MoneyPetrol’s “Exclusive” Interview with Andrew Frost Moroz, founder of Aloha Browser.
As the UAE accelerates toward its 2030 vision of becoming a global AI innovation hub, the browser space is undergoing a seismic shift. With OpenAI rumored to launch a “Chrome killer” and Perplexity already debuting its AI-powered browser Comet, the race to redefine how we interact with the internet is on. But beneath the friendly interfaces and smart assistants lies a deeper concern: privacy of each of us and our businesses.
To unpack the implications of this new wave of AI browsers, MoneyPetrol asked Andrew Frost Moroz, founder of the privacy-first Aloha Browser.
Here are the excerpts of the interview.
MP: Andrew, how will browsing change with the rise of AI?
Andrew: We’re entering an era where browsers don’t just display content — they interpret it, summarize it, and even act on your behalf. AI-powered browsers promise convenience: drafting emails, anticipating questions, and automating tasks. But while the technology feels revolutionary, the underlying business model is anything but.
These tools often rely on deep data extraction. For example, Perplexity’s Comet reportedly tracks “everything users do online” to build hyper-personalized advertising profiles. It’s déjà vu — the same surveillance logic that defined Web 2.0, now embedded into the architecture of AI. The interface may be smarter, but the privacy risks are more serious long-term.
MP: Are you saying we’re repeating the same mistakes from the past?
Andrew: Exactly. Think back to the Cambridge Analytica scandal or Google’s $5 billion lawsuit over tracking users in Incognito mode. Those were wake-up calls. But now, AI systems don’t just store data — they learn from it. They infer your intentions, predict your behavior, and adapt to your habits. This isn’t passive tracking. It’s predictive, persuasive, and largely invisible.
Once your sensitive data is absorbed into an AI model, there’s no reliable way to make it forget. The data becomes part of the model’s DNA, making risks exponentially greater.
MP: What do you see as the biggest threats?
Andrew: The illusion of magic. When your browser finishes your sentences or drafts your emails, it feels seamless. But the cost is often a total loss of privacy. Sam Altman recently confirmed that OpenAI employees can access ChatGPT conversations. It’s unlikely that a browser version would offer stronger protections.
And let’s be honest — clicking “I agree” on a 12,000-word Terms of Service isn’t informed consent. Most users have no idea what they’re giving away, or how that data might be used years from now. We’ve normalized background data collection to the point where it’s invisible. But invisibility doesn’t mean harmlessness.
At Aloha, we’ve built a browser that doesn’t collect, store, or monetize user data. And we believe that this should be the baseline in the industry.
MP: So how do we protect ourselves, especially in regions like the UAE?
Andrew: Regulation is key. The EU AI Act is setting the tone globally, with mandatory compliance by August 2026. Its voluntary Code of Practice already emphasizes transparency, documentation, and accountability — values that should be baked into every AI product.
In UAE, we are actually lucky and well protected. While the UAE doesn’t have a unified AI law, it has developed a sophisticated, multi-jurisdictional framework. Key regulations include the Federal Personal Data Protection Law (2021), which grants rights like data access and erasure; DIFC Regulation 10 (2023), which mandates ethical AI use and impact assessments; and ADGM’s GDPR-aligned rules. Oversight is led by bodies like the AI and Advanced Technology Council (2024) and the National Cybersecurity Strategy (2025). Real-world incidents such as the OmniGPT data leak and a Chrome vulnerability alert have accelerated regulatory momentum, underscoring the UAE’s proactive stance on AI safety and digital resilience.
Earlier this year, the Crown Prince of Dubai, Sheikh Hamdan bin Mohammed, unveiled the world’s first Human-Machine Collaboration Icons to guide researchers and creators in ethical AI deployment. Which sets a great example for the rest of the world.
UAE is indeed serious about privacy. And, for UAE-based firms working with European partners, GDPR compliance is already a must. If you’re deploying AI in finance, healthcare, or marketing, you need to meet EU standards — whether you’re in Dubai, Dublin or Düsseldorf.
MP: Final thoughts — what’s at stake in this new browser war?
Andrew: This isn’t just about market share. It’s about the architecture of digital life. The AI-powered browsers launching today will set technical and cultural norms that could last for decades. If we let them define the “new normal” before the rules are in place, we risk locking ourselves into a system of invisible surveillance far deeper than anything Web 2.0 ever produced.
