Trust & Security · 11 min read

Your Product Data Is Being Scraped to Train AI Models. Here Is How to Stop It.

In 2025, the FTC opened investigations into AI companies scraping merchant product data without consent. If you connect your catalog to any AI commerce platform without understanding the data flow, you risk feeding your competitive intelligence to models that serve your competitors. Privacy-first architecture is not optional — it is survival.

The Data You Did Not Know You Were Giving Away

In early 2025, a security researcher published a dataset analysis showing that multiple commercial AI training corpora contained scraped e-commerce product data — complete with pricing histories, product descriptions, and in some cases, customer review text — harvested from merchant websites without explicit consent.

The Federal Trade Commission took notice. By mid-2025, the FTC had opened preliminary investigations into several AI companies over undisclosed data collection practices. The message was clear: just because data is on the public web does not mean it is free to use for AI training.

But here is the part that should really alarm independent merchants: even if scraping-for-training gets regulated away, the basic problem remains. Every time an AI agent queries your product data, there is a data flow. That data passes through systems you do not control. If you do not understand exactly what happens to your data after it leaves your server, you are taking a bet with your competitive intelligence.

Your pricing strategy. Your inventory patterns. Your bestseller data. Your promotional calendar. All of it is visible to AI agents that interact with your store. The question is whether that data gets used only for its intended purpose — helping consumers find your products — or whether it gets aggregated, analyzed, and fed back into systems that benefit your competitors.

What Is Actually at Stake

Let me break this into four layers of data sensitivity that merchants typically do not think about:

Layer 1: Product catalog data — This is intentionally public. You want AI agents to see your product titles, descriptions, and prices. This is GEO in action. Low privacy concern.

Layer 2: Operational data — Inventory levels, restock frequencies, sales velocity, promotional timing. This data has real competitive value. A competitor who can track your inventory drawdown rates and restock cycles can time their promotions to steal sales during your stockouts. Most merchants expose this inadvertently through real-time stock counters on their product pages.

Layer 3: Customer data — Purchase histories, email addresses, shipping details, behavioral analytics. This is protected by GDPR, CCPA, and other privacy regulations. Unauthorized exposure creates legal liability. Period.

Layer 4: Transaction intelligence — Aggregate order values, refund rates, chargeback patterns, customer lifetime value. This is strategic intelligence. If it ends up in a competitor's hands or a training dataset, the damage is not immediately visible but is profoundly harmful.

When you connect your store to an AI commerce platform, all four layers are potentially in play. The critical question is: which layers does the platform access, and what does it do with the data after serving its commerce function?

Five Non-Negotiable Privacy Principles

If you are evaluating AI commerce infrastructure, here is what you should demand. Not as nice-to-haves. As deal-breakers.

1. Protocol-Level Data Minimization

The platform should expose only the data that each AI agent actually needs. A product discovery agent needs titles, prices, and availability. It does not need your customer database, your supplier costs, or your margin data.

ORBEXA implements this through protocol-specific data scoping. UCP endpoints serve product catalog data only. MCP resources are configurable — merchants control which product attributes are exposed. ACP handles payment through tokenized references via Stripe — the AI agent never sees raw payment data. At no point does customer data (Layer 3) or transaction intelligence (Layer 4) flow through protocol endpoints.

2. Contractual No-Training Guarantee

This is the single most important question to ask any AI commerce platform: "Will my data be used to train AI models?"

If the answer is anything other than an unqualified "no," walk away.

ORBEXA maintains a contractual no-training policy. Merchant data passes through the Knowledge Graph engine and is served to AI agents through protocol endpoints. It is not exported to third parties, not aggregated across merchants, and not used for model fine-tuning. The data processing agreement makes this legally binding.

3. Complete Data Sovereignty

You retain ownership. Full stop. This means:

Deletion — You can delete all your data from the platform at any time. Deletion propagates to caches, Knowledge Graph derivatives, and CDN edge nodes within 24 hours. "Within 24 hours" is not a suggestion — it is SLA-backed.

Export — You can export your complete dataset in standard formats (JSON, CSV) at any time. No vendor lock-in. If you leave, you take everything with you.

Audit — You can see exactly which AI agents accessed your data, when, and what specific data was served. This is not aggregated analytics. It is request-level audit logging.

Scoping — You control which data fields are exposed through which protocols. Want to share product titles and prices through UCP but hide inventory levels? That is a configuration toggle, not a feature request.

4. Encryption Everywhere

AES-256 encryption at rest. TLS 1.3 in transit. API keys in encrypted vaults with automatic rotation. HTTPS-only protocol endpoints with HSTS enforcement. Certificate transparency logging.

These are table stakes, not differentiators. If a platform cannot confirm all of these, they are not ready for production commerce data.

5. Multi-Tenant Isolation

Your data must be logically isolated from every other merchant on the platform. Row-level security policies enforced at the database level, not the application level. A compromised API key for Merchant A must not provide any access to Merchant B's data. Not even metadata. Not even the fact that Merchant B exists on the platform.

ORBEXA's architecture uses database-level tenant isolation with row-level security policies. Each merchant's data partition is cryptographically separate. Cross-tenant data access is architecturally impossible, not just policy-prohibited.

How a Privacy-First AI Commerce Request Actually Works

Here is the actual data flow when an AI agent queries a merchant's UCP endpoint through ORBEXA:

  1. Agent sends authenticated request to merchant's UCP endpoint
  2. Request is validated: API key check, rate limit check, protocol compliance check
  3. Knowledge Graph serves product data from the merchant's isolated partition
  4. Response contains only product catalog data (Layer 1) — no operational, customer, or transaction data
  5. Response is logged for merchant audit access
  6. No data from this interaction is stored for training, aggregation, or third-party use
  7. Merchant can view this interaction in their analytics dashboard in real time

At every step, the principle is the same: minimum data exposure, maximum merchant control, zero secondary use.

The Real Risk of Doing Nothing

Some merchants think privacy concerns are a reason to avoid AI commerce integration entirely. "If I do not connect to any platform, my data stays safe."

This is a false sense of security. Your product data is already on the public web. AI training datasets are already scraping it. The difference is that uncontrolled scraping gives you zero control over how your data is used, while a privacy-first platform gives you structured access with contractual protections.

Not integrating does not protect your data. It just means you get scraped without consent AND miss out on AI agent traffic. The worst of both worlds.

What to Ask Before You Connect

Before connecting your store to any AI commerce platform, demand clear answers to these questions:

  1. Will my product data be used to train any AI model? (Only acceptable answer: No.)
  2. Can I delete all my data from your platform at any time? (Only acceptable answer: Yes, within 24 hours.)
  3. Is my data isolated from other merchants at the database level? (Only acceptable answer: Yes, with row-level security.)
  4. Can I see which AI agents accessed my data and what was served? (Only acceptable answer: Yes, at the request level.)
  5. Do you share my data with any third parties? (Only acceptable answer: No.)

If you get evasive answers or redirects to general privacy policy pages, you have your answer.

Related Articles

Open Trust Registry: Six-Dimension Trust Scoring for 270,000+ Commerce Brands
← Back to News