Google just announced an AI agent that never stops watching you. Canada’s privacy commissioners ruled that OpenAI broke the law from the start. Atlassian is about to train on your Jira tickets by default. And a US bank accidentally fed customer Social Security numbers to a chatbot.
Here’s what happened, who’s affected, and what you can do about it.
Gemini Spark: Google’s 24/7 Surveillance Agent
At Google I/O on May 20, Google unveiled Gemini Spark — a “personal AI agent” that runs in the cloud around the clock, even when your phone is locked and your laptop is closed. Built on Gemini 3.5 Flash, Spark connects to Gmail, Calendar, Docs, Drive, Photos, and third-party services like OpenTable and Instacart.
The pitch: Spark handles tasks in the background so you don’t have to. It books reservations, monitors your inbox, researches topics, and takes action on your behalf.
The reality: this is the most aggressive data access model any major tech company has shipped.
What Spark can see. Through an opt-in menu, Spark gets access to your email, documents, photos, and calendar. Features like Deep Research pull from Gmail, Docs, Photos, and Drive simultaneously. To work with third-party services, it shares “relevant information” with those companies — meaning your personal data flows to OpenTable, Instacart, and whoever else Google partners with.
What Spark can do without asking. A leaked onboarding screen warned that Spark “may do things like share your info or make purchases without asking.” Google expects users to configure permissions and supervise the agent’s behavior. But the default permission model is permissive, not restrictive.
The real concern isn’t the agent. It’s the profile. A 24/7 agent that reads all your mail, scans your documents, and monitors your calendar doesn’t just complete tasks — it builds the most detailed behavioral profile Google has ever had access to. Your work patterns, communication habits, purchase decisions, travel plans, health appointments, financial correspondence — all continuously processed.
Google says Gemini Apps Activity data can be opted out of model training. But “functional improvements” may still use limited data for up to 72 hours. And opting out of training doesn’t opt you out of the profiling that makes Spark work in the first place.
How to protect yourself: Don’t enable Spark. If you want to try it, review the permissions menu carefully and disable access to Gmail, Drive, and Photos. Go to myactivity.google.com/product/gemini and disable Gemini Apps Activity. Accept that turning it off may break Spark’s core features — that’s the point.
Canada Rules OpenAI Broke Privacy Law From Day One
On May 6, four Canadian privacy regulators — the federal Privacy Commissioner plus the commissioners for Québec, British Columbia, and Alberta — published findings from a joint investigation into OpenAI. The conclusion: ChatGPT was trained in violation of Canadian privacy law.
The investigation found that OpenAI’s data collection was overly broad, sweeping up sensitive personal information including health conditions, political views, and information about children. The company scraped from publicly accessible internet sources, licensed third-party datasets from media outlets and stock image vendors, and collected data from ChatGPT users — all without adequate consent, transparency, or retention policies.
The specific violations:
- Consent: OpenAI didn’t get meaningful consent from the people whose data it scraped to train its models. The investigation found the company failed to meet consent requirements under all four provincial and federal privacy statutes.
- Transparency: OpenAI didn’t adequately tell people what it was collecting or how it was using their information — violating openness requirements.
- Retention: No appropriate policies for how long personal data would be kept or when it would be deleted.
- Accuracy: Insufficient measures to ensure personal information in its models was correct — a problem anyone who’s seen ChatGPT confabulate biographical details already knows about.
OpenAI has since retired its earlier models that were trained in ways that violated Canadian law, and says it has “significantly limited” the use of personal and sensitive information in training newer models. The commissioners acknowledged these steps but noted that the company’s compliance remains a work in progress.
This matters beyond Canada. The investigation establishes a precedent that scraping publicly available data doesn’t exempt companies from privacy law. If you posted something publicly, that doesn’t mean any company can hoover it up for AI training without telling you.
Atlassian Will Train on Your Jira Data — Opt Out Before August 17
Atlassian reversed a prior commitment that customer data would not be used for AI training. Starting August 17, 2026, the company will begin harvesting metadata and in-app content from Jira, Confluence, Jira Service Management, and other Cloud products to train its AI models. Roughly 300,000 customer organizations are affected.
The backlash has been fierce. Community members have described the change as “surruptitiously tacked-on” and called it an “incremental bait and switch.”
The worst part is how Atlassian structured the opt-out:
- Free and Standard plans: Metadata contribution is permanently enabled with no opt-out. Your project names, ticket titles, workflow structures, and user activity patterns will feed Atlassian’s AI models whether you want it to or not.
- Premium and Enterprise plans: In-app data collection is turned on by default but can be disabled by an admin.
- All plans: In-app data collection (the actual content of your tickets and pages) is on by default.
If your company uses Atlassian Cloud on a Premium or Enterprise plan, your admin needs to go to Atlassian Administration → Security → Data contribution and turn off in-app data collection before August 17.
If you’re on Free or Standard, you’re stuck. The only real opt-out is migrating off Atlassian’s cloud products.
A Bank Fed Customer SSNs to a Chatbot
On May 7, Community Bank — operating across Pennsylvania, Ohio, and West Virginia — filed an 8-K with the SEC disclosing that customer data had been exposed through “an unauthorized artificial intelligence-based software application.”
Translation: someone at the bank uploaded customer records to an AI chatbot. Names, dates of birth, and Social Security numbers were exposed. The bank discovered the unauthorized use on May 5 and has been sending notifications to affected customers, though it hasn’t disclosed how many people were impacted or which AI tool was used.
Attorneys are already investigating potential class action claims.
This is the nightmare scenario that security teams have been warning about since ChatGPT launched. Employees paste sensitive data into AI tools without understanding that they’re sending it to a third party. The AI company’s privacy policy — whatever it says — now covers your Social Security number.
Community Bank isn’t the first, and it won’t be the last. If your employer doesn’t have a clear policy on which AI tools are approved for handling sensitive data, this is the incident you show them.
Meanwhile, the White House Pulled Its Own AI Rules
President Trump was scheduled to sign an executive order on AI and cybersecurity on May 21, with tech CEOs lined up for the ceremony. Hours before the signing, the order was pulled.
The details of what was in the order and why it collapsed haven’t been fully reported. But the timing is worth noting: the administration that dismantled Biden’s AI safety framework 16 months ago was apparently trying to build replacement guardrails and couldn’t get them across the finish line. Whatever internal disagreements killed the order, the result is the same — the US continues operating without a comprehensive federal AI policy while Canada, the EU, and individual states move ahead with enforcement.
What You Can Do Right Now
Google Gemini Spark: Don’t enable it. If you already did, review permissions at myactivity.google.com/product/gemini and disable Gemini Apps Activity. Turn off “Smart features and personalization” in Gmail settings.
Atlassian Cloud (Premium/Enterprise): Have your admin go to Administration → Security → Data contribution and disable in-app data collection before August 17, 2026.
Atlassian Cloud (Free/Standard): Metadata sharing cannot be disabled. Evaluate whether your project data is sensitive enough to warrant moving to a self-hosted alternative like Jira Data Center or switching to tools like Linear, Plane, or GitLab.
ChatGPT: Go to Settings → Data Controls → “Improve the model for everyone” and toggle it off. Note: this only applies to the web and mobile apps. API and Team/Enterprise plans don’t train by default.
At work: If your company doesn’t have a policy on which AI tools employees can use with sensitive data, the Community Bank incident is your case study. Ask your IT department or manager what’s approved. Don’t paste customer data, financial records, or personal information into any AI tool that isn’t explicitly sanctioned for that use.
In general: Assume every AI tool trains on your input unless you’ve verified otherwise. Check settings after every app update — platforms have a habit of resetting opt-outs or adding new data collection toggles without announcement.