ChatGPT 101: Avoiding Privacy Pitfalls while using ChatGPT

-

Created with Microsoft Bing Image Creator powered by DALL-E

What is ChatGPT? 

ChatGPT is a generative artificial intelligence (AI) chatbot developed by OpenAI that went viral after its release last winter. A significant aspect of its appeal lay in the large language model (LLM)'s ability to converse with the user and give coherent, human-like answers to the user's questions (called "prompts"). This quickly led widespread excitement over the AI tool's potential ability to supplant Google search as the portal of knowledge, as well as the immense boost to efficiency that using ChatGPT at work and in daily life may provide. 

However, with the excitement came concerns over the potential flaws of ChatGPT and the ways people could abuse it. These concerns ranged from warnings by various experts on how ChatGPT's responses are often inaccurate or the AI could be tricked, to high-profile celebrities such as Elon Musk accusing OpenAi and Google of "training the AI to lie" and "not taking AI safety seriously". 

Here, we will look at the potential privacy pitfalls you can avoid while using ChatGPT. 


What are the pitfalls? 

1) Terms of Use. 

        Reading the Terms of Use is important for all online services you use, but it may be doubly so with ChatGPT. This is due to the Indemnification Clause in Section 7 of the Terms of Use that users of OpenAI's services - including ChatGPT - must agree to, which essentially state that a user will be held liable for any claims, losses, and expenses arising from lawsuits against OpenAI if that lawsuit or liability originated from the user's use of ChatGPT. While such indemnification clauses are commonly used by online services, you should still be wary about it since the legal issues around ChatGPT are just as varied and numerous as its potential uses. While using disclaimers may help (such as a disclaimer that one's user of ChatGPT is purely for entertainment and not meant to give factual information), it is nonetheless a risk that users should be aware of. 

2) Violation of International Law - GDPR, Italy's ban: 

        OpenAI has many potential problems with the GDPR, namely over the processing of personal data. For instance, one possible problem is that information entered into ChatGPT through prompts are 'processed' by OpenAI and kept to train its models. This means that if you enter any personal information of yourself or others, this can be viewed as processing personal information without consent. Further exacerbating this is the potential that a minor is the one entering their personal information, since children enjoy far stricter protections under the GDPR. Such reasons were why Italy's data protection authority prohibited ChatGPT until April 28th, when OpenAI agreed to make changes, including opt-out consent forms and age verification for users. 

        The specifics of which law applies to ChatGPT depends on multiple factors, such as where you live, where your data is being sent, etc. Further complicating the situation is the current absence of proper regulation addressing ChatGPT and similar generative AI chatbots. As a result, there is a significant legal grey area where new precedents are constantly being set, and Data Protection Authorities (DPAs) are relatively free to investigate and 'set the boundaries' of AI regulation until proper legislation is passed. Therefore, with there no set guidelines yet on acceptable uses or limitations for ChatGPT, it is important to at least do due diligence on possible privacy risks (as well as get professional advice!). A company that did not check whether OpenAI processed and kept all chat history would likely be in much greater legal troubles than a company that did due diligence and did their best to limit their use of ChatGPT to what seemed permissible under law. 

3) Violation of confidentiality or security contracts. 

        Given that OpenAI uses the interactions that users have with ChatGPT to further train their models, as well as storing chat history for their own use, any information you enter into ChatGPT will likely be considered as now being controlled and processed by a third party (OpenAI). This means if you agreed to any contract requiring confidentiality of information between yourself and the contracting party (such as your client), entering said party's information into ChatGPT would likely be a breach of that contract. Moreover, since one of OpenAI's terms of use includes an indemnification clause, the liability and the penalties associated with it would likely fall onto you as the user, even if the aggrieved party (whose information was breached) sued OpenAI.  


Suggested Steps to Avoid Privacy Issues 

Please note that you can also replace ChatGPT in these steps with most other generative AI chatbots, such as Google's Bard and Bing's chatbot system. 

1) Check the content you plan to enter into the prompts. Are they somebody's (including yourself) personal information? For instance, entering your social security number into ChatGPT would be extremely inadvisable. Ask yourself whether it may constitute a privacy breach if your prompts were read by anyone other than yourself. 

2) Check what other laws or contracts may apply to your prompts. For instance, if you are at work, and you are asked to summarize confidential company documents, entering them into ChatGPT (to ask it to summarize the docs for you) despite having signed a confidentiality agreement would likely be a breach of contract as well as a breach of privacy and any confidentiality duties. Your location matters as well: Canadian, US, and EU privacy laws differ greatly in how strictly they regulate privacy breaches relating to ChatGPT. 

3) Check your OpenAI account Data Control settings: OpenAI now has new Data Control settings that allow you to turn off "Chat History and Training". This will automatically delete new chats henceforth from OpenAI's systems within 30 days, and prevent those new chats from being used to train OpenAI's models. Note, however, that OpenAI can still review new chats within 30 days for 'abuse', which may constitute a privacy breach regardless. 

4) Consider whether getting a waiver or consent form regarding the use of ChatGPT is feasible. For instance, explicit permission allowing you to enter personal or confidential information, with full knowledge of the aforementioned privacy pitfalls and other potential legal hazards, may be enough to protect you from liability. However, it would be advisable to consult a legal professional to be certain.

5) Consult other professionals for advice. This is especially true in the workplace; using ChatGPT to facilitate or innovate some aspect of your job should be done after consulting higher-ups, and in time most companies will likely set company policy on the user of AI-tools for work that you can refer to. 

6) The simplest solution, just don't enter any prompt that might have the slightest risk of causing a privacy breach. Although ChatGPT is an incredible, groundbreaking tool and perhaps the next step of technological development, it is still in its early phases with new discoveries being made every day. This breakneck pace of AI technology also means that legislation and regulation addressing such generative AI is still in development, with many uncertainties. Therefore, the safest option is to simply avoid the risk by not entering potentially sensitive information into ChatGPT. 


Thank you for reading, and I hope you found it informative and interesting.

If you are interested in discussing more about how ChatGPT can be used in such legal contexts, or have any questions, contact me at hello@simplawfy.ca 

Disclaimer: This story is only intended to be used for educational or recreational purposes. Responses by ChatGPT and similar AI chatbots, if mentioned in this story, should NOT be relied upon as factual. NO legal advice is being provided, and users must understand that there is NO attorney client relationship between you and the story publisher. The story should NOT be used as a substitute for competent legal advice from a licensed professional attorney in your state/country. 



Comments

Post a Comment

Popular posts from this blog

Seeking ChatGPT's Insight: Are the Biden Administration's 'Trump-Proofing' Efforts Legally and Morally Justifiable?

-
Image
  Recently, polls indicate that former President Trump's chances for returning to Presidency have become increasingly likely. Given this, there have been rising attempts over the past year by the Biden administration to "Trump-proof" matters so that if Trump is re-elected, he will be unable to (or at least have difficulty in) reversing or nullifying the current policy and agreements.  I decided to ask ChatGPT on this topic because I was curious on whether these efforts by the Biden administration would be successful in restraining Trump, or even whether such actions were morally and legally viable. My doubts arose because actions taken to completely deny or restrain future Presidents from changing policy or agreements (generally speaking), especially if such measures came from Executive Orders, seem to be against the democratic spirit even if they are meant to protect against possible abuse of presidential power.  My question to ChatGPT: Do you believe that the Biden admi
Read more

ChatGPT's Age-related Slogans for Biden, Trump, and Desantis.

-
Image
          Looking at the upcoming US presidential elections, two of the three (as of now) nominees seem to face questions over whether they are 'too old' to run. At 80 years old, Biden is the oldest president to serve, with Trump similarly advanced in years at 76. Compared to them, DeSantis at 44 years old is far younger. Given this potential point of debate, I asked ChatGPT 4 to theorize how these presidential candidates might defend their positions or attack their opponents on the topic of age, as well as to generate possible political slogans they could use relating to this. Here is the political strategies ChatGPT suggested, as well as some creative slogans it came up with. Keep in mind, the entire following article and slogans were generated by ChatGPT, with no edits by myself aside from the initial prompting and guiding (through more prompts) to arrive at this result.  ChatGPT 4.0:  Title: Age as a Tool: Politicking in the Prime of Life and Beyond           In today's
Read more

Unraveling the WGA’s MBA with ChatGPT: Expert Analysis or Algorithmic Bias Towards Legalese?

-
Image
On Oct 9, the Writers Guild of America (WGA) overwhelmingly voted in favour of ratifying the 2023 Minimum Basic Agreement (MBA), which will apply until May 1, 2026. While most news outlets have reported on this as a major win for the writers guild, I grew curious on whether there were any shortcomings in the agreement since the the entertainment industry’s capitulation seemed to come quite abruptly compared to their former hardline opposition to any concessions. Since I am not a legal expert on contract law, I turned to ChatGPT instead to see if it could provide a fresh perspective. Given that the WGA provided both the complete 2023 MBA as well as a summary, I chose to try inputting both into ChatGPT, focusing particularly on the Artificial Intelligence clauses. However, the results made me ponder whether ChatGPT’s analysis might be influenced by bias or randomness. ChatGPT’s analysis of the summary and the complete 2023 MBA: Upon analyzing the summary, ChatGPT initially gave off a ske
Read more