Check out this article:

Using JavaServer Faces Technology with AJAX

This shows a web application that will autocomplete what you type by sending data from a partial field entry to the server. These partial field entries are a web request of some kind to some site. This shows the fine line between endpoints of a web transaction and data. That is, the data including what host made a request, the initial request for information, and what server the request was from can actually include the value of the field. This could easily be abused, both by log file analysis, but also by third party addons on the server side. Like many things, this can be quite useful, as in the case of implementing autocomplete features; however, the possibility of privacy intrusion is a glaring concern.