The most common online privacy questions people are asking AI in 2026
How do you protect your online privacy in 2026?
The way we search is changing: instead of scrolling through pages of search results we're increasingly using AI search instead. And we're also using those AI searches to ask questions about online security, data protection and digital privacy, because those are areas where things have changed lately. The combination of technological and legal changes mean that protecting your identity and devices is once again a very hot topic.
We asked Google Gemini what questions UK users were asking about their online privacy, and it helped us identify several key concerns.
Worrying about online privacy isn't new, but it has taken on new urgency in the UK as a result of several significant changes to data privacy laws and other relevant legislation. Those changes include:
What are the key concerns about online privacy?
“
"
"The Magic5 Pro makes shooting complex scenes with unpredictable movements easier than ever before..."
The Online Safety Act, which has raised concerns about how internet firms may be required to monitor private messages and communications in order to identify illegal behaviour;��
Some UK MPs have raised questions about the use of Virtual Private Networks, despite their widespread and legitimate use by remote workers and businesses, following concerns about misuse in relation to age-verification requirements of the Online Safety Act;��
A UK government review examining the role of end-to-end encryption in the context of national security;��
The move to a single NHS record that will be managed by commercial organisations based overseas;��
The legal battle between the UK's Investigatory Powers Tribunal and tech firms, with the UK government wanting technology companies to reveal users' encrypted data to the Home Office;��
A new UK law called the Data Use And Access Act that relaxes the rules governing websites' use of cookie trackers and automated/AI decision making, enabling more automated monitoring of users and site visitors;��
And the rise of concerns over AI platforms' training data, which has been drawn from large volumes of publicly available information and, depending on platform policies and user behaviour, may include potentially sensitive personal data. �
There are also concerns that most major AI platforms are based outside the UK, and subject to different and potentially weaker privacy and data protection laws.
The big privacy questions we're asking in 2026
Yes, but the legislation that protects your privacy is changing. When the UK was part of the European Union we implemented the EU General Data Protection Regulations (GDPR). Since leaving the UK, the UK’s approach to data protection is evolving, with greater emphasis on balancing privacy protections alongside economic growth and innovation. The government has also introduced get-outs regarding privacy where the data user doesn't need to balance its use of data with protecting your privacy.
�That means it's increasingly important to take steps to minimise the data you're sharing, and to be selective about who you share it with.�
“Is my data still private?”
The UK gov.uk website explains: "A digital identity is a digital representation of your identity information, like your name and age. At your request, it can also contain other information about you, like your address, or biometric information, like a fingerprint or face scan. It enables you to prove who you are without presenting physical documents."
�If someone else can use your digital identity they can cause chaos. Security solutions that can identify "phishing" emails and messages and malicious software are crucial to help you better protect your digital identity.
“What does digital identity actually mean?”
Yes. Using a VPN is not illegal. However, if you use a VPN to access material that is illegal in the UK then you're committing a crime. You can also be found guilty of copyright infringement if you use a VPN to access illegally copied or streamed content such as movies or live sporting events.
�A trustworthy VPN is strongly recommended if you're transmitting any kind of confidential data online, whether that's banking or business.
“Is it legal to use a VPN in the UK?”
Yes. Bad actors try to get your private data such as login details by creating official-looking but fake hotspots, or by using scanning tools to intercept the data being sent between your device and a real Wi-Fi hotspot. This is another area where a VPN can help keep your data safer.
“Can public Wi-Fi expose my personal data?”
In a word: automation. Bots can scrape information from multiple sources, so for example they can cross-reference data from multiple social media websites, online retailers' customer data leaks – especially if people have used the same email and password on multiple websites – and publicly available posts. Tools can then generate fraudulent "phishing" emails to create very personalised and utterly convincing fake emails that appear to be from your bank, from other financial institutions or from trusted retailers.
�In a particularly horrible development we're seeing generative AI being used to copy people's voices to make "deepfake" phone calls that seem to be from a family member. Video calls won't be far away.
�AI-powered anti-scam systems can be really helpful here: they're constantly trained on huge volumes of fraudulent emails and messages, and that means they can see the tell-tale signs of an existing or emerging scam that human eyes might not notice.
“How do scammers get my information so easily now?”
Privacy tools are just tools; what matters is what you use them for. So using a VPN to make sure nobody can intercept your emails when you're connecting in a café is perfectly ethical and very sensible; using a VPN to conceal your location so you can do something illegal is not. Using an ad-blocker to stop third parties from following you around the internet without your consent is ethical; using it to get ad-free videos without paying for it, not so much.
�
An ethical security tool will deliver security, transparency and compliance – so it will improve your data security, it will only use the data that's necessary to deliver that improvement and make it clear what data it's using, and it'll comply with the appropriate laws in the places it provides its service.
AI can be very helpful in helping you to protect your privacy: it can identify potential security risks, help you draft a subject access request to see what data an organisation holds about you, help you check key settings on your devices and offer advice on best practice.
�What it can't do, though, is take all the necessary steps to minimise the data you share with third parties and protect your personal data – and in fact multiple organisations including the UK's Information Commissioner's Office warn that AI can actually create some risks if you provide it with personal information in your conversations or in documents you ask it to analyse. As Stanford University put it, you should "be careful what you tell your AI chatbot".�
AI can be a great adviser and assistant, but the person in charge of protecting your privacy is you.�
Here are some key things to consider.
Today's threats are too many, too complex and evolving too quickly for old-school signature-based threat detection: security and privacy protectors need to be able to identify unknown threats based on their behaviour, and AI and machine learning excels at doing just that.
Does it have AI-powered �threat detection?
Some of the most effective scams don't use technology: they use social engineering to try and trick you into providing login details and other personal information. AI can play an important role here too, identifying malware, phishing and scams in even the most convincing messages and emails.
Does it have scam protection?
When it comes to privacy, trust is everything. That’s why millions of individuals choose VPNs and other security tools from established cyber safety leaders such as Norton. Norton has been helping to protect users from evolving online threats since 1990, combining decades of security expertise with modern encryption, a strict no-logs VPN policy, and independent audits designed to verify that user activity is not tracked or stored. With the scale, resources, and transparency to back up its privacy claims, the privacy and security suites of Norton are built not just to respond to today’s threats, but to anticipate the ones that come next.
Is the provider someone you �can trust?
The key to protecting your privacy and security is knowledge: knowing what data you're sharing and with whom, knowing where the threats to your privacy and security are coming from, and knowing what steps you need to take to keep your data protected across all your devices every day.
�Click here to discover more about protecting your privacy ethically, responsibly and affordably.
The ethical way to use privacy tools
What AI gets right – and what it can't protect you from
What to look for in a privacy and security solution
Whether you're saving files locally, sending them by email or uploading from your seat in a coffee shop you want to be confident that even if someone were to intercept your data, they wouldn't be able to decrypt it.
Does it have strong encryption?
Knowledge is power
Sponsored content created with
