What is LLM data leakage
and how do you stop it?

In 2023, Samsung engineers pasted proprietary semiconductor source code into ChatGPT to get help debugging. The code was then stored on OpenAI's servers. Samsung subsequently banned the use of generative AI tools internally. It was a high-profile incident, but not an unusual one: employees at companies of all sizes are doing the same thing every day, often without realizing the risk.

LLM data leakage is the unintended exposure of personal, sensitive, or confidential information through large language model AI systems. It is not a niche concern. It is a default property of how most public AI tools are designed.

The mechanics of leakage

Prompt logging

Every query you send to a public AI tool is typically logged by the provider. This includes the full text of your prompt, your account identifier, your IP address, your device, and the timestamp. Even if you delete your conversation history in the interface, the backend logging usually persists.

Human review

AI companies use human reviewers to evaluate conversations for safety, quality, and model improvement. These reviewers can see your full conversation text. Most privacy policies disclose this, though in language few users read carefully.

Training data inclusion

Your conversations may be used to improve future model versions. Most platforms now offer an opt-out, but opt-outs typically apply only to the model training purpose — not to logging, safety review, or product analytics. And opt-out settings can change when terms are updated.

Context window exposure

When AI is integrated into productivity tools — Microsoft Copilot in Word, Google Gemini in Docs — the entire document you are working on is often sent to the AI as context. A financial model, a legal brief, a medical record, a strategic plan: all of it may transit through a third-party server every time you use the AI feature.

Cross-platform profile building

Your AI usage is linked to your account identity. The AI company knows that the same person who asked about their health symptoms last Tuesday asked about their financial situation on Thursday. Over time, this creates a detailed, linked profile that extends far beyond any single conversation.

Three types of leakage by severity

Individual privacy leakage

Medical concerns, mental health, relationship problems, political and religious views, financial anxieties: personal information that you would not want profiled and stored by a corporation. Most users share this kind of information with AI regularly because it is genuinely useful to do so.

Professional and organizational leakage

Business strategy, client information, source code, employee data, legal analysis, financial projections: organizational information that employees use AI to help with, often through personal accounts with no enterprise agreement in place. This is a significant and largely unmanaged risk at most organizations.

Systemic and regulatory leakage

In regulated industries — healthcare, finance, legal — using public AI tools may create compliance violations if patient data, client information, or privileged communications are included in prompts. This is not a theoretical risk: regulators in multiple industries have issued guidance on AI tool usage.

How nexie stops it

nexie is built as a privacy layer between you and the AI models you use. When you query through nexie:

• Your personal identity is stripped before the query reaches any AI model provider.
• Your conversation history is stored in systems you control, not on a provider's training infrastructure.
• Your personal context — the accumulated knowledge nexie has about you — enriches your query privately, without being exposed to the model.
• You can delete everything, completely, at any time.

You still get the intelligence of the world's best models. The leakage stops.