Three things happened this week. On Friday, OpenAI launched a feature that lets you connect your bank account directly to ChatGPT. On Thursday, a 72-year-old grandmother in Michigan learned she would be suing after facial recognition software falsely identified her as a shoplifter and put her in a jail cell for two nights. And sometime in between, OpenAI introduced a self-serve ad platform that will let brands run campaigns directly inside your ChatGPT conversations.
These aren't three separate stories. They are three doors in the same hallway, and they all just swung open at once. This is the story of how AI stopped asking for permission.
The Bank Account Gambit
Friday morning, OpenAI dropped the news: ChatGPT is now a personal finance app. Pro subscribers in the United States can connect their bank accounts, credit cards, and investment portfolios directly into ChatGPT through Plaid, the financial data aggregator that connects to over 12,000 institutions including Schwab, Chase, Robinhood, and American Express.
Once linked, users get a dashboard of portfolio performance, spending patterns, subscriptions, and upcoming payments. GPT-5.5's reasoning engine sits behind it, ready to answer questions like "I feel like I've been spending more recently. Has anything changed?" or "Help me build a plan to buy a house in the next five years."
OpenAI says 200 million users already ask ChatGPT financial questions every month. Now it's offering them the nuclear option: just hand over everything. Every transaction. Every balance. Every subscription. Every embarrassing late-night Amazon purchase.
The company emphasized encryption and user control. You can disconnect accounts anytime, and synced data is deleted within 30 days. It sounds clean. It sounds responsible.
But here is the problem.
OpenAI suffered a data breach this month. Hackers compromised employee devices through a code security vulnerability. User data and production systems were reportedly unaffected, but the breach happened anyway. The company is asking you to trust it with your complete financial history at the exact moment it is demonstrating that no system is impenetrable.
This matters more with OpenAI than it would with Mint or YNAB or any other fintech player, because OpenAI is not a fintech company. It is an AI company that is simultaneously building an advertising business, training the world's most powerful models on user data, and now positioning itself as your financial advisor.
The concentration of power here is historically unprecedented. No financial institution has ever had simultaneous access to your transaction history, your conversation history, your browsing habits, and an ad platform that can monetize all of it. That is not a bank. That is a surveillance architecture with a checking account.
The regulatory framework for this does not exist. The Consumer Financial Protection Bureau, already weakened, has no rules for AI-powered financial advice delivered through a conversational interface. The SEC is not auditing GPT-5.5's investment recommendations. You are in a regulatory vacuum and the company on the other side just had its employee devices breached.
Your Face as Evidence
While OpenAI was asking for your bank login, the physical surveillance layer was producing its usual results. A 72-year-old grandmother in Michigan was arrested and detained for two nights after facial recognition software matched her photograph to a shoplifting suspect.
She was not the shoplifter. The attorney representing her says the incident caused significant emotional distress and reputational harm. A federal lawsuit is expected.
This case is not an anomaly. It is the latest entry in a documented pattern of false positives that disproportionately affect older women and people with darker skin tones. The National Institute of Standards and Technology has published multiple studies confirming these demographic disparities. The algorithms are measurably worse at identifying certain faces, and those faces belong disproportionately to people with less institutional power to fight back.
Law enforcement defends facial recognition as an "investigative tool," a framing that makes it sound cautious and preliminary. But in practice, a software match becomes probable cause, probable cause becomes an arrest, and an arrest becomes two nights in a cell while your neighbors wonder what you did. The gap between the tool's marketing and the tool's consequences is the entire story.
PhantomByte covered this pattern in March with the case of Angela Lipps, a 58-year-old grandmother who spent five months in a North Dakota jail for a crime she had nothing to do with, also because of a facial recognition match.
That was two months ago. Nothing has changed. The technology continues to deploy. The false positives continue to accumulate. The law enforcement agencies that use these tools face no meaningful accountability for the arrests they produce. The debate around facial recognition has stayed abstract, focused on policy papers and pilot programs and terms like "algorithmic bias," while real people sit in real cells for crimes they didn't commit.
The grandmother in Michigan is not an edge case. She is the product working as designed.
The Attention Economy Gets an AI Upgrade
Then there is the ad platform. OpenAI has introduced tools that let brands run campaigns directly inside ChatGPT conversations.
The company says ads "won't influence core responses" and "privacy controls are emphasized." Interpret that however you want, but what it means structurally is that the same interface where you ask for financial advice is now a monetizable surface for advertisers. Your question about whether you can afford a vacation becomes adjacent to a travel ad. Your query about managing credit card debt sits next to a debt consolidation offer.
Alone, this might look like a predictable business move. But put it next to what Google is doing internally with a project called Remy. Google is testing an AI agent designed to act on behalf of users, monitoring relevant information and learning user preferences.
Remy is the logical endpoint of personalized AI: an agent so deeply embedded in your life that it knows your schedule, your spending, your reading habits, your location, and your communication patterns. It is a profile more intimate than any social media platform has ever constructed.
The convergence is the threat. An AI that knows your financials (OpenAI Finance), an AI that serves you ads (OpenAI Ads), an AI that learns your behavior (Google Remy), and an AI you talk to like a friend (ChatGPT) are not four different products. They are four inputs into the same machine. The output is a surveillance and monetization apparatus that makes Facebook's ad targeting look like a children's pop-up book.
Meta contributed its own entry to this story with Incognito Chat, a private mode for Meta AI conversations where messages aren't saved or used for training. It is being marketed as a privacy win. Look closer: the default is surveillance. They are selling you privacy mode as a feature because they made surveillance the baseline.
This is the new privacy theater. You can opt into the "private" version of the product, which proves the standard version isn't. The Incognito Chat button exists because Meta knows you are uncomfortable with what the regular version does with your data. But instead of changing the regular version, they added a toggle and called it innovation.
The Government Is Reading Too
There is one more reader in the room. Microsoft, Google, and xAI have agreed to give the US government early access to new AI models before public release.
Government reviewers evaluate the models for national security risks and capabilities pre-deployment. The stated purpose is safety. The practical result is that the state now has a seat at the table before any frontier model sees daylight.
Combine this with everything else on the list and you get a triangle that hasn't existed before: you on one corner, the AI company on another, and the government on the third. The AI company has your financial data, your conversation history, and soon your behavioral profile through a personalized agent. The government has pre-release access to the models themselves and the national security justification to monitor whatever it deems relevant.
This is the convergence nobody is talking about. When the company holding your bank ledger is the same company giving the federal government pre-deployment model access, the traditional need for a financial subpoena evaporates. They do not need to demand your banking records. They just need "safety access" to the AI that processes them.
You have a "privacy mode" toggle and a terms of service you didn't read.
The national security framing is powerful and real. There are legitimate reasons to evaluate powerful AI models before they reach millions of users. But the civil liberties implications are being treated as an afterthought, and that is not an accident. When you frame everything as national security, civil liberties become the cost of doing business.
What Ownership Looks Like Now
You cannot opt out of this. That is the thesis. These systems are being built into infrastructure, not offered as standalone products you can decline.
Your bank is already using AI fraud detection. Your local police department may already be using facial recognition. AI-generated ads are coming to every platform you use, and the models serving them will know more about you than your spouse does by the end of this decade.
So if you can't opt out, you need to know what you are dealing with. Here are the data streams that exist or are in active development right now, and who has access to them:
Your financial data sits with OpenAI if you connect your accounts, with Plaid if you've ever used a fintech app, and with your bank's internal AI systems regardless. Your face is in government databases if you have a driver's license, and facial recognition access is spreading across law enforcement agencies with minimal oversight. Your conversation data lives with whatever AI assistant you use, and the ad platforms being built on top of them will monetize it. Your behavior data is being compiled by whatever personalized agent eventually wins the market, whether that is Google's Remy or something else.
What can you actually control? Not much, but not nothing.
Don't connect your bank account to ChatGPT. The feature's value proposition does not justify the risk of handing complete financial records to a company that was just breached and is building an ad business.
Use local models for sensitive queries. The sovereign AI stack PhantomByte has been writing about for months isn't just a hobbyist preference anymore. It is the only architecture where your data stays yours.
Turn off data sharing in every AI tool you use. The defaults are designed to harvest. Check your settings and disable training data contributions wherever possible.
Demand regulation that addresses AI data concentration specifically. Not "AI safety" in the abstract, but concrete rules about what data companies can combine, how long they can keep it, and what happens when they get breached.
The Michigan grandmother, the ChatGPT bank connection, the ad platform, the government pre-screening, the personalized agent. These are not bugs. They are features being shipped on the same timeline by the same industry, and nobody asked you about any of them.
The opt-out disappeared while we were all reading the privacy policy.
Get More Articles Like This
Staying informed about AI privacy and surveillance is no longer optional. I'm documenting every development as the opt-out disappears.
Subscribe to receive updates when we publish new content. No spam, just real analysis from the trenches.