I recently gave a talk to a university and health care audience on an important topic to me: AI and algorithmic awareness and safety. And in the weeks since, barely one has gone by without something new crossing my desk that tells me this topic is only becoming more relevant. So I thought I would take the essence of what I taught and distill it into a blog post.

Let me say up front what this is not. This post is not anti-AI. It’s also not a plea to avoid AI, delete your accounts, or move to a cabin in the woods. I use this technology every day, and it has made me smarter, more productive, and frankly happier, and I want to share that. The point of this post is something different. The point is to use this technology with agency — to understand the hidden costs of the convenience, and to make deliberate choices about what you are willing to trade away.

The friction to adopt these new tools has never been lower. And the stakes have never been higher.

A quarter century of acceleration

I am old enough to remember a time before the internet, when the Encyclopedia Britannica at the library was how you reached the world’s knowledge. As a teenager I dialed into local Bulletin Board Systems on a 14.4 kbps modem, and learned to type by chatting with strangers-turned-friends over Kangachat, IRC, and ICQ. By 2000 I was at a start-up building an online shopping platform where people could register a domain, get an SSL certificate, take credit cards, and sell their goods online. This was long before Shopify existed, and when Amazon was mostly books.

In the twenty-five years since, we have gone from a reasonably paced, analog, local-first society to a just-in-time, digital-first, always-on global village. Internet commerce alone has grown from roughly $26 billion in mostly domestic US sales in 2000 to about $6.42 trillion globally in 2025 — nearly a 24,500% increase. Humans have gone from about 1 hour and 21 minutes a day online to over 6 and a half hours, and from carefully curated newspapers to hyper-personalised algorithmic feeds sourced from like-minded perspectives or the highest bidder.

My kids have never known a world without nearly all of human knowledge in their pocket. Set against the 300,000 years humans walked the earth before us, that pace of change is profound. And strap in, because it is only getting started.

AI changes the rules

Artificial intelligence began as a discipline in 1956, though Alan Turing had imagined “thinking machines” even earlier. I could happily talk about the decades in between, but let me fast-forward to two dates that stick in my mind.

On June 21, 2022, GitHub released Copilot, a tool they claimed would help developers write code. As a software engineer, I thought this was funny. Code is poetry, I used to say, quite smugly. Then on November 30, 2022, a research group called OpenAI quietly released a prototype called ChatGPT. Do you remember the first time you used it? I do. My jaw dropped. Like all good new technology, it felt like magic.

The models we have today are extraordinarily capable across language, images, video, and audio. It turns out much of what we say and write can be predicted through probability. Not perfectly, but with remarkable accuracy. We do not fully understand how this works inside these neural networks; not even the engineers who build them truly do. And increasingly they are paired with agents and connectors that let AI act on your behalf to access data, place orders, process transactions, and much more. The industry is racing toward Artificial General Intelligence (AGI), with even conservative estimates now measured in years, not decades. Whatever you make of that, the implications are already here.

Established products are bolting on AI features, and new “enterprise-grade” products appear overnight, built by impossibly small teams. I can speak to this directly: I once led a software platform built by 21 universities, and development was still slow. There was requirement gathering, approvals, testing, peer review, documentation, and releases. Necessary, delicate work. Today, one experienced engineer directing AI coding agents for around $100 USD a month can build something of near-equivalent complexity in a month or two. What once cost millions can now cost thousands.

The hidden costs of convenience

It has never been easier to find a new SaaS product, sign in with your Google or Microsoft account, plug in a credit card or use the free tier, and start using it. This is the world of click-to-agree software. The friction has never been lower. But the stakes have never been higher.

But let’s look at what is actually happening with many of those handy products we enjoy using, and promote to our friends and colleagues.

There is a massive thirst for data right now. Data is the new oil, as the saying goes. Companies need enormous datasets to further train AI models, and hundreds of billions of dollars ride on getting more. The data you type into these products is stored, processed, de-identified, and often sold many times over. And it is not just what you type. New data is inferred from how you behave: where and what you click, how long you linger, what you buy, who you talk to and when, even the sentiment of what you say.

It gets worse, because it is not only the companies you deal with directly. An entire industry of data brokers scrapes the public internet, pulls from public records, buys loyalty-program and purchase data, and acquires more through partnerships with companies whose terms of service you accepted on sign-up. (You read all of those, right?) They merge it into a detailed profile of you and sell it onward to AI companies, advertisers, and other boutique data brokers.

I used to like the saying that if you’re not paying for the product, you are the product. Sadly, that is no longer true. Even when you pay, the fine print often governs how your data is shared, and even if you read it once, companies get bought and sold, and policies change. Keeping up is nearly impossible.

Case in point: Grammarly

Take Grammarly, a writing assistant a lot of people use. A close read of its privacy policy surfaces three things worth pausing on:

• AI training across all data categories. You can toggle whether your user content feeds AI training — but the European legal-bases table lists “all categories of data” for AI development under legitimate interest, not consent. So your account details, usage data, and inferences may train models regardless of your setting.
• Advertising disclosures. It describes converting your email or phone number into an identifier and handing it to advertising partners to target you across other sites — activities it admits may constitute targeted advertising, sharing, or selling under privacy laws.
• Apps installed on your device. Buried in the technical data is a line about collecting which apps you have installed — arguably the most disproportionate point in the policy. Why would a writing assistant catalogue apps that can reveal your health, politics, and finances?

That, to borrow Mozilla’s phrase, is the grim reality of the privacy not included world of click-to-agree software.

A realistic enterprise scenario

Now picture this. You are an administrative staff member at a university, sick of Microsoft Outlook. No one would blame you. You have heard there are better email experiences with AI features that promise to save you four hours a week. That’s 192 hours a year, a $14,400 productivity win. Right?

Here is the problem. That third-party service now has complete access to your mailbox, usually through OAuth, which is effectively a backdoor into your account. Change your password and enable MFA, it doesn’t matter. The service can still get in. And do you work with researchers or faculty? Receive personal information about learners or employees? If faculty send you unpublished research or content licensed from a publisher for classroom use, you have now exposed it to a company that may train models on it or sell access to it, which risks lost intellectual property and licence infringement. The same logic applies to personal information protected by privacy law. And that is when things go well. The worse case is that the service is breached, and the backdoor you opened is used to copy everything out. Your attempt to save four hours a week could cost far more than your time is worth.

For every caution I raise, I want to say what you can do. For this one it is simple: work with your technology partner. Your IT department, information security office, and procurement team can help you improve the tools you have, find a better enterprise solution, and safely vet that shiny new product through the proper channels.

Four contract terms worth fighting for

When enterprise software is procured properly, the terms are negotiated, because a vendor will rarely hand you an agreement that puts your interests first. Many deserve scrutiny, but four are most often underserved: data ownership (your institution owns all primary data; the vendor gets no rights to derived data and cannot train on yours, even after you leave); AI transparency and change management (new AI features or a swapped-out model should require your approval, not a line buried in a changelog); data portability and exit (guaranteed export, plus data return and verified deletion when the contract ends); and security and compliance (mandatory breach notification, a right to audit, sub-processor transparency, and compliance with applicable law). I keep a fuller reference on these and am glad to share it.

The manipulation machine

This is, I think, one of the least understood risks we face: subtle algorithmic manipulation.

You have probably noticed governments moving to ban social media for children under 16. Extreme? If you have not asked why, you should. Many of these products are addictive by design, and in some places that design is now illegal. In February 2026, the EU formally charged TikTok with breaching its Digital Services Act through intentional “addictive design,” patterns shared by other platforms too. I am not advocating for required age verification here, I think this more-common practice will not be well executed. I actually advocate for human education, and well, exactly what the EU is doing there.

What makes them addictive? Infinite scrolling, autoplay, and hyper-personalised recommendations combine into what psychologists call a variable-ratio reinforcement schedule — the same principle that makes slot machines work. For those who post, every like and comment delivers a little dopamine hit, a feeling of accomplishment without accomplishing anything. None of this is accidental: a Washington Post investigation that followed 1,100 TikTok users found they swiped faster over time, suggesting the platform trains people to consume more, more quickly.

Why care? Because a population of highly engaged users can, en masse, be nudged by ideas slowly planted in their feeds, and they would never recognise it happening. They would feel the ideas were their own. Manipulation is as old as advertising, but these techniques are vastly more effective.

A story of my own: for years Google News was my daily source, and I loved my feed. It had everything I liked and nothing I did not. Every time something appeared I disagreed with, I told it never to show me that topic again. I was isolated in my bubble, and it was delightful. But I eventually recognised how narrow my perspectives were becoming, and how intolerant of any other view. That is polarisation, and hyper-personalised feeds are a real contributor. We should worry about this especially in higher education, where competing ideas ought to be not merely tolerated but celebrated and rigorously, respectfully debated.

What you can do about algorithmic manipulation:

• Support local news outlets and journalists, and stop using social media as your news source.
• Try Ground News, which shows the same story from across the political spectrum, and Kagi News, a non-personalised, non-algorithmic daily source.
• Make time to genuinely empathise with perspectives that are not your own.
• Check your ego at the door. We are all wrong sometimes. Change your position when the evidence says you should.

Privacy is a right, not a feature

Let me make a bold statement: I believe privacy is a human right. And it is not being respected. Not by most of individuals, and certainly not by the companies profiting from its erosion. Governments are doing shockingly little, and where they once made real gains, like the GDPR in Europe, some protections now appear to be weakening.

If you do not treat privacy as a right, it will be gone. And if you will not stand up for it, how can we expect the companies abusing it to care? The passive I have nothing to hide will not do. Maybe today you have nothing to hide. You, like me, are a law-abiding citizen whose values happen to align with the institutions writing the laws. But societies change; we are watching it happen. The freedoms many of us enjoy have not always existed and may not always exist. Your perfectly aligned values of today could be a crime tomorrow. For the generations who come after us, we need to stop being passive and start demanding the privacy we take for granted.

And the defeatist there is nothing I can do is simply untrue. It starts with educating yourself. And to be clear, your data has probably already been stolen check out Have I Been Pwned to see what of yours has been exposed. Stolen information fuels identity theft and targeted attacks that can turn your life upside down; I have watched it happen to a friend.

Here are concrete actions, not someday but today. They feel overwhelming at first, but once you start, good choices get easy.

Protect your privacy:

• Use the privacy-respecting settings already on your devices.
• Support privacy-respecting organisations like Mozilla, Signal, Mastodon, the EFF, and yes, even Apple is pretty good.
• Reduce your dependence on those that exploit your privacy, especially short-term-thinking venture-backed startups, Meta, Google, Microsoft, and Amazon. I strongly advocate for looking into European alternative software solutions, and self-hosted alternative applications.
• Subscribe to a data-broker removal service such as DeleteMe or Incogni.
• Read privacy policies for new services. If that sounds like too much, do not read them yourself. Paste them into an AI tool and let it read the agreement for you.

Specific swaps you can make today:

• Use Firefox, ditch Chrome — one of the most powerful data-collection instruments ever built, sitting between you and the entire internet.
• Use Signal, ditch WhatsApp, which (via Meta) collects revealing metadata: who you talk to, how often, when, your contacts, device, and location.
• Use Mastodon or Bluesky, ditch X, whose 2023 policy expanded collection to location, private messages, biometric data, and the apps on your phone.
• Delete Facebook and Instagram from your mobile device; if you must, use Facebook on a computer inside a Firefox Container.
• Run an ad blocker, and review your browser extensions periodically.

Protect against breaches:

• Do not reuse passwords. Use a password manager, such as Bitwarden or Apple Passwords.
• Use multi-factor authentication, but avoid SMS. SMS as a factor is not as secure. Passkeys are the future.
• When you are done with a service, delete the account. Do not just abandon it; it may be breached years from now with your data still sitting there.

Using AI with agency

After all those warnings, I do not want you to leave afraid of AI, or of that great new product a friend recommended. The point is to use it with agency. Here is how I do that.

A simple mental framework for your data. I use my university’s Data Classification Standard, at work and personally, to decide what is safe to share with any third party, AI included. General data is already public, or you would happily publish it; this is generally fine to share with reputable products. Internal data is not public but not highly sensitive, and should only go into vetted enterprise tools with negotiated terms and a proper risk assessment. Confidential data (i.e., personal information, research, health records, finances, intellectual property) belongs only in those same vetted tools. The framework decides which tools I trust and what I am willing to put into them.

How AI actually makes me more productive:

• It reads the fine print. Before I tick “I Agree,” I paste a privacy policy into an AI tool and ask it to flag the key risks, such as third-party sharing, AI-training clauses, retention. Seconds, not twenty pages of legalese.
• It is a thinking partner. For sprawling email threads, policies, and security reports, AI gives me a fast summary so I know where to focus, and a sounding board when I am working through a hard problem. I may still read the original; I do not outsource my judgment.
• It sharpens my writing. I create a draft first, which is usually a loose, far-too-long brain dump. Next, I ask AI to tighten it or make it land for a particular audience. The ideas and the voice are mine.
• It writes code with me. I use AI coding agents extensively, including on an open-source prototype of a next-generation learning platform with an embedded AI tutor. I have shifted from writing code to directing agents, freeing me to focus on ideas, architecture, and quality.

The common thread: none of this requires me to surrender my data or my judgment. It just requires me to be deliberate about which tools I trust and what I feed them.

Closing

Again, the goal of this most is not shy you away from using AI or to make you abandon the applications you enjoy. It is to help you see where this industry is heading and how to navigate it more safely: institutional data should never reach third parties without rigorous review, your privacy is worth protecting, and there is something you can do, starting today. Using this software safely and using it productively are not in conflict.

Because the goal is not to retreat. It is to use these tools skilfully, safely, and on your own terms so that you become happier and more productive, while protecting the data and rights of your institution, your community, and the generations who come after us.

Bring this talk to your audience

This post is a condensed version of a talk I deliver in person: AI and Algorithmic Safety: From Awareness to Agency. The full presentation runs about 60 minutes and is built for a general audience. You do not need to be technical to follow a word of it.

In tone, it is candid and grounded in real experience rather than fear. It moves from a bit of personal history through the genuine risks and into practical, do-it-today guidance, and it always lands where this post does: not on a warning to retreat, but on using these tools with agency, on your own terms. People tend to leave informed and energised rather than alarmed.

I have given versions of it to university and health care audiences, and it resonates with leadership teams, faculty and staff, IT and information security groups, students, professional associations, and conference crowds, or anywhere people are adopting AI faster than they are thinking about the trade-offs. It works equally well as a staff town hall, a professional development session, a conference keynote, a retreat talk, or a board briefing.

If that sounds like a conversation your people should be having, I would love to bring it to your group. Reach out by email to discuss the opportunity.

And whether or not any of that applies to you, if this resonated, I would love to hear from you. Leave a comment below, or connect with me on Mastodon.