Since 2022, millions of users have adopted Perplexity, an artificial intelligence-based search engine, hoping that its incognito mode would offer a genuine online privacy space. However, a recently filed U.S. federal lawsuit highlights a much darker reality. This startup, which promised private browsing and enhanced data protection, allegedly exposed its users’ queries to giants like Google and Meta, even when incognito mode was activated. The case denounces a real-time transfer of conversations, betraying the trust placed by internet users in their privacy and internet security.
In this context where online tracking has become commonplace, Perplexity is now at the heart of a scandal raising many questions about the nature of the promised protections and the real risks of a personal data leak. Between the complexity of advertising mechanisms and the commercial exploitation of collected information, this controversy reveals how online privacy often rests on fragile foundations. Let’s discover why Perplexity’s incognito mode does not guarantee the expected discretion, how data is exposed, and what implications this represents for users in the AI era.
- 1 Perplexity’s incognito mode: promises and realities of online privacy
- 2 The advertising technologies behind online tracking on Perplexity
- 3 Legal and financial consequences for Perplexity following the exposure of private searches
- 4 Transparency and Perplexity’s privacy policy: a major black mark
- 5 How to effectively protect your privacy against risks of data leaks and tracking on Perplexity?
Perplexity’s incognito mode: promises and realities of online privacy
Incognito mode has long appeared as a simple and effective solution to preserve privacy during web searches. Inspired by traditional browsers, Perplexity’s incognito mode promised users an experience where conversations would neither be saved nor indexed in a history, with automatic data expiration within twenty-four hours. This feature, appealing on paper, clearly aimed to reassure about online privacy, especially in a context where concerns about online tracking are growing.
However, the complaint filed in federal court by a user under the pseudonym John Doe reveals a major failure: private conversations are not only temporary and isolated as announced. They are indeed transmitted in real-time to third parties, including advertising heavyweights such as Google and Meta. This transmission occurs even before the exchanges are processed by artificial intelligence. More than a simple secondary storage issue or isolated incident, it is a systematic transfer that undermines the very notion of private browsing so praised by Perplexity.
This mechanism illustrates a blatant inconsistency between users’ expectations and the reality of data processing. By giving the illusion of protection, incognito mode becomes a lure that masks a widespread leak of personal and potentially sensitive data. John Doe, in his complaint, specifically cites confidential information related to his finances and medical matters, highlighting the increased risks that this information capture represents for internet users’ security.
The practical consequences of incognito mode failure
When conversations are exposed in this way, the main risk is the total loss of user control over their data. This information, exchanged in full trust with artificial intelligence, could prove extremely personal, going far beyond a simple classic web search. A striking example concerns questions related to health, sexuality, or wealth management—topics on which many users explicitly relied on the confidentiality offered by this feature.
Exposing this data to companies like Google or Meta means it can be used for targeted advertising or behavioral profiling without clear user consent. Several reports state that even in incognito mode, users have been subjected to personalized ads directly modeled on confidential information they had shared during their session. This reality is especially shocking because users thought they were protecting themselves against such intrusion.
The apparent weakness of protections thus raises fears of constant surveillance, where every query becomes a vector for data extraction. The illusion of security offered by Perplexity is therefore undermined, prompting internet users to rethink their browsing habits and seek alternatives that better respect privacy.
The advertising technologies behind online tracking on Perplexity
To understand the extent of this exposure of searches and data leaks, it is necessary to examine the tools used by Perplexity. According to the complaint, the startup links its interface to several powerful advertising technologies, including Meta Pixel, Google Ads, and Google DoubleClick. These tools are not trivial, as they are designed to collect and analyze user behavior in order to deliver targeted advertisements.
A particularly alarming point is how these technologies manage to bypass ad blockers and traditional cookie restrictions. Relying on conversion APIs recommended by Meta, these pixels can collect data in real time, even when users take specific measures to preserve their privacy. This means that classic protections, like cookie blocking or activating incognito modes, are ineffective against these new mechanisms.
This system makes online tracking a sneaky and hard-to-detect threat. The complaint describes this collection mode as a “browser-based phone tapping technology,” emphasizing the severity of a continuous and invisible interception of personal exchanges. This method allows advertisers and platforms to know every detail of conversations, opening the door to massive exploitation of confidential data.
How do these technologies evade classic protections?
Ad blockers and browser privacy settings have long been shields against invasive tracking. However, solutions integrated into pixels and conversion APIs change the game by exploiting channels that escape those protections. For example:
- Meta pixels work by sending information directly to Meta’s servers without going through traditional cookies, making them harder to block.
- Calls to conversion APIs integrate data as part of legitimate actions (such as validating a transaction), thus camouflaging the tracking.
- These processes even function in incognito mode because they do not rely on history or cookies, but on deeper network requests.
Ultimately, this advanced engineering destroys the illusion of protection and places Perplexity alongside services suspected of conducting disguised surveillance, with all the privacy risks this entails.
Legal and financial consequences for Perplexity following the exposure of private searches
The case has taken on major legal significance, with a class action lawsuit filed in the U.S. containing over 135 pages of damning details. The central accusation is the abusive violation of online privacy, via the unlawful transmission of user data, including in incognito mode. This class action targets all those who used Perplexity between December 2022 and February 2026, except for paying subscribers.
The complaint outlines financial stakes, with potential damages that could exceed 5,000 dollars per infraction, multiplied by millions of conversations. The total amount could therefore reach astronomical levels, threatening the startup with catastrophic debt. Beyond the financial aspect, plaintiffs also seek an injunction to force Perplexity to stop these practices.
| Legal Aspects | Detail |
|---|---|
| Period concerned | December 2022 to February 2026 (all users except paying subscribers) |
| Type of complaint | Violation of privacy & unauthorized sharing of private conversations |
| Possible damages amount | 5,000 dollars per potential infraction, cumulative for millions of cases |
| Main objectives | Compensation & injunction to stop non-consensual tracking |
This case takes place in a broader context where global data protection legislation, such as the GDPR in Europe, is tightening in response to abuses from digital tools. Perplexity will therefore face double pressure: from the courts and from user communities demanding increased guarantees on internet security.
Transparency and Perplexity’s privacy policy: a major black mark
Another critical point addressed to Perplexity concerns the visibility and clarity of its privacy policy. Plaintiffs point out that the site does not display any direct link to this policy on its homepage. To obtain a copy, users have to resort to external searches, which is paradoxical for a search engine specialized in information.
When this policy can be consulted, it remains deliberately vague about the tracking tools used and data transfer conditions. It mentions general practices but does not detail contractual relationships or integrated advertising pixels. This lack of transparency complicates understanding of the risks involved, thus depriving users of an informed assessment of the proposed internet security.
In contrast, other major players such as Google or Bing clearly display their terms of use and privacy policy with visible links right on the homepage. This transparency has become a standard in a digital world where user trust is paramount.
This lack of precise and accessible information may be seen as a strategic choice, aiming to avoid questions or disputes. It contributes to the opacity of data processing by Perplexity and fuels distrust towards the startup, especially in light of this data leak crisis.
How to effectively protect your privacy against risks of data leaks and tracking on Perplexity?
Given these revelations, it becomes urgent for internet users to understand how to guard against these risks. Simply activating incognito mode on Perplexity is clearly not enough. Here are some practical tips and strategies to strengthen the protection of personal data:
- Avoid sharing sensitive information during conversations with AI tools, especially if anonymity is not scrupulously respected.
- Use VPNs to mask your IP address and add an extra layer of security against online surveillance.
- Turn to alternative search engines that guarantee strong privacy policies, such as DuckDuckGo or Qwant.
- Install effective anti-tracking extensions, even if some can be bypassed by modern pixel and API technologies.
- Carefully read privacy policies of services used to understand what is done with collected data.
It is essential to remain vigilant in a digital environment where data protection is constantly evolving. Internet security depends as much on tools as on user behavior. By adopting these good practices, it is possible to mitigate the effects of the flaws revealed by the Perplexity case.
