Engineer at Surfshark, said:
“My key question is, do companies see users’ privacy and security as their main focus area? Otherwise, what consequences are we, as users, going to face after one, five, or ten years of feeding agentic browsers with our most private and sensitive information?”
The likes of Google are pushing agentic browsers as intelligent assistants that can organize research, generate summaries, and even draft responses to emails. But this functionality requires these browsers to have deep visibility into the user’s online activity.
They can interpret the content of emails, financial spreadsheets, or confidential work documents opened in tabs. The more the browser “understands” the user, the more useful it becomes in automating actions, but it also collects more data, making the user more vulnerable if that data is shared, sold, or breached.
So, how much data do the current AI browsers collect?
How Much Data Do AI Browsers Like Chrome, Edge & Brave Collect?
Google’s mobile Chrome browser with integrated Gemini agentic AI collects the most data by far among the five AI-integrated browsers examined by SurfShark.
Chrome and Gemini collect 24 different data types, including:
- User’s name
- Location
- Device ID
- Browsing and search history
- Product interactions and purchase history
While tech giant Microsoft has integrated its agentic AI, Copilot, into its Edge browser, it collects fewer data types: customer support information, browsing history, device ID, product interactions, and performance data. However, Surfshark found that Copilot also collects the user’s name, location, photos or videos, audio data, search history, user ID, advertising data, and diagnostic data.
AI chatbot search engine Perplexity recently launched its Comet browser embedded with agentic AI, which is currently only available for desktop users. This collects 10 types of data, including location, user ID, device ID, product interactions, purchase history, and other diagnostic-related data, SurfShark said.
Opera, which released its first web browser way back in 1996, is developing its agentic AI, Neon, which is designed to understand the user’s intent, assist them with tasks, and take actions. There is currently a waiting list to gain access to the alpha version. Opera refers to the mobile version as an AI browser, which uses the Aria AI assistant to collect six data points, none of which are linked to the user, for third-party advertising and analytics, according to SurfShark.
In keeping with its focus on privacy, Brave’s browser, integrated with its agentic AI Leo, is the least data-hungry and most private mobile browser among the five analyzed. It collects only usage data (for analytics purposes) and user ID (for app functionality).
As SurfShark points out, Brave shows that it is possible for a company to develop a web browser that embeds agentic capabilities while also addressing AI privacy concerns.
Other browsers, including Firefox, allow users to add agentic AI extensions like ChatGPT.
SurfShark stated:
“While these tools are undeniably useful, installing them can expose additional personal data to third-party companies. For this reason, it is essential to understand the data collection practices of these tools in order to find the best balance between data privacy and functionality.”
|Browser & Integrated AI
|Number of Data Types Collected
|Types of Data Collected
|Google Chrome (Gemini)
|24 data types
|Name, location, device ID, browsing history, search history, product interactions, purchase history, plus other behavioral and diagnostic data.
|Microsoft Edge (Copilot)
|12 data types
|Customer support info, browsing history, device ID, product interactions, performance data, name, location, photos/videos, audio data, search history, user ID, advertising data, and diagnostic data.
|Perplexity (Comet)
|10 data types
|Location, user ID, device ID, product interactions, purchase history, diagnostic data, and other usage-related identifiers.
|Opera (Aria / Neon)
|6 data types (none linked to user)
|Anonymous usage data for third-party advertising and analytics – not tied to individual identity.
|Brave (Leo)
|2 data types
|Usage data (for analytics) and user ID (for app functionality). It is the most privacy-focused among the five browsers.
AI Browser Extensions Violate Privacy & Data Laws
Similarly, a US study by researchers from UCL, UC Davis, and Mediterranea University of Reggio Calabria of 10 of the most popular generative AI browser extensions, such as ChatGPT for Google, Merlin, and Microsoft Copilot, found that they collect and share sensitive user data, such as medical records and social security numbers, without adequate safeguards.
The analysis revealed that several AI assistants transmitted full web page content, including any information visible on screen, to their servers. Merlin even captured data entered into forms such as online banking details or health information. Extensions like Sider and TinaMind shared user information that could identify them, such as their IP address, with platforms like Google Analytics, which would enable potential cross-site tracking as well as ad targeting.
In fact, several assistants, including ChatGPT for Google, Copilot, Monica, and Sider, were able to infer user attributes such as age, gender, income, and interests and used that data to personalize their responses, even across different browsing sessions.
The study highlights the urgent need for regulators to act to protect users’ personal data, the authors said, as some assistants violated US data protection laws such as the Health Insurance Portability and Accountability Act (HIPAA) and the Family Educational Rights and Privacy Act (FERPA) by collecting protected health and educational information.
Given that EU and UK data privacy laws, such as the General Data Protection Regulation (GDPR), are more stringent, they would also be violated.
Dr. Anna Maria Mandalari, senior author of the study from UCL Electronic & Electrical Engineering, said:
“Though many people are aware that search engines and social media platforms collect information about them for targeted advertising, these AI browser assistants operate with unprecedented access to users’ online behavior in areas of their online life that should remain private. While they offer convenience, our findings show they often do so at the cost of user privacy, without transparency or consent, and sometimes in breach of privacy legislation or the company’s own terms of service.”
Who Controls the Data?
The core issue lies in ownership and consent. Do the world’s browser users truly understand what they’re giving up when they opt in to “improve AI accuracy” or agree to share “anonymous data”? In practice, anonymization can be weak, as browsing patterns are often unique enough to identify the user.
Tech companies can potentially gain substantially from amassing these detailed behavioral datasets, which they can monetize for advertising or use to advance their proprietary AI systems. But for users, convenience may come at the expense of control over their sensitive personal information.
Legal frameworks like GDPR and California’s Consumer Privacy Act (CCPA) give users some rights over their data. But these regulations were written before the explosion of AI-powered consumer tools, and as the UCL-led study shows, AI browser assistants already violate them.
Without updated legal guardrails, AI browsers could become Trojan horses for mass data harvesting.
UCL’s Mandalari said:
“This data collection and sharing is not trivial. Besides the selling or sharing of data with third parties, in a world where massive data hacks are frequent, there’s no way of knowing what’s happening with your browsing data once it has been gathered.”
- Developers should adopt privacy-by-design principles, such as local processing or explicit user consent for data collection, the study authors recommended.
- Developers should ensure AI browsers and extensions are transparent, providing clear, accessible disclosures about what data they collect and why, and external verification of whether they uphold their privacy commitments.
- They should also allow users to opt out of data collection or delete browsing histories entirely, and run AI features locally on-device rather than in the cloud, where possible.
Companies that prioritize privacy will likely build stronger trust with users in the long run.
The Bottom Line
AI browsers are at the forefront of the next generation of web interaction, offering users smarter, more intuitive online experiences. But they also threaten to deliver convenience and personalization at the expense of privacy and control.
The question users and regulators must ask is: How much of ourselves are we willing to give away for the sake of smarter browsing?
FAQs
What private data does the Gemini AI browser collect from users?
Gemini collects 24 different data types from users, including their name, location, device ID, browsing and search history, product interactions, and purchase history.
How do agentic browsers like Gemini impact online privacy and security?
Agentic browsers go beyond traditional browsing by actively engaging with the web on the user’s behalf. Users may not fully understand how much of their activity is being stored and shared, and sensitive data could be exposed.
What are the biggest risks of AI-powered browsers tracking user activity?
Risks include data profiling and surveillance, re-identification of anonymous data, loss of user control, and security vulnerabilities.
References
- Chrome: The browser you love, reimagined with AI (Google)
- Browser Market Share Worldwide (Statcounter Global Stats)
- Gemini in Chrome: collects the most user data among all browser-integrated AIs (Surfshark)
- AI web browser assistants raise serious privacy concerns (UCL)
