Researchers at IMDEA Networks Institute found that four major AI chatbots—ChatGPT, Claude, Grok, and Perplexity—embed over 13 third-party trackers from Meta, Google, TikTok, and others, leaking user data including conversation URLs and sometimes message content. The study, published May 4, reveals that Grok is the worst offender: guest conversations are public by default, and TikTok's tracker received verbatim message content via Open Graph metadata. The leak mechanisms vary: Claude transmits data through its own servers to 11 ad platforms, bypassing ad blockers; ChatGPT and Perplexity send conversation URLs and advertising cookies to Meta and Google even when cookies are rejected. While the researchers note no evidence that trackers actually read chats, the infrastructure enables it, and permalink dissemination effectively leaks conversations when links are public. For users, practical mitigations include restricting conversation visibility on Grok and Perplexity, rejecting non-essential cookies on Claude to disable Meta Pixel, and using privacy-focused settings. The findings were submitted to Data Protection Authorities in April; no company has responded. The researchers plan to extend analysis to Meta AI, Microsoft Copilot, and Google Gemini.

Key facts

• 13+ third-party trackers found across ChatGPT, Claude, Grok, and Perplexity
• Grok leaks verbatim message content to TikTok via Open Graph metadata
• Claude sends data to 11 ad platforms via its own servers, bypassing ad blockers
• Rejecting cookies does not fully prevent data transmission on most platforms
• No evidence of trackers reading chats, but infrastructure enables it