Yesterday I was chatting with a friend who handles marketing for Seedance at ByteDance. He asked me: When you use Claude Code, aren't you worried about data leaks?
I was taken aback.
It's actually an interesting question. I asked myself: Is the stuff on my computer really that valuable?
Honestly, for most people, the data on their personal computers is of rather limited value. In the AI era, information depreciates extremely fast—materials you collected months ago may already be obsolete. Who would store truly sensitive things like bank card passwords on their computer anyway?
But in an enterprise context, this question is an entirely different matter.
Code Is the Real Asset
Everyone has been following the recent conflicts between the US and Iran, and Israel and Iran. Modern warfare relies heavily on intelligence. If the logic of your system code is laid bare to organizations with malicious intent—what you run, how you run it, where your vulnerabilities are—that is not merely a data leak. It is exposing the entire organization, even society, to threat.
This is also why I've always had reservations about cloud-based scanning by coding agents. Before each execution, it has to read your codebase and understand your system. This isn't a one-time event; it is repeated, continuous exposure. If the cloud side is compromised... the consequences are unthinkable.
Therefore, for code of critical systems, privatization is not an option; it is a hard requirement.
Identity Crisis in the Multimodal Era
But this is still just the text scenario. When we move to multimodal—voice, video, portrait—things become completely different.
Seedance Pro, which my friend works on, was very popular recently. You upload a photo, and it can generate a video with your face, your voice, and even recognize the background of your office.
In other words, AI can "replace" you in the digital world by learning your portrait and your living environment.
This is far more terrifying than a code leak. A code leak costs you logic and assets. A portrait leak costs you "you."
So I told my friend: The scenario that most needs privatization in the future isn't code; it's text-to-video.
Most people don't feel this yet. But once a few cases emerge—someone using an AI-generated video to impersonate you for fraud or profit—the public will suddenly realize: Oh, my identity in the digital world can be stolen.
The Nature of Digital Identity
Speaking of digital identity, there's something I've been thinking about for a while.
Suppose I'm a KOL who makes a living on Douyin (TikTok), and all my income comes from that platform. One day, Douyin decides I've done something wrong and bans my account.
What can I do?
The followers, trust, and income I've built up on that platform instantly drop to zero. My digital identity has been erased.
An even closer example: WeChat.
WeChat is actually relatively lenient and doesn't ban accounts casually. But think about it: you've put all your social relationships—family, friends, business partners—on WeChat. All your chat histories and contact details with them are there.
Suppose one day your WeChat account gets banned.
Many people only have your WeChat, not your phone number. To those thousands of people, you suddenly vanish from their world. You might lose 70% or even 80% of your digital existence.
Thinking about this sends a chill down my spine.
The Right to Connect
This is the "right to connect."
The platform controls your ability to connect with others. This ability is essentially an asset. But it does not belong to you.
Zhihu is Zhihu, WeChat is WeChat, Xiaohongshu is Xiaohongshu, and X is X. Each platform is siloed. Everything you accumulate on them is essentially rented. The platform can reclaim it at any time.
This is why I eventually built a personal website.
My domain belongs to me. My website sits at the same level as Xiaohongshu's website—they are both websites using the same protocol; mine is just smaller. What people remember is the domain guanjiawei.ai, the fact that "you can find Guan Jiawei at this address." Not "some account on Zhihu" or "some ID on Douyin."
If Zhihu bans my account, my domain is still there. People can still find me.
Two Layers of Privacy Logic
Back to the original question: How important is data privacy really?
I think we need to look at it in two layers.
For individuals, anything related to identity is extremely important. Your portrait, your voice, the relationships you've built in the digital world—these are your "digital existence." Losing them is, in a sense, social death.
For organizations, identity is out in the open and can't run away. What matters more is "how it runs"—your system logic, your code, your vulnerabilities. The attack surface has grown.
The logic for thinking about the two is completely different.
But one thing is common to both: In the AI era, casually ceding rights is a dangerous thing.
Whether it's your code or your face.