A comprehensive study by Search Atlas has found that six leading artificial intelligence platforms do not leak sensitive user data, addressing widespread privacy concerns while distinguishing between data leakage and AI hallucination. The research evaluated OpenAI, Gemini, Perplexity, Grok, Copilot, and Google AI Mode through controlled experiments designed to simulate worst-case data exposure scenarios. The findings, accessible at https://searchatlas.com, indicate zero percent data leakage across all platforms tested, offering significant reassurance for businesses and individuals concerned about confidentiality when using AI tools.
The first experiment investigated whether AI models would reproduce private information after exposure. Researchers created 30 unique question-and-answer pairs with no public references or presence in training data. Each model underwent a three-step process: initial questions without context, provision of correct answers, and repetition of the same questions. None of the six platforms produced correct answers after exposure, with models either declining to respond or generating incorrect responses through hallucination rather than repeating injected facts. This setup simulated a scenario where users input proprietary or sensitive information, finding no evidence that such information was retained for future responses.
Behavioral variations emerged across platforms. OpenAI, Perplexity, and Grok tended to respond with uncertainty when lacking reliable information, resulting in more "I don't know" responses. In contrast, Gemini, Copilot, and Google AI Mode were more inclined to generate confident yet incorrect answers. Crucially, none of these incorrect responses matched previously provided private information, highlighting that hallucination and leakage are separate failure modes, with the study identifying only the former.
The second experiment assessed whether information retrieved via live web search would persist once search access was disabled. Researchers selected a real-world event occurring after all models' training cutoffs, ensuring correct answers could only come from live retrieval. When search was enabled, models answered most questions correctly, but once search was immediately disabled, those correct answers largely disappeared. Only questions whose answers could be inferred from pre-existing training data or general knowledge remained answerable, demonstrating no evidence that models retained or carried forward information retrieved through live search.
One of the study's most practical conclusions is the clear distinction between hallucination and data leakage. Platforms exhibiting lower accuracy—Gemini, Copilot, and Google AI Mode—did not repeat previously received information but instead generated confident, plausible-sounding incorrect answers. OpenAI and Perplexity showed the lowest hallucination levels. This distinction is significant for AI risk assessment, as a prevalent concern has been that AI systems might expose sensitive information from one user to another, a scenario for which researchers found no evidence.
For businesses and privacy-conscious users, the findings provide reassuring news that sensitive information shared during a single session does not appear to be absorbed into lasting memory that could be revealed to other users. Instead, data acts more like temporary "working memory" utilized within that interaction. For researchers and fact-checkers, the findings underscore that LLMs cannot "learn" from corrections in previous conversations, as errors in underlying training data may persist unless models are retrained or correct sources are provided anew.
For developers and AI builders, the study emphasizes the importance of retrieval-based systems like Retrieval-Augmented Generation (RAG), which connect models to live databases or search systems, as the most dependable way to ensure accurate responses for current events, proprietary information, or frequently updated data. Without retrieval, models lack built-in mechanisms to retain facts discovered during earlier interactions. While AI is not risk-free—hallucination remains a genuine issue—the specific fear of data leakage to other users lacks evidence according to this study, potentially allowing organizations to engage with these tools more confidently while focusing on actual risks present.
