ChatGPT and generative artificial intelligence (AI) tools have become popular for their ability to perform tasks and deliver human-like responses to queries.
However, ChatGPT comes with several privacy concerns, including:
- Excessive collection of user data
- Using your data to train AIs, which can lead to data leaks
- Sharing of your personal data with third parties
To protect your privacy, you can send an email to OpenAI, ChatGPT’s parent company, or fill out the data removal request form.
We also recommend using NordVPN to encrypt and anonymize your traffic, giving you extra security and privacy when you access ChatGPT.
Read the full article to dig deeper into the privacy concerns of natural language processing programs and what you can do about it.
Since launching in November 2022, ChatGPT has become the fastest-growing platform in history, boasting over a billion users. This natural language processing (NLP) tool can generate human-like responses to virtually any question or prompt. However, there are serious ChatGPT privacy concerns about how it handles user data.
Each day, ChatGPT and other generative artificial intelligence tools collect and process millions of queries. How they handle user data, and their willingness to share user information with third parties, can be unnerving.
In this article, we explore key ChatGPT privacy concerns and the best workarounds to protect your privacy.
Privacy Risks of Generative Chatbots
ChatGPT’s privacy concerns are numerous, and they all concern the handling of personal data. These concerns have led to data protection watchdogs considering banning ChatGPT. Let’s walk through these privacy issues.
1. Your data or work might have been used to train ChatGPT
OpenAI’s trainers fed over 570 GB of data, or 300 billion words, into ChatGPT to train it to provide human-like responses. These words were scraped from all kinds of content on the internet, including blogs and articles, blog post comments, web texts, books, and posts.
Chances are, your content might be part of the data used to train the AI. If your content was used to train ChatGPT, then that could be a violation of privacy rights, as OpenAI did not consult you before feeding your original work into ChatGPT.
Furthermore, there’s no indication that OpenAI paid for the words it used. Considering it now has a paid tier on its platform, it seems the AI tool could be making money from copyrighted information.
We tested ChatGPT’s copyright compliance by asking it to reproduce the first few paragraphs of Steven Covey’s “The 7 Habits of Highly Effective People”. Although the book is copyright-protected, ChatGPT produced the first few paragraphs of the first page.
ChatGPT’s willingness to provide copyrighted content without the author’s consent is troubling and smacks of copyright violations.
2. ChatGPT collects excessive user data
ChatGPT and other generative chatbots collect a wide range of your personal data when you use their services. Note that you’ll have to create an account to access the service — in other words, you’re required to feed the AI your data before you can use it.
We analyzed the ChatGPT privacy policy and discovered that it collects data on the following:
- Account information: Records your name, contact, payment information, and transaction history
- User content: Stores content of user interactions, content users engage with, inputs, and file uploads
- Social media information: Keeps track of personal information you provide when interacting with ChatGPT’s social media accounts
- Technical information: Collects users IP address, browser type, operating system information, connection timestamps, and cookies
The above information constitutes personally identifiable information (PII), which can be risky for an organization to have. In other words, if hackers get their hands on this information, they can build a profile and trace you.
3. OpenAI records your conversations and uses them to train ChatGPT
ChatGPT utilizes user interactions to retrain the AI and make it smarter. In the ChatGPT privacy policy, OpenAI declares the following: “We may use Content you provide us to improve our Services, for example, to train the models that power ChatGPT.”
This indicates that ChatGPT could inadvertently reveal your personal information if the data you provide ends up as an answer to someone else’s prompts.
Samsung experienced a similar situation early in 2023. Engineers from its semiconductor division tried to fix issues with a program by entering the source code and their internal meeting notes into ChatGPT. Unwittingly, they leaked this information to OpenAI and anyone who knew the right prompts to use.
Samsung has responded by restricting employee use of ChatGPT. The company is even creating its own chatbot so workers don’t have to depend on ChatGPT.
4. ChatGPT can share your information with third-parties
Even more alarming is the fact that ChatGPT is willing to share your information with the following:
- Vendors: This includes service providers, including hosting services, cloud services, IT providers, event management companies, email services, and web analytics services.
- Business transfers: Your personal information could be transferred when OpenAI gets net affiliates or is taken over.
- Legal requirements: OpenAI might share your information with law enforcement agencies to comply with legal demands and defend their rights and properties.
- Affiliates: OpenAI might share your information with all companies connected to it.
Again, your personal information could end up virtually anywhere.
5. AI can be breached
In March 2023, OpenAI suffered a data breach, which forced them to take ChatGPT offline for a period. A bug in its source code caused the breach, and it allowed any active user to see another user’s chat history.
Furthermore, the breach resulted in the exposure of payment-related information of users, including the following:
- First and last name
- Payment address
- Email address
- Type of credit card
- Last four digits of credit cards
- The expiration date of credit cards
ChatGPT reacted quickly, fixing the bug and alerting users who might have had their information exposed. They also improved the robustness of their cache and launched a bounty program to keep a step ahead of bugs.
However, this data leak shows that ChatGPT’s systems are not foolproof, and user data could be at the mercy of any hacker who gets in.
How to Protect Your Privacy While Using ChatGPT
There are a handful of steps you can take for data protection while using generative AIs. We’ve outlined them below:
- Request that ChatGPT removes your personal information. To do that, fill out ChatGPT’s dedicated data removal form. You may need to add screenshots of prompts and responses if you discover that ChatGPT reveals sensitive data about you.
- Withdraw or restrict the processing of your personal information. To do that, send an email to dsar@openai.com, explaining what you’d like ChatGPT to do with your data.
- Request removal if you suspect ChatGPT has users under 13. Send a message to legal@openai.com if you think someone under 13 has inadvertently submitted personal information to ChatGPT.
- Avoid sharing too much information with ChatGPT. When interacting with the chatbot, don’t share any information you wouldn’t want to be available to the public. This includes personal information, corporate secrets, and confidential documents.
- Use a virtual private network (VPN). A VPN prevents ChatGPT from collecting your real IP address, which can be used to identify your location. By connecting to a VPN server, you replace your IP address with an IP address provided by the VPN.
How to request data removal from ChatGPT
To get your data out of ChatGPT’s database, follow these steps.
- Click on ChatGPT’s personal data removal form. The link to the form can be found here or in ChatGPT’s privacy policy, under “Your Rights.”
- Fill in all the mandatory fields. This includes your name, email, and countries whose privacy laws apply to you, like the General Data Protection Regulation (GDPR) for Europeans. You also have to specify the person you’re acting on behalf of (you’ll choose “myself” if you’re the one in question). If you’re asking for data removal for someone else, you’ll have to highlight how you’re related to establish a legal basis for your request.
- Enter evidence of ChatGPT having your personal data. This includes the text that brought out the information and screenshots of the ChatGPT results.
- Mark all the sworn statements, add your signature and data and then click submit. Expect to hear back from OpenAI regarding your ChatGPT data privacy request.
How to Unblock ChatGPT: Use NordVPN
ChatGPT is banned in countries like China, Iran, Syria, Cuba, and Russia. Certainly, there are privacy and security concerns regarding ChatGPT that may constitute a ban.
However, banning the website may prevent users from investigating if ChatGPT has their data. As of writing, there’s no other way of testing if ChatGPT has your data aside from prompting the AI tool to provide information about you.
Since ChatGPT launched, we tested various VPNs to see which one unblocks the website best. In all our tests, NordVPN ranked first, successfully unblocking ChatGPT in countries where the service has been restricted.
- Fast and large worldwide network of VPN servers
- Perfect for privacy and streaming
- Trusted by many, with over 14 million users
You can use NordVPN’s 30-day money-back guarantee to get a free trial of the VPN service. 30 days should be more than enough to test if ChatGPT has any content or information about you.
For more information, read our in-depth review of NordVPN, or view our full list of the best VPNs for unblocking ChatGPT.
Other Security Concerns With ChatGPT and Generative AI
Aside from data protection issues, there are also security concerns regarding ChatGPT. We’ve listed them below.
1. No age verification
ChatGPT’s service is not for children under 13. If you are 13 or older but still under 18, you’ll need permission from your parents to use the service.
However, there are no verification procedures to ensure compliance. This is one of the main reasons the Italian data protection authority initially restricted access to ChatGPT.
2. ChatGPT could be used to spread malware
In April 2023, Europol reported that ChatGPT has the potential for criminal use, including spreading malware. A hacker with basic knowledge of malware can trick ChatGPT into writing malicious code in its developer mode.
In January 2023, there were reports on an underground hacker forum about a hacker creating a Python-based information stealer using ChatGPT. While the extent of such activities is not clear, the mere potential is alarming.
3. ChatGPT can become a misinformation tool
A malicious character can feed the service with false or misleading news articles and social media posts to create confusion and sow discord.
With misinformation becoming prevalent, chances are high that ChatGPT could have been trained on false or misleading information. The AI tool is not foolproof and can easily spew such information, and people will take it as gospel.
4. Generative AI can be used for impersonation
Thanks to its natural language processing ability, ChatGPT can create content that mimics specific users. That means hackers can use it to write seemingly authentic messages in business email compromise schemes and other phishing attacks.
It can also be used to create hard-to-detect fake images and can even clone voices. Case-in-point: in March 2023, an elderly Canadian couple withdrew thousands of dollars after talking with their grandson, which turned out to be an AI voice scam.
5. Fake ChatGPT apps
Cybercriminals have created several fake ChatGPT apps on Google and Apple app stores. These apps are often data harvesting tools and malware spreaders.
At the time of writing, ChatGPT only has an app for iOS devices. The Android app is still in the works.
Before downloading any app, check the developer’s name, app icon, release date, download count, and reviews. Our Android malware removal guide has guidelines to help you eliminate any malware on your device if you’ve already downloaded a fake ChatGPT app.
What is ChatGPT?
ChatGPT is a natural language processing tool that can hold conversations and provide human-like responses to queries. The “GPT” in ChatGPT stands for Generative Pre-trained Transformer, and it summarizes what ChatGPT is all about: it generates responses; it’s pre-trained using billions of data; and it transforms user input into output.
This AI tool can assist you with various tasks, including writing code, drafting emails, and conducting research. You can access ChatGPT using any browser, unless it’s blocked in your location, in which case, you need a VPN to unblock the service.
ChatGPT’s success has led to an outbreak of many generative AI tools. For instance, Google has released Bard, a conversational AI tool that rivals ChatGPT’s ability to access the internet and provide insightful and nuanced responses. As generative AI technology progresses, expect to see tons of niche-specific AI that are great at generating images, videos, and 3D renderings.
How does ChatGPT work?
When you type in a question into ChatGPT and click the send icon, the AI will immediately start generating a response.
But what really happens behind the scenes? Here’s a quick overview of ChatGPT’s process:
- When you enter a prompt, ChatGPT will attempt to understand the context and nuances of your input.
- Next, it will scour the massive dataset its been trained on to find appropriate, accurate, and relevant answers to your query.
- Finally, ChatGPT will start typing out a response until it answers your question completely.
You can always ask a follow-up question if you’re not satisfied.
What is ChatGPT-4?
OpenAI’s ChatGPT-4 is a more accurate and visual version of ChatGPT-3. It’s reportedly better at processing information, understanding contexts and nuances, generating creative content, solving complex problems, and analyzing and commenting on images and graphics.
According to OpenAI’s ChatGPT4-statistics, ChatGPT-4 is 40% more likely to provide factual responses compared to ChatGPT-3.5. It also scores in higher percentiles on standardized tests.
ChatGPT-4 was rolled out in March 2023, about five months after ChatGPT’s initial release. Currently, it’s only available for the paid subscription.
Conclusion: Prioritize Your Privacy While Using AI Chatbots
Despite numerous privacy concerns, ChatGPT’s success has created what is already known in tech circles as “the ChatGPT effect.” Many tech companies are releasing their own AI-powered chatbots, going beyond text to video, audio, and image-based AIs.
Microsoft has launched the AI-powered Bing and Edge browsers, while Google calls its conversational AI service Bard. There’s also Anthropic, a company created by former ChatGPT employees who are looking to create a ChatGPT alternative. And there’s surely more to come.
Unfortunately, with these AI tools come privacy issues such as the collection and potential sharing or selling of user data; data breaches of the AI tool; and the use of copyrighted content to train the AI.
It’s important to regulate our enthusiasm for technology with a concern for privacy. Be sure to read the privacy policy of any AI company you choose to sign up with and be cautious about the kind of information you share. We also recommend that you use cybersecurity tools such as NordVPN to encrypt your traffic and hide your location while using AI chatbots.
Here are a few insightful articles on how to protect your privacy while using the internet:
- How to Browse the Internet Anonymously
- What Google Knows About You: Tips to Control Your Data
- Who Can See Your Browsing History
- Privacy Laws of the United States: The Best States for Privacy
If you still have a few questions about AI chatbots and privacy concerns, we’ve got you covered. We have put together a list of the most popular questions on the subject alongside answers. Click on a question to reveal the answer.
ChatGPT collects and stores various personal information, including your name, IP address, queries and inputs. This means that if it’s ever hacked, your data could be in the hands of malicious actors.
Plus, ChatGPT is willing to share user information with third parties. Since ChatGPT is trained with user data, it might unwittingly spill personal details. We’ve covered all of ChatGPT’s privacy concerns in our article on the privacy risks of AI chatbots.
When you sign up for or use chatbots, you hand over your personal information to them. Your name, email address, IP address and other data could be in the database of these chatbots. If there’s ever a data leak, your data could be compromised. Plus, since your data is used to train the chatbot, it might give you data away inadvertently. Learn more about the privacy risks of AI.
You can use ChatGPT with a VPN to escape the privacy risks of using the tool. A VPN hides your IP address and changes your virtual location, making it hard for anyone to track you. It also encrypts your internet data, making it useless to anyone who gains access.
Yes. To set up ChatGPT with NordVPN, do the following:
- Purchase a NordVPN subscription (we recommend the two-year plan).
- Open the VPN app and connect to the fastest server. NordVPN’s “Quick Connect” button can pick the best server for you.
- Launch ChatGPT and start interaction with the chatbot.
We have a detailed guide with screenshots on this in our guide on unblocking ChatGPT.
