← AI Assistants
F

Google Gemini

Fail
Google · 🇺🇸 United States
PolicyApp PermissionsNetwork TrafficFirmwareRegulatory
Technical details
Manufacturer: Google

⚠️ The bottom line

Google tells free Gemini users not to type anything confidential — it's in the terms. Human reviewers read your conversations and keep them for three years, even after you delete them. When Italian journalist Federico Leva asked Google what data it held on him, the response included Gemini conversations he'd deleted months earlier. "Delete" removes it from your screen, not from Google's. In May 2024, Google rolled out AI Overviews to every US search user. Within days, Gemini told people to add glue to pizza (it read an 11-year-old Reddit joke as fact), eat rocks for minerals (it cited The Onion as a source), use gasoline to cook spaghetti faster, and that running with scissors is safe. Screenshots went viral. Google called the errors "generally very rare" while quietly reducing AI Overviews' appearance by 45%. The world's dominant search engine — used by 90% of the planet — replaced reliable links with an AI that can't tell a joke from a fact or satire from science.

Legal jurisdiction
🇺🇸 United States (headquarters)
CLOUD Act read more →
US govt can demand your data from this company even if stored overseas
FISA §702 / PRISM read more →
NSA collects stored emails, photos, messages without individual warrants
Geofence warrants read more →
Police can demand location data for everyone near a crime scene
Spying
2/4 MODERATE
Is someone spying on me?
Data Sharing
2/4 MODERATE
Who gets my data?
Security
3/4 HIGH
Is it actually secure?
Honesty
4/4 EXTREME
Can I trust what they say?
REPLACE Extreme risk. Look for alternatives or lock down hard.
Use Claude instead
Less aggressive than competitors on training, no persistent memory
See report →
8Contradictions
3Critical
4High
1Medium
7Sources
Findings by concern
Spying 2/4 MODERATE 1 finding
⚡ highpolicy claims vs regulatory findings
Google charges enterprise customers for private AI. Free Gemini users are the product — their conversations train the model. Samsung employees accidentally leaked proprietary chip designs through ChatGPT; the same risk exists with Gemini. If you can't afford the enterprise tier, your conversations subsidise the people who can.

What they claim: Enterprise Workspace data is protected.

What we found: Workspace: genuine protection. Free: full training. Two-tier system. Enterprise gets privacy; individuals get surveillance.

Data Sharing 2/4 MODERATE 3 findings
⚡ highfirmware analysis vs policy claims
Google Gemini collects your conversations, location, voice recordings, and browsing history. Google was the first PRISM participant (NSA slides, 2013). In 2023, a Google Cloud engineer was caught accessing users' YouTube and Drive files without authorisation. The company that handles the most personal data on Earth now wants your unfiltered thoughts too.

What they claim: Gemini provides helpful AI while respecting privacy.

What we found: Collects conversations, location, voice, browsing. Part of PRISM infrastructure. Caught scanning Drive PDFs without permission. Workspace integration accesses documents.

⚡ highpolicy claims vs regulatory findings
Google trained Gemini on YouTube transcripts without asking the creators who made those videos. Millions of hours of content — tutorials, lectures, commentary — absorbed into an AI model. Creators weren't notified, weren't compensated, and had no opt-out. Google's defense: YouTube's Terms of Service grant Google broad rights. The same company that argues AI companies must license training data when they scrape Google's content trained its own AI on creators' work for free. The rules Google wants applied to others don't apply to Google.

What they claim: Google says it trains Gemini responsibly and respects content creators' rights.

What we found: Google trained Gemini on YouTube transcripts without creator consent — using the content of millions of videos as training data. Creators were not notified, not compensated, and given no opt-out. When confronted, Google pointed to YouTube's Terms of Service, which grant Google broad rights to user-uploaded content. The same company that argues AI training requires licensing when others do it (Google sued AI startups for scraping) trained its own AI on creators' work for free.

⚫ mediumfirmware analysis vs policy claims
You hit "delete" on a Gemini conversation. It vanishes from your screen. Three years later, a Google reviewer is still reading it. Google's data retention page confirms: deleted conversations are kept by human reviewers for up to 36 months. The delete button is a user interface. It is not a data operation.

What they claim: Auto-delete protects long-term privacy.

What we found: 18-month auto-delete default. But human-reviewed chats: 3 years. 72-hour minimum. Doesn't apply to training data already used.

Security 3/4 HIGH 1 finding
⚠️ criticalprivacy policy vs third party research
Google turned on Gemini inside your Gmail without asking. If you had Smart Compose enabled — most people do — Google took that as consent to read your emails with AI. No new prompt. No separate toggle. Your old "yes" to autocomplete became a "yes" to AI analysis of every email. In Europe they had to ask. In America they didn't bother.

What they claim: Google describes Gemini integration as an optional AI assistant

What we found: In late 2025, Google enabled Gemini by default for Gmail, Chat, and Meet users in the US — analysing private communications without a separate consent prompt. Google used the existing "Smart Features" toggle as a backdoor, meaning anyone who had previously enabled Smart Compose or Smart Reply was automatically opted into AI analysis of their emails. In Europe, GDPR required explicit opt-in. In the US, it was opt-out. Google also granted Gemini access to sensitive Android apps including WhatsApp and Messages by default.

Honesty 4/4 EXTREME 3 findings
⚠️ criticalpolicy claims vs firmware analysis
Google tells free Gemini users not to type anything confidential — it's in the terms. Human reviewers read your conversations and keep them for three years, even after you delete them. When Italian journalist Federico Leva asked Google what data it held on him, the response included Gemini conversations he'd deleted months earlier. "Delete" removes it from your screen, not from Google's.

What they claim: Users control how Gemini data is used.

What we found: Training by default. Human reviewers retain conversations 3 years after deletion. 72-hour minimum even with activity off. 2025: uploaded files/photos for training (default-on). Google warns: don't enter confidential info.

⚠️ criticalpolicy claims vs app permissions
In May 2024, Google rolled out AI Overviews to every US search user. Within days, Gemini told people to add glue to pizza (it read an 11-year-old Reddit joke as fact), eat rocks for minerals (it cited The Onion as a source), use gasoline to cook spaghetti faster, and that running with scissors is safe. Screenshots went viral. Google called the errors "generally very rare" while quietly reducing AI Overviews' appearance by 45%. The world's dominant search engine — used by 90% of the planet — replaced reliable links with an AI that can't tell a joke from a fact or satire from science.

What they claim: Google says AI Overviews provide helpful, high-quality answers synthesized from the web.

What we found: In May 2024, Google's AI Overviews launched to all US users and immediately generated absurd and dangerous answers: telling users to add glue to pizza sauce (sourced from an 11-year-old Reddit joke), recommending eating rocks for minerals (sourced from The Onion), suggesting using gasoline to cook spaghetti faster, and advising that running with scissors is safe. Screenshots went viral. Google said the errors were "generally very rare" but quietly reduced AI Overviews' appearance in search results by 45%.

⚡ highpolicy claims vs app permissions
Gemini fabricates quotes and attributes them to real people. It invents academic papers that don't exist. In February 2024, its image generator produced racially diverse Nazi soldiers and refused to generate images of white people — so historically inaccurate that Google paused the entire feature. The same AI that can't distinguish The Onion from a medical journal is now integrated into Google Search, Gmail, Docs, and Android. Google's response to each failure is the same: rare edge case, we're improving. The edge cases keep arriving faster than the improvements.

What they claim: Google says Gemini generates accurate and helpful responses.

What we found: Gemini has repeatedly fabricated quotes attributed to real people. In early 2024, Gemini generated entirely fake quotes attributed to public figures in response to user queries, presenting invented statements as real. Google's AI also generated fabricated academic citations — papers that don't exist, by authors who never wrote them. In February 2024, Gemini's image generator refused to create images of white people, generating historically inaccurate images (racially diverse Nazi soldiers) that became a global controversy. Google paused the feature.

Latest Risks & Threats
New developments that compound existing privacy concerns. 1 active threat · 2 emerging risks.
RISK Gemini app becomes autonomous agent — expanded data access and action scope ⚠️ Data_Collection Announced 2026-05-20
Google announces Gemini app evolving into a full autonomous agent that can take actions across Google services and third-party apps. Extends data processing from conversations to autonomous browsing, task completion, and cross-service orchestration without per-action consent.
Sources
RISK Gemini introduces Extended thinking mode — longer processing, same retention rules ⚠️ Cloud_Processing Announced 2026-05-17
Google is rolling out a Thinking Level toggle letting users choose Standard or Extended reasoning (May 2026). Extended mode processes prompts longer server-side before responding. Google's existing retention policy stores conversations for 18 months by default; human reviewers can retain content for up to 3 years. No separate disclosure covers how extended-mode reasoning traces are stored or excluded from training. Free consumer accounts remain subject to training by default unless users disable Gemini Apps Activity.
Sources
THREAT Gemini Reads Your Gmail and Google Docs 🤖 Ai Launched 2024-02-08
Google integrated Gemini AI into Gmail, Google Docs, Drive, and Sheets. It reads your emails to write replies, summarizes your documents, and analyzes your spreadsheets. Google says conversations with Gemini are reviewed by humans to improve the product. The company that already reads your email to target ads now has an AI assistant that reads everything else too — and humans are reading the AI conversations.
Sources
What happened to real people
Documented incidents involving Google products and user data.
Jorge Molina jailed 6 days for murder via geofence warrant based on Google Sensorvault location data. Lost job, car, reputation. Charges never filed. [source]
PRISM participant since 2009. NSA collects stored communications. FBI conducts warrantless 'backdoor searches' of American data using names and email addresses. [source]
Google received 180 geofence warrants per week by 2019. Each warrant searches tens of millions of accounts. Supreme Court hearing constitutionality (Chatrie v. United States). [source]
What your data is worth to governments
Google complied with 235,000 government data requests in H1 2024. That's +530% over 10 years. Google has been a confirmed PRISM participant since 2009. Under this programme, the NSA collects stored communications. The company is legally prohibited from telling you. Jurisdiction: US (CLOUD Act, FISA Section 702, Patriot Act).
Documented: Jorge Molina jailed 6 days for murder via geofence warrant based on Google Sensorvault location data. Lost job, car, reputation. Charges never filed.
Documented: PRISM participant since 2009. NSA collects stored communications. FBI conducts warrantless 'backdoor searches' of American data using names and email addresses.
What is PRISM? · What is the CLOUD Act? · Transparency report
Sources