Incogni Study Reveals Privacy Risks in AI-Powered Chrome Extensions

Incogni's study ranks 238 AI-powered Chrome extensions by privacy risk, revealing that 67% collect user data and 41% gather PII, including passwords and financial details. DeepL, Grammarly, and Sider pose the highest risks. The report highlights extension vulnerabilities and urges users to evaluate permissions.

Incogni, a data privacy provider, has published a comprehensive study evaluating the privacy risks associated with 238 AI-powered Google Chrome browser extensions. The report, “Ranking AI-Powered Chrome Extensions by Privacy Risk in 2025,” highlights that 67% of these extensions collect user data, and 41% gather personally identifiable information (PII), which may include sensitive details such as credit card numbers, passwords, and location data.

The study finds that certain widely used extensions pose significant privacy threats. Among them, DeepL is identified as one of the most invasive, while Grammarly and Sider also present high risk impacts. Such extensions, despite their functionality, may expose users to identity theft and cybersecurity risks.

Privacy concerns in AI-powered extensions

AI-powered browser extensions have become integral to users’ daily online activities. Tools like Grammarly, which aids in writing, and Vetted, which assists in online shopping, are widely adopted. However, many users assume that extensions available in the Chrome Web Store have undergone strict security checks.

This assumption may not always be accurate, as demonstrated by recent Chrome extension breaches, where over 35 compromised extensions affected more than 2.6 million users. Incogni’s research aims to inform users about the privacy implications of using AI-powered extensions and to encourage safer browsing practices.

Key findings of the report

Incogni’s researchers analysed permissions required by the 238 AI-powered extensions with more than 1,000 users. The findings provide a ranking of extensions based on the level of privacy risk they present.

The study identifies several notable risks:

• 67% of analysed extensions collect user data.
• 41% gather personally identifiable information (PII), including in at least eight of the nine examined categories.
• 41% have a high risk impact, granting them permissions to inject code into websites or operate across all browser pages.
• Nearly 100 extensions demand sensitive permissions, granting access to passwords, financial details, browsing history, emails, and location data.
• 18% collect authentication information, such as passwords, credentials, security questions, and PINs. Audio transcription and programming assistants are identified as the worst offenders.
• 7% collect financial and payment information, including credit card numbers and credit ratings. Among text/video summarisation tools, 15% collect such data, while 14% of audio transcribers do the same.

Additionally, user activity tracking—found in 22% of extensions—is a concern. Although it may seem non-intrusive, it can capture highly sensitive details, including keystrokes, timestamps, passwords, and behavioural patterns.

Most privacy-invasive extensions

The study ranks popular AI-powered Chrome extensions by privacy risk based on data collection practices and permissions. The three most privacy-invasive extensions identified in the report are:

1. DeepL – The most intrusive extension, requiring four sensitive permissions (including scripting and webRequest), collecting five types of data, and requesting five additional permissions.
2. AI grammar checker & paraphraser – Collects five types of data and requires scripting and activeTab permissions.
3. Sider – Demands four sensitive permissions, including offscreen access and all URLs.

Among extensions with over 2 million users, Grammarly, DeepL, and Sider rank among those with the highest risk impact.

Expert insights on privacy risks

Darius Belejevas, Head of Incogni, emphasises the importance of caution when using AI-powered extensions. He states:

“People are coming up with such creative ways to use AI; there’s probably an AI extension for almost any use case you could think of. While this is very exciting, it could also be risky if users don’t stop to consider whether the extensions they add to their browser may be logging their every keystroke or injecting code into the sites they visit.”

Belejevas further warns:

“Unfortunately, we have more reason than ever to be cautious—from hackers and scammers actively looking for ways to exploit people and systems. It’s essential consumers carefully weigh the benefits against the potential risks of AI-powered extensions and choose more privacy-friendly options.”

Privacy risks across extension categories

The research also evaluates extension categories, identifying the most privacy-invasive ones:

1. Programming assistants – Found to be the most intrusive.
2. Personal assistants/general-purpose extensions – Ranked second.
3. Integrating/connecting extensions – Also pose significant privacy concerns.

These categories commonly request sensitive permissions and access a wide range of user data, increasing the risk of data exposure.