A free VPN extension promoted as a privacy tool on Google’s Chrome Web Store is at the center of a growing debate over how much user data can be quietly harvested in the name of analytics and how thin the line has become between convenience software and large-scale surveillance.
A Free Tool With an Expensive Trade-Off
For millions of users, Urban VPN Proxy appeared to offer a simple bargain: free access to a virtual private network, endorsed by a “featured” badge on Google’s Chrome Web Store. At the time of writing, the extension had been installed by roughly six million people, a scale that rivaled paid privacy tools and suggested mainstream trust. That trust, researchers now argue, may have been misplaced.
An investigation by Koi Security, a Tel Aviv–based cybersecurity firm, found that Urban VPN Proxy operates far beyond the conventional scope of a VPN. According to Koi, the extension embeds background scripts that continuously monitor and extract user interactions with popular artificial intelligence platforms including OpenAI’s ChatGPT, Anthropic’s Claude, Google’s Gemini, DeepSeek, and xAI’s Grok.
The data collected, researchers say, spans nearly the full range of modern AI use: personal dilemmas, financial details, medical questions, and even proprietary code.
“Assume any AI conversations you’ve had since July 2025 have been captured and shared with third parties,” Idan Dardikman, a Koi researcher, warned in a public advisory.
How the Scraping Works and Why Users Can’t Opt Out
Unlike traditional VPNs, which primarily route traffic through encrypted tunnels, Urban VPN Proxy is designed to observe what users type into web-based AI interfaces. The investigation found that this scraping behavior is enabled by default and runs continuously, regardless of whether the VPN toggle is switched on or off.
More striking, researchers say, is what users cannot do. There is no visible setting within the extension to disable the data collection. The only way to halt it, according to Koi and corroborated by reporting from Forbes, is to uninstall the extension entirely.
This design choice places users in a binary position: accept ongoing data extraction or abandon the service altogether. Privacy advocates argue that such an arrangement undermines meaningful consent, particularly when many users install browser extensions with little expectation that their conversations especially those involving AI tools marketed as private are being monitored.
The Business Behind the Browser Extension
Urban VPN Proxy is operated by Urban Cyber Security Inc., which has not concealed the broader commercial purpose of the data it collects. Its privacy policy states that web browsing data may be shared with an affiliated company, BiScience, a data brokerage firm that “uses this raw data and creates insights which are commercially used and shared with business partners.”
In effect, researchers say, the extension functions as a large-scale data collection pipeline, transforming individual user activity into aggregated marketing intelligence.
The scope extends beyond a single product. Forbes reports that at least seven additional browser extensions from the same publisher use “identical AI harvesting functionality,” together accounting for more than two million additional users. All but one of these extensions carry a “featured” label on the Chrome Web Store a marker that many users interpret as a form of vetting or endorsement by Google.
Platform Endorsements and the Limits of Oversight
The presence of Google’s “featured” badge has raised uncomfortable questions about platform accountability. While the Chrome Web Store requires developers to disclose data practices, critics argue that dense privacy policies and technical permissions rarely translate into informed user understanding.
Urban VPN Proxy’s Chrome Web Store listing states that user data is not sold to third parties “outside of approved use cases” and is not used for purposes unrelated to the extension’s core functionality. Privacy experts note, however, that such language leaves ample room for interpretation — particularly when “core functionality” includes data monetization through affiliated entities.
As AI tools become embedded in everyday work, health, and financial decision-making, the value of conversational data has soared and so have incentives to collect it. For users, the revelation has revived an old internet maxim, now reframed for the AI age: when a privacy tool is free, the real currency may be the conversation itself.
