On June 4, OpenAI released Dreaming V3 — ChatGPT’s next-generation auto-memory architecture. After each conversation, a background process kicks in automatically, reads your entire chat history, and synthesizes a user profile containing your preferences, project state, and temporal context. No trigger needed. No confirmation needed. Compute efficiency improved fivefold. For the first time, it’s available to Free users. OpenAI’s blog included three comparison demos: ChatGPT with memory could recognize a user’s camera gear to recommend matching accessories, remember a user was vegetarian to give dietary advice, and adjust restaurant recommendations based on the user having already left Singapore. The difference was stark.
But what OpenAI didn’t write about is what happens when it gets things wrong.
I turned off ChatGPT’s memory after two weeks. It remembered wrong. I once discussed a plant-based diet experiment, and two weeks later it was still pushing vegan restaurants at me. I had gone back to a normal diet, but it didn’t know. It was holding an outdated dossier on me and acting on it.
On Reddit, a user who had previously used ChatGPT to translate Plato sentence by sentence, with detailed notes on differences between translations, found that after the Dreaming V3 upgrade, all those notes were compressed into a single sentence: “User has shown interest in careful readings of Plato.”
Trust has a particular property. It doesn’t “gradually improve” the way other product metrics do. Seventy percent accuracy is “not bad” to an engineer. To a user, it’s “30% is wrong — what can I even trust anymore.” A system that runs silently in the background, continuously updating a profile about you, without you knowing anything about it — it only takes a few mistakes for trust to evaporate. Users won’t file complaints. They won’t adjust settings. They’ll just quietly turn it off.
That’s exactly how I turned it off. It misremembered a few things about me. I couldn’t trace which conversation caused it, and I couldn’t see the path it took to reach that conclusion.
But this trust problem isn’t unique to Dreaming V3. To understand why it’s a design-level flaw inherent to the auto-memory category itself, we need to look at how the three major AI labs arrived here.
When Dreaming V3 launched, the discussion volume drowned out both Claude and Gemini. Many assumed OpenAI was leading the pack on this. But in reality, on the auto-background-memory track, OpenAI was the last of the three to arrive.
ChatGPT had memory early on. It launched in April 2024, but it was manual. Users had to explicitly say “remember this” for the system to store it in a list. Like someone who only remembers what you wrote on a sticky note and forgets everything else. Another problem: memories went stale. You’d tell it “I’m in Singapore, recommend tonight’s restaurant,” and it would store that fact permanently. Two weeks later, back in California, it was still recommending Singapore takeout. In April 2025, OpenAI added a layer — Dreaming V0, a background process that let the model pull context from chat history to supplement manually saved memories. But it was only auxiliary. The main engine was still manual.
The first company to actually build auto-memory as a standalone product was Google.
In August 2025, Gemini launched Personal Context. Enabled by default, it learned preferences and interests automatically from all past conversations in the background, evolving continuously across sessions. Users no longer needed to say “remember.” The system decided for itself what was worth remembering. Michael Siliski, Google DeepMind’s Product Lead for the Gemini App, wrote in the blog post that they wanted to create an “AI assistant that doesn’t respond to everyone the same way.”
Anthropic also released a version of cross-session memory in August 2025, but it required users to actively ask Claude to reference previous conversations. By May 2026, Anthropic launched AutoMemory — a background system that extracted, deduplicated, and organized project and preference information from conversations into a file users could view and edit. Its transparency and editability were the highest among the three.
OpenAI’s Dreaming V3 came in third. Launched June 4, 2026. It upgraded the previously auxiliary Dreaming into an independent memory system: after every chat, it automatically synthesized preferences, project state, and temporal context in the background. No trigger needed at all. Efficiency improved fivefold. Available to Free users for the first time. Plus and Pro storage doubled.
The three took different technical paths: Google went with platform integration (your emails, calendar, and documents serve as ground truth), Anthropic took a file-based transparency route where users could see everything, and OpenAI went with the most extreme low-control, high-convenience path. No questions asked. Nothing for you to see. Runs in the background on its own. But all three were ultimately heading in the same direction: letting AI decide for itself what to remember about you.
And then Europe blocked the entire road.
Dreaming V3 is not available in the European Economic Area, Switzerland, or the UK. Google’s Personal Context — not available. Claude’s AutoMemory — not available.
Three companies building auto-memory. Three companies collectively absent from Europe.
This isn’t some niche market you can ignore. The EU has 450 million people and a GDP comparable to the US. On the OpenAI Developer Forum, the top-voted post title reads: “So OpenAI’s solution to the EU’s privacy laws is to lock us out entirely?” The post says: “They disabled memory features across the EEA, UK, Switzerland, Norway, Iceland, Liechtenstein — while still charging us full price.” The admin reply was a single line: “This feature is not available in the EU and Switzerland.”
Same story on Gemini’s help community. A user posted in December 2025 asking why they couldn’t find the “Personal context” toggle. A Product Expert replied that the feature wasn’t available for Workspace enterprise accounts, and even for personal accounts, a long list of excluded countries applied.
The reason for the absence is clear. It’s written in the law.
Article 50 of the EU AI Act, effective August 2, requires all AI systems that interact directly with people to provide transparency: users must know they’re interacting with an AI and must be able to understand what the system is doing. The scope of this requirement is extremely broad. It doesn’t just apply to “high-risk” systems — all AI products are covered. Draft guidance published by the European Commission in May 2026 further requires “full-lifecycle transparency by design.”
Meanwhile, GDPR Article 4(4) defines “profiling” as: “automated processing of personal data to evaluate personal aspects, in particular to analyse or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, and behavior.” Auto-memory does exactly this: it reads conversation history, evaluates user preferences and interests, and generates a persistent user model. In legal terms, there is almost no room to argue it doesn’t fall under the definition of profiling.
Once classified as profiling, the following GDPR provisions all trigger. Articles 13–14: users must be informed of the existence of profiling, its logic, and its expected consequences. Article 15: users have the right to access profiling data. Article 16: users have the right to correct inaccurate inferences. Article 17: users have the right to request deletion. Article 21: users have the right to object to profiling. Article 35: given the involvement of new technologies and large-scale processing, a Data Protection Impact Assessment is almost certainly required.
Not just one provision. All of them.
The three things that make auto-memory work well are precisely what these laws target. No consent — triggers the right to be informed and the right to object. Background automatic synthesis — triggers the profiling definition and DPIA. Continuous evolution across sessions — makes data minimization and purpose limitation difficult to defend under serious interpretation. Three pillars of the product. Three compliance trigger lines.
Ordinary product tensions can be resolved through trade-offs. Privacy versus convenience is a trade-off: if you want more precise recommendations, you give up some privacy. The two pull in opposite directions, and you find a spot in between.
The tension in auto-memory isn’t a trade-off. The more automatic you make it, the larger the compliance exposure becomes — because the three mechanisms that make it automatic are precisely what the law requires you to disclose and control. The two aren’t pulling in opposite directions. They’re bound together, moving in the same direction. Every step you take toward more automation, the system takes an equal step toward more regulatory violation. The very product value proposition is the mechanism that generates compliance risk.
A memory summary page, with per-item deletion and a toggle, might meet the minimum requirements on a compliance checklist. But how much overlap remains between that version of the product and the one OpenAI unveiled on stage — “you don’t have to do anything, it will get to know you on its own”?
The discussion above has been abstract. It’s about how legal logic and product logic collide. But what does auto-memory actually record when applied to real personal data? Is there independent evidence? There is.
In February of this year, a group of researchers from Germany and the Netherlands posted a paper on arXiv (arxiv:2602.01450), later accepted at ACM Web Conference 2026. The title: The Algorithmic Self-Portrait: Deconstructing Memory in ChatGPT. The method was direct: using GDPR data access rights, they obtained complete chat histories plus all stored memories from 80 ChatGPT users, each with at least 100 conversations. In total: 1,058 conversations, 22,971 queries, 2,050 memories.
The study examined four dimensions. Taken together, these four dimensions form a chain: the system, without your knowledge, built a dossier about you — a dossier that not only recorded what you said but inferred what kind of person you are, and did so with high accuracy.
First dimension: who is in control. Ninety-six percent of memories were created unilaterally by the system. Only 4% were triggered by users. This means it’s not a feature you use. It’s a background process that runs on you. You’re not teaching the AI to remember you. You’re being recorded by it.
Second dimension: what it remembers. Twenty-eight percent of memories contained personal data as defined by GDPR. Seven percent fell under “special category data” — health, sexual orientation, political views, and so on. Names appeared in 41% of memories. It wasn’t just remembering what pizza topping you like.
Third dimension: it’s also inferring. The researchers applied a Theory of Mind framework for classification. Fifty-two percent of memories contained psychological content: Desires — what users want, 73%; Intentions — what users plan to do, 16%; Emotions, 14%; Beliefs, 11%. Ninety-seven percent of participants had at least one psychological inference recorded by the system. The paper puts it precisely: “ChatGPT’s memory may encode not only who the user is, but also how the user thinks and feels.”
Fourth dimension: how accurate is it. Eighty-four percent of memories faithfully corresponded to source conversations. This number is easy to misread. If it were inaccurate, you could say the system hallucinates — the feature is broken, not worth using. But it’s accurate. Which means the first three dimensions aren’t system malfunctions. They represent the system, by design, doing exactly what it was built to do. In your absence, it constructed an accurate dossier about you — containing sensitive content, annotated with your psychological tendencies.
The researchers also tried something else: using open-source models to reverse-engineer ChatGPT’s memory extraction logic, to see what would happen if memories were extracted from every query. The result: the proportion of sensitive information rose from 28% to 35%. This means ChatGPT is already filtering — but what the filtering criteria are, you have no way of knowing, and no toggle to control.
Three companies. Three auto-memory products. All three hitting a wall in Europe. If only one were blocked, it would be that company’s problem. When all three are blocked, the premise of the product design itself is incompatible with the legal framework.
I’m not saying “compliance is too hard.” I’m saying something simpler: auto-memory, as currently defined — no consent, nothing for you to see, running in the background on its own — cannot be fully compliant under any serious privacy regulation. It can’t, because by definition it can’t. The moment the words “no consent” were written into the product architecture, the compliance gap was already inscribed.
There’s a bigger bet here too. All three companies are betting on the same thing: that users will accept AI continuously making judgments about them, in an invisible place, in exchange for the convenience of “the AI understands me.” If they’re right, auto-memory will be the stickiest feature ever built. If they’re wrong — once users realize that those invisible judgments might be wrong, might be unchangeable, and might shape their experience more than they think — then it’s not an engine. It’s the fastest exit door.
I lost my own bet. It was those vegetarian restaurants it kept recommending. It just kept recommending them for too long.