Your AI conversations are not private. A federal judge just confirmed it. 

On Feb. 10, the Southern District of New York ruled that a defendant’s AI chatbot conversations are not protected by attorney-client privilege, even after he shared them with his lawyers. He assumed the conversation was confidential. But the chatbot’s privacy policy permits disclosure to government authorities. 

That ruling should alarm every American who has ever typed something personal into a chatbot. 

OpenAI’s research confirms that’s most of us — nearly three-quarters of all ChatGPT conversations are personal, not work related. Forty million people ask ChatGPT health questions every day, checking symptoms at two in the morning, asking about medications and diagnoses, navigating insurance claims. Seven in ten of those health conversations happen outside clinical hours. A diary never had a privacy policy. A confessional never had terms of service. But that’s what these conversations are governed by, if they are governed by anything at all. 

My mother is a cancer survivor. If she had typed her symptoms into a chatbot before her diagnosis, that conversation would have no privilege, no HIPAA protection, and no barrier between the prompt and a subpoena. AI does not need to be sentient to be dangerous; it just needs to be in the room when you say something you thought was private. 

Every generation gets a technology that outruns the instinct for privacy. In 1888, Kodak put a camera in the hands of amateurs and created the crisis that gave us American privacy law. A century later, Steve Jobs put a camera, a microphone, and a GPS tracker in more than 3 billion pockets. Both times, the technology moved first and the law caught up. 

But once, the law got there early. In 1996, Congress passed HIPAA when most medical records were still on paper. The law looked like a solution searching for a problem. Then the federal government pushed healthcare to go digital. Every diagnosis, every prescription, every clinical note became electronic, portable and vulnerable overnight. If HIPAA had not already been in place, the most intimate details of every American’s health would have been exposed during the largest data migration in the history of medicine.  

The data migration is already happening. Americans are sharing their most private thoughts with commercial platforms, outpacing the adoption of the internet and the personal computer. And there is no framework, no federal standard. No HIPAA for the conversations Americans are having with machines they believe are listening in confidence. 

The Heppner privilege ruling is not an isolated case. It’s the latest in a pattern that has been accelerating for months. 

Last November, a major San Diego health system was hit with a class action alleging it used an AI ambient listening tool to record more than 100,000 patient encounters without consent. Everything said in the exam room was captured and sent to a vendor’s servers. Charts allegedly documented that patients “consented.” They say they never did.  

AI scribes are giving doctors back the conversation that technology has been stealing for decades. Less typing during visits. Less charting in pajamas after the kids go to bed. These tools will succeed if Americans can trust them. But trust is not built in a term of service agreement that nobody reads. 

America needs today what it needed in 1996: a federal standard that arrives before the catastrophe, not after. An AI HIPAA. National rules treating prompt data as private by default. Meaningful informed consent in plain language, required before any AI tool records or processes a conversation. Not a checkbox at the bottom of a 40-page privacy policy — actual notice. Actual understanding. Breach disclosure when those protections fail. Clear definitions of which platforms are covered, which data is protected, and what enforcement looks like when the rules are broken. 

Congress had a chance to start building that framework during the Big Beautiful Bill reconciliation. Instead, legislators proposed a 10-year moratorium on state AI regulations without replacing them with anything federal. The moratorium was rejected. What remains is a regulatory vacuum. Every state draws its own lines. No two of them match. Principles without law are suggestions. And suggestions do not survive a courtroom. 

Forty million people are asking these machines their most personal questions every single day, and there is not a single comprehensive federal law that protects the answers. The road is already crowded. Washington has not posted a single speed limit.