As higher education institutions increasingly adopt AI-powered tools to enhance productivity and digital experiences, it’s essential to remain vigilant about the security and privacy implications of these emerging technologies. This article examines the leading AI browsers and highlights their unique risks and considerations for academic environments.

Most of these browsers offer powerful AI-driven features that enhance productivity and facilitate research. However, their approaches to privacy and data collection present significant risks for higher education institutions. Careful evaluation and consultation with Chapman University’s Information Systems and Technology and Information Security teams are recommended before adoption.

Comet by Perplexity AI Features and Risks 

Key Features: 

  • Context-aware AI assistant for summarizing articles, comparing data, and remembering research sessions. 
  • The “Do This For Me” mode automates tasks such as booking meetings, shopping, or drafting emails. 
  • Multilingual summarization supports global users. 
  • Cited responses for credibility. 

Security Risks: 

  • CometJacking Vulnerability: Security researchers have identified a critical exploit known as CometJacking. Attackers can embed malicious commands in a URL that, when clicked, instructs Comet’s AI to access and exfiltrate sensitive user data (emails, calendar entries, shopping history) without the user’s knowledge. Because Comet operates with full user privileges, it poses a significant insider threat—particularly in academic or research environments. 

Privacy Concerns: 

  • Beyond technical vulnerabilities, Comet’s business model raises red flags. In a public interview, Perplexity’s CEO stated that the browser was designed to collect user data “even outside the app” to fuel targeted advertising. 

Atlas by OpenAI Features and Risks

Key Features: 

  • ChatGPT integration throughout the browser, accessible from the sidebar or URL bar. 
  • Agent Mode automates complex tasks using the browsing context. 
  • Memory feature remembers sessions, queries, and context for continuity. 
  • Canvas and deep-research tools for brainstorming and content creation. 

Privacy Risks: 

  • Surveillance by Design: Atlas builds “memories” of user activity, including summaries of visited pages, inferred preferences, and ongoing tasks. This level of surveillance rivals—and sometimes exceeds—those of Google Chrome’s data collection practices. Privacy advocates have found that Atlas can retain details about sensitive activities, such as registering for health services, including the actual doctor’s name. 

Control Limitations: 

  • Atlas offers tools to manage its memory, such as deleting entries or using incognito mode. However, these controls are scattered and confusing. Clearing browsing history doesn’t always clear memories, and incognito mode doesn’t prevent ChatGPT itself from retaining data. This lack of transparency undermines the principle of informed consent, which is essential for the ethical use of technology in higher education. 

Arc Browser by The Browser Company Features and Risks 

Key Features: 

  • Visual interface with Spaces for project-based tab organization.
  • AI assistant “Arc Max” provides instant webpage summaries, smart search, and predictive suggestions.
  • Instant Links prefetch and load search results automatically, skipping extra clicks.
  • Live Folders automatically refresh content from favorite sites, turning tabs into live dashboards.
  • Built-in tools like screenshotting, annotation, and note-taking within the sidebar. 

Security Risks: 

  • Session Exposure Risk: Because Arc Max can access and summarize all open tabs, a malicious page with injected scripts could theoretically trigger unintended summarization calls, exposing the metadata of other tabs. 
  • Plugin Injection Vector: Early builds allowed custom sidebar scripts that, if improperly sandboxed, could be exploited for cross-tab communication. 

Privacy Concerns: 

  • Arc Max collects anonymized usage data for model improvement but offers limited transparency into how summaries or search predictions are processed. 
  • Users have reported that “Spaces” metadata (names, color tags) syncs across devices through Arc’s cloud servers, raising mild privacy issues for shared or enterprise devices. 

Opera One (AI Aria) Features and Risks

Key Features: 

  • Real-time webpage summarization and contextual Q&A within the browser window.
  • Voice input and AI-generated page actions, like explaining code snippets or summarizing PDFs.
  • Modular design that adapts interface elements dynamically depending on the task (chat, media, or code).

Security Risks: 

  • Model Routing Risk: Since Aria dynamically routes prompts through multiple backend models (OpenAI, Mistral, Opera’s Composer), a misconfiguration could theoretically leak partial user context to third-party APIs. 
  • Extension Conflicts: Some extensions that manipulate DOM elements conflict with Aria’s overlay layer, potentially creating exploitable injection points. 

Privacy Concerns: 

  • Aria’s hybrid model means that some prompts are processed on Opera’s servers, while others are sent to OpenAI—raising uncertainty about data jurisdiction and retention. 
  • While Opera offers a built-in VPN, the traffic from this VPN is distinct from Aria’s API calls, which may bypass the VPN entirely, thereby limiting user anonymity. 
  • Data-sharing disclosures are buried in Opera’s global privacy policy, making it difficult for users to understand how AI-related data is handled regionally (e.g., in the EU vs the U.S.). 

Chapman University’s Position

Innovation is vital, but it must be balanced with responsibility. Faculty, staff, and students are urged to consult IS&T before adopting AI-integrated tools and to prioritize browsers that offer meaningful privacy controls and transparent data practices.