Hi! I’m writing here as its impossible to find where to properly report bugs/privacy issues/concerns on the Openai website.
Yesterday I was using chatGPT (the free verion), getting help to update certain aspects in my CV. In this conversation I had never, at any point in our conversation, mentioned an address of any kind, nor given a prompt asking it to include one. How ever, at a certain point in our conversation it writes my parents address, even their house number, and as you could imagine I got quite chocked. So my obvious question is how the hell it knows my parents address who live in a small town in sweden, (I dont live there)? I feel like this is MAJOR violation of privacy. I then asked chatGPT how it could have access to such information to which it replied ‘‘I do not have access to any private or personal information unless you explicitly share it during our conversation’’, a lie as I EXPLICITLY did not share this kind, or any similar, information.
This is probably the wrong forum to write about this issue, but I felt i needed to bring this matter to attention somewhere.
Can you find the adress on google maps too?
Hi! Yes you can, like most addresses I reckon (unless one lives under a rock).
There is a surprising amount of information about many people that can be found quite easily using a regular search engine.
I was able to connect the lines between my full name, my former address, and my now-defunct company with one search engine search, from the first three results.
So no reason to accuse chatGPT about anything, data is available on internet.
I am pretty sure using a couple billion regular expressions and NER it would be possible to avoid that.
The thing is: that would not only need a lot of extra hardware but also energy.
Are your parents some famous actors, poltiticians or in any kind a target of criminal organizations?
Thank you for explaining how a search engine works. There surely is a great reason to ‘‘accuse’’ chatGPT as it clearly breaks its own guidelines about data protection - that its not supposed to have access to private or personal information unless shared in the ongoing conversation. And in my case it wasnt shared, yet it had access
Haha, no, they’re just two old retired folks
Here’s some thoughts:
Did you upload a file, and were any uses of “advanced data analysis” (code interpreter) invoked to extract information from that document?
Free ChatGPT is provided a few turns of code interpreter before a daily limit, in which it can use PDF or document extraction tools in its Python environment to get information out of a file.
Additionally, an uploaded document is extracted, chunked, and made searchable for knowledge file search, with the plain text of document extraction being provided to the AI.
It is thus possible that metadata, revision history, or other information that is not in the presentation layer was extracted from the document file you provided.
A past invocation of code interpreter in a chat turn will be signaled by a little blue “play” button, allowing you to see the code that was run:
Secondly, ChatGPT has internet browser search, although it generally wouldn’t go searching simply for a “rewrite this” task, and the output is very patterned to just summarize with links to sites.
You can see if either of these were employed.
Then, AI is trained on internet data. Usually, recitation of obscure data points is beyond it, though. Everything it knows and can produce via weights has to fit into the memory of a few industrial-strength GPUs, and still be there after tons of chat fine-tune training.
The GDPR rules as I understand them have been a political instrument to seize money from big tech companies who had money parked in ireland to avoid taxes in the USA.
Afaik in 2017 president Trump offered a one-time low tax rate (15.5% instead of 35%) on repatriated earnings, incentivizing these companies to bring the money back to the U.S.
And in return EU implemented some bullshit rules to make up for lost Tax earnings.
They can fine big tech now for GDPR violations.
Or do you really think they did it to protect old grannies from their address being trained into AI models?
So my question is are you getting paid by EU organisations or press to post this nonesense here?
Or are you really concerned?
If so you can report this violation to OpenAI support and they will implement something to remove their address.
But posting it here really makes me wonder what your intention is.
I have to add that to a point I like the GDPR rules. But they are undermining it with stuff like KYB or KYC rules and other stuff to their likings.
This is just my personal oppinion btw.
Sorry, if I am being too direct or appear to be an unlikable asshole. I am just tired of this.
Really sorry!