Just wait until all the conversations you've ever had with AI (which 100% is training on them as well as keeping it's own memories about you that you have no control over) starts getting used to answer questions other people have asked about you.

That's my theory of what's to come, anyway.

People talk to these things not understanding the implications, and can get extremely personal. The model and companies behind it know who you are, you discuss details that reveal what you do, where you live, where you work, what you search for, and you probably signed in with an oauth provider like github or google, which is more than enough of a thread to start pulling on to learn more about you/link other things to you from on the open internet. It'll all get sucked up into the model and before you know it I'll be able to ask a model about my coworker (you) and get back answers from conversations you had with a model a year or two prior, exposing details about you that you might not want out there. And even if that isn't supposed to be allowed, how well has it worked out so far when it comes to data exfiltration and guardrails. If the model has info on you, being told not to share it won't protect you or that data.