Popular browser extensions used by millions of users are secretly collecting and storing full AI conversations over extended periods, raising serious privacy concerns. The extensions, available for Chromium-based browsers like Chrome and Edge, operate by capturing interactions with AI services such as ChatGPT, Gemini, and others directly within the browser environment. Security researchers discovered that several of these tools gather not only user prompts but also AI-generated responses, saving them locally or transmitting them to remote servers without clear user consent. Some extensions retain data for months, compiling extensive logs of sensitive personal information, confidential business discussions, and private queries. The scale of the issue is significant—combined, these extensions have amassed over 8 million active users. Many users install them for convenience, such as summarizing chat history or enhancing AI interactions, unaware that their conversations are being recorded and potentially shared with third parties. Experts warn that this data collection violates privacy principles and could expose users to risks such as data breaches, unauthorized profiling, or misuse by advertisers and data brokers. Despite appearing as helpful tools, many extensions lack transparency about what data they collect, how long it’s stored, and whether it’s shared with external entities. Some developers claim the data is used only for improving user experience or enabling offline functionality, but researchers found no clear mechanisms for users to review, export, or delete their stored conversations. In several cases, data was transmitted to servers located in jurisdictions with weak data protection laws. Regulators and privacy advocates are urging stricter oversight of browser extensions, particularly those handling sensitive AI interactions. They emphasize the need for clearer disclosures, stronger consent mechanisms, and better enforcement of data protection regulations like GDPR and CCPA. As AI becomes increasingly embedded in everyday browsing, users are being exposed to new risks—often without realizing their conversations are being harvested. Experts recommend reviewing extension permissions carefully and opting for trusted tools with transparent privacy policies.