When talking to a chatbot like ChatGPT, You should never assume that your communications are private. Many chatbots, by default, use your conversations to train the underlying AI models, but even if you opt out of training, or use temporary chat, these conversations are stored on the company’s servers for a limited time. A general rule of thumb is to avoid sharing anything with a chatbot that you wouldn’t want exposed in public. (proprietary company information, personal secrets, etc.) But what if the chatbot in question already has your private information? What if ChatGPT, Gemini or the Cloud are happy to share your phone number with anyone who asks?
This week I have this discussion. Following a report by Eileen Guo of MIT Technology Review. In this piece, Guo reviews a series of claims from users who say chatbots are sharing personal information like phone numbers when requested. In some cases, chatbots will share information when the person in question asks for it; In other cases, however, it was strangers reaching out for details. In one example, a software engineer in Israel received a message from an unknown contact via WhatsApp, requesting assistance with his payment application. When the engineer asked how the stranger got their WhatsApp information, they sent back a screenshot, showing how Gemini shared the details upon request. The engineer later found a single source on the Internet that contained his phone number: a 2015 Quora post.
How do chatbots get our private information?
Chatbots like ChatGPT are trained on huge amounts of data. Much of this data, of course, comes from the Internet. It’s entirely possible, therefore, that websites containing your personal information—like a random forum post from a decade ago—were snuck into a chatbot’s dataset, and returned as part of a query about your information. Even if it’s not part of the training data, chatbots have had the ability to search the web for years at this point. These models can fan through a large number of websites to return results for a request, and if it finds your information, it can simply share it.
The deeper issue is that our information is visible all over the internet, whether we know it or not. We may have personal contact information on websites that we may or may not remember posting; Our personal information on town and city websites may be linked to public records, even if those results do not appear at the top of a typical Google search. Because AI is capable of deep dives through all of these web results, however, it is able to find obscure results and surface them, potentially exposing your details.
Now, as Guo explains, most chatbots have safeguards to prevent them from harming—or, perhaps, even a lot The downside is that I encountered this when I asked ChatGPT what my phone number was. He told me that he could not give out personal information of private individuals, as it would go against his security measures. However, he found two phone numbers for “Jack Peterson” that were “public-facing,” possibly listed openly on individual corporate websites. (For the record, neither result was my phone number.)
But these ringrails are far from perfect. Guo highlights a case in which a University of Washington PhD student discovered the contact information of a friend on Gemini. The bot returned with the friend’s research, but also their phone number. The friend later confirmed that she shared her phone number online as part of a technology workshop, but never intended it to be visible to anyone who asked for it. (Gemini couldn’t find or wouldn’t share my personal contact information, but was happy to share my X account.)
What do you think so far?
Can you remove your phone number from chatbots’ datasets?
Unfortunately, we don’t have many good options when it comes to protecting our privacy from chatbots. To his credit, OpenAI has a portal which lets you request the removal of your personal information from responses—but, as Guo notes, the company reserves the right to deny your request for a variety of reasons. anthropic It is only a support document explaining how it uses your informationWhen Google gives you permission Request to opt out of personal data processingBut only depending on your jurisdiction. (The company specifically calls out the EU and UK based on their data protection laws.)
Perhaps, then, the most realistic approach is to get this information from the public Internet as much as possible. If you live in California, You can use this portal To request that data brokers remove your information from their databases. You can too Investigate any personal data removal toolsAs unknown Or DeleteMeTo try to accomplish the same. However, while this may remove your information from some corners of the internet, there’s not much you can do if AI companies already have your information in their datasets.
The sad reality here is that AI technology has pushed the rules around personal privacy. If lawmakers had stepped up to ensure that we had the option to opt out of these data collection practices, we could have curbed the problem. But right now, the best we can really do is delete our information and not use it—and, if it gets too bad, change our contact information outright.
