Le Chat tops AI privacy rankings while Meta AI ranks worst, according to study

Privacy has become the new battleground in artificial intelligence, and the stakes couldn’t be higher for businesses choosing which AI tools to deploy. While these powerful systems promise to revolutionize everything from customer service to content creation, they’re simultaneously vacuuming up unprecedented amounts of user data to fuel their capabilities.

A comprehensive new analysis from Incogni, a data removal service, reveals stark differences in how major AI platforms handle user privacy. The findings matter because the AI assistant you choose for your organization could determine whether sensitive business conversations end up training competitors’ models or get shared with unknown third parties.

The study evaluated nine leading AI services across 11 privacy criteria, from data collection practices to user control options. The results paint a clear picture: smaller, specialized AI companies generally respect user privacy more than tech giants with vast advertising empires to feed.

Why AI privacy matters for business

Understanding AI privacy isn’t just about compliance—it’s about competitive advantage and risk management. When employees use AI tools for brainstorming, drafting contracts, or analyzing market data, that information could potentially be harvested to improve the underlying AI models. In the worst-case scenario, proprietary business insights might inadvertently train systems that competitors also use.

The core issue stems from how AI systems learn. Large language models (LLMs)—the technology powering ChatGPT, Claude, and similar tools—require massive amounts of text data for training. Companies obtain this data from public sources like websites and books, but many also use conversations with actual users to continuously improve their systems. This creates a fundamental tension: the more data these systems consume, the better they perform, but the more privacy risks they create for users.

The privacy evaluation methodology

Incogni’s research team examined how each AI platform handles 11 critical privacy dimensions:

• Training data sources: What information feeds into the AI models initially
• User conversation harvesting: Whether your chats become training material
• Third-party data sharing: Who else gets access to your prompts and responses
• Data removal rights: Whether you can delete your information from training datasets
• Training transparency: How clearly companies explain their data usage
• Documentation accessibility: How easy it is to find privacy information
• Policy clarity: Whether privacy policies are written in plain English
• Data collection scope: What personal information the apps actually gather
• Sharing partnerships: Which external organizations receive user data

The evaluation covered major players including OpenAI’s ChatGPT, Google’s Gemini, Microsoft’s Copilot, Meta AI, Anthropic’s Claude, Mistral AI’s Le Chat, xAI’s Grok, Inflection AI’s Pi, and DeepSeek.

The complete privacy rankings

1. Le Chat (Mistral AI) – Most Privacy-Friendly

Mistral AI’s Le Chat emerged as the clear winner for privacy-conscious users. The French AI company limits data collection significantly and provides strong transparency about its practices. While it lost some points for documentation clarity, Le Chat offers users meaningful control over their data and maintains relatively minimal harvesting of user conversations.

2. ChatGPT (OpenAI) – Strong Transparency Leader

Despite being one of the most popular AI tools, ChatGPT earned high marks for clearly explaining how user data flows through its systems. OpenAI provides straightforward options to prevent conversations from being used in model training, and its privacy documentation received top scores for readability and accessibility.

3. Grok (xAI) – Clear Communication

Elon Musk’s xAI platform Grok ranked third, particularly excelling at transparently communicating when user prompts might be used for training purposes. However, the service lost points for having a less readable privacy policy that makes it harder for users to understand their options.

4. Claude (Anthropic) – Research-Focused But Private

Anthropic’s Claude scored well overall but faced scrutiny for potentially sharing prompts with research collaborators. The company states it never uses user conversations to train its models, which helped its ranking despite some transparency concerns.

5. Pi (Inflection AI) – Mixed Performance

Inflection AI’s Pi showed decent privacy practices in some areas but struggled with user control options, particularly around preventing conversation data from being used in model training.

6. DeepSeek – Limited User Control

The Chinese AI company DeepSeek ranked in the bottom half, primarily due to policies that don’t clearly allow users to opt out of having their prompts used for model training. The service also indicates it may share data within its corporate group.

7. Copilot (Microsoft) – Enterprise Complexity

Microsoft’s Copilot received poor marks for AI-specific privacy practices. The service’s privacy policy suggests user prompts might be shared with third-party advertising partners, raising significant concerns for business users.

8. Gemini (Google) – Advertising Integration Concerns

Google’s Gemini struggled with privacy rankings, likely due to the company’s advertising-centric business model. Users appear to have limited ability to prevent their conversations from being used in model training.

9. Meta AI – Worst Overall Privacy Practices

Meta’s AI assistant ranked last across multiple categories. The platform received the worst scores for overall data collection and sharing practices, with policies indicating prompts can be shared within Meta’s corporate family and with research partners.

The big tech privacy penalty

A clear pattern emerged from the rankings: AI tools from major technology companies with established advertising businesses performed significantly worse than specialized AI firms. Meta, Google, and Microsoft—companies that built their empires on data collection and targeted advertising—all landed in the bottom half of privacy rankings.

This isn’t entirely surprising. These companies operate vast ecosystems where user data flows between multiple products and services. Microsoft’s privacy policy, for example, suggests that Copilot conversations might be shared with advertising partners. Meta’s policies indicate AI prompts could be distributed across its family of companies, potentially including Facebook and Instagram.

Conversely, companies focused primarily on AI services—like Mistral AI and Anthropic—showed stronger privacy practices. These firms have less incentive to monetize user data through advertising and face fewer conflicts between privacy protection and revenue generation.

What you can and cannot control

The study revealed significant variations in user control across platforms. Some AI services provide clear opt-out mechanisms for training data usage:

• ChatGPT: Offers straightforward settings to prevent conversations from being used in model training
• Copilot: Provides options to limit data usage for model improvement
• Le Chat: Gives users control over how their data contributes to training
• Grok: Allows users to prevent prompt harvesting for model development

However, several major platforms appear to offer no clear way to opt out of training data usage:

• Gemini: Policies don’t clearly indicate users can prevent training data usage
• DeepSeek: No apparent opt-out mechanism for model training
• Pi AI: Limited user control over conversation data usage
• Meta AI: No clear options to prevent training data harvesting

Anthropic takes a different approach entirely, stating that Claude never uses user conversations for model training, eliminating the need for opt-out controls.

Business implications and recommendations

For organizations evaluating AI tools, these privacy rankings carry significant strategic implications:

For highly regulated industries: Companies in healthcare, finance, or legal services should prioritize AI tools with strong privacy controls and clear data handling policies. Le Chat and ChatGPT offer the best combination of capability and privacy protection.

For competitive intelligence work: Businesses using AI for market analysis or strategic planning should avoid platforms that might share prompts with research partners or corporate affiliates. This particularly concerns Meta AI and potentially Claude.

For customer-facing applications: Organizations deploying AI for customer service should ensure they understand exactly how customer interactions might be used. Microsoft Copilot’s potential advertising partner sharing could create compliance issues.

For international operations: Companies operating in regions with strict data protection laws should favor AI providers with clear, readable privacy policies and strong user control options.

Practical steps for privacy protection

Regardless of which AI platform you choose, several strategies can help protect sensitive business information:

• Review and adjust privacy settings immediately after account setup, particularly for ChatGPT, Copilot, and Grok
• Avoid sharing proprietary information in AI conversations, especially on platforms without clear training opt-outs
• Use separate accounts for different types of AI interactions to limit cross-contamination of sensitive data
• Regularly audit AI usage across your organization to ensure employees understand privacy implications
• Consider enterprise versions of AI tools, which often include additional privacy protections

The privacy-capability tradeoff

While privacy-focused AI tools like Le Chat topped the rankings, businesses must balance privacy protection with functionality needs. ChatGPT and Claude, despite some privacy concerns, offer more advanced capabilities than some privacy-first alternatives.

The key is understanding exactly what privacy tradeoffs you’re making and ensuring they align with your organization’s risk tolerance and regulatory requirements. As AI becomes increasingly central to business operations, these privacy considerations will only grow in importance.

The landscape is evolving rapidly, with new regulations and company policies emerging regularly. Organizations should treat AI privacy as an ongoing evaluation rather than a one-time decision, regularly reassessing their tools as both capabilities and privacy practices continue to develop.