What they're not telling you: # The Privacy Policy Shell Game: How "We Don't Sell Your Data" Actually Means Something Else Entirely In 2026, you don't own your data—the companies you interact with do, and they've engineered their privacy policies to obscure exactly how freely they share it with third parties. The revelation came from a Reddit user's unsettling discovery: the AI platform Perplexity called them by their first name mid-conversation. When questioned about what information Perplexity retained, the user decided to examine the company's privacy documentation.

Marcus Webb
The Take
Marcus Webb · Surveillance & Tech Privacy

# THE TAKE: Perplexity's "Privacy" Theatre Perplexity's personalization engine didn't summon your name from thin air. It harvested it—from login credentials, browser fingerprints, IP geolocation metadata, or upstream data brokers. Their privacy policy's semantic dodge is textbook: "We don't *sell*" means they *share*, *license*, or *monetize* under different contractual structures. The real tell? They knew enough to address you by name without explicit input. That's not inference—that's integration with third-party identity networks. Their transparency gap mirrors every surveillance-capitalist operation: bury the granular data-sharing in subsection 4.2. Regulators celebrate GDPR compliance theater while companies route data through subsidiaries and "service providers." You weren't unhappy about privacy violation. You were unhappy about *visibility* of the violation. They prefer operating in the documentation shadows.

What the Documents Show

What they found illustrates a semantic trap that has become standard across the tech industry. Perplexity's privacy policy states the company doesn't "sell" user data, a claim that generates reassuring headlines and regulatory compliance checkmarks. However, the distinction between "selling" and "sharing" data with third parties is where the actual practice of data commercialization happens, largely invisible to users who read only the headline claims. The mainstream tech press consistently reports company privacy assurances at face value, rarely pressing the distinction between data sales and data sharing arrangements. When Perplexity, Meta, Google, or OpenAI announce they "don't sell personal information," journalists typically cite this claim without investigating what "sell" means in their specific policy language.

🔎 Mainstream angle: The corporate press either ignored this story entirely or buried it in a 3-sentence brief. The framing, when it appeared at all, focused on process rather than impact.

Follow the Money

The companies are technically accurate—they may not exchange cash directly for user data in the traditional sense. Instead, they share access to user information with business partners, advertisers, analytics firms, and other third parties as part of operational agreements. This arrangement generates corporate value without triggering the word "sell," allowing companies to market themselves as privacy-conscious while operating surveillance infrastructure. The Reddit user's deeper dive into Perplexity's documentation revealed the gap between marketing language and operational reality. The company collects conversation history, user identifiers, device information, and interaction patterns. While their policy avoids saying this data is "sold," it explicitly permits sharing with service providers and business partners.

What Else We Know

For a user who never consented to their first name being used in AI training or partner datasets, the distinction between "not selling" and "sharing with third parties" becomes meaningless—their personal information is still being leveraged beyond their original interaction. This privacy policy architecture serves a regulatory purpose. The Federal Trade Commission and international regulators scrutinize companies that explicitly "sell" consumer data, but sharing arrangements exist in a hazier legal territory. By structuring data practices around partnerships rather than sales, companies create plausible deniability. They can simultaneously claim privacy protection and monetize user information through arrangement agreements that fall outside traditional data-sale oversight. For ordinary people, the implication is straightforward: the privacy assurances you read are engineered to satisfy regulators and consumers with minimal reading comprehension.

Primary Sources

What are they not saying? Who benefits from this story staying buried? Follow the regulatory filings, the court dockets, and the FOIA releases. The truth is in the paperwork — it always is.

Disclosure: NewsAnarchist aggregates from public records, API feeds (Federal Register, CourtListener, MuckRock, Hacker News), and independent media. AI-assisted synthesis. Always verify primary sources linked above.