Agentic AI browsers ChatGPT Atlas, Comet, and Dia are not permitted at Mid Sweden University

During 2025, several new AI-driven browsers have been launched, including ChatGPT Atlas (OpenAI), Comet (Perplexity AI), and Dia (The Browser Company). These tools fundamentally differ from traditional web browsers and conventional AI services. At the same time, they pose significant risks to information security, data protection, and regulatory compliance.

Against this background, Mid Sweden University has decided that these AI browsers are not permitted in the university’s operations (decision MIUN 2026/461).

If ChatGPT Atlas, Dia, or Comet are nevertheless used within the university’s operations, the user concerned will be contacted and must immediately uninstall the browser in question. Use may not resume without explicit approval from the responsible function at Mid Sweden University.

What are agentic AI browsers – and why are they particularly risky?

ChatGPT Atlas (OpenAI), Comet (Perplexity AI), and Dia (The Browser Company) are examples of so-called agentic AI browsers. This means that the browser does not merely display web pages but can also:

• act autonomously on behalf of the user
• read, interpret, and summarize content automatically
• complete forms and navigate without direct human control
• manage files and interact with external systems
• store memory about the user and adapt its behavior over time

In practice, the AI browser gains the same access as the user – to web services, accounts, documents, and sometimes internal systems. This means that a mistake, misinterpretation, or attack may not only affect the individual user but could also have direct consequences for the university’s information and systems.

Why are agentic AI browsers not permitted?

The use of agentic AI browsers entails, among other things, risks of:

• unauthorized disclosure of personal data, research data, and other sensitive information
• manipulation of the AI browser by malicious or compromised websites
• phishing and social engineering, where the AI is deceived into disclosing information or bypassing security safeguards
• transfer of data to external cloud services, including to countries outside the EU/EEA, without sufficient control
• lack of transparency regarding how, where, and when data is processed, stored, or further transmitted

Taken together, these risks are considered incompatible with the requirements for information security, data protection (GDPR), and responsible information management at Mid Sweden University.

What does the decision mean in practice?

The decision means that ChatGPT Atlas, Comet, and Dia may not be installed or used on the university’s work computers, tablets, or mobile devices. The prohibition also applies to private devices when used for work via Mid Sweden University’s network, university cloud services, VPN, or other remote connections.

What applies instead?

The prohibition specifically concerns AI browsers with agentic functions. It does not include standalone AI services where the user actively chooses what information to input and where the service does not have direct access to the browser, files, or internal systems. Only AI tools formally approved by Mid Sweden University may be used for work purposes.

If you have questions about the use of software or cloud services at Mid Sweden University, or if you are unsure whether a tool is permitted, please contact IT Support for guidance and assistance.