Lack of an accountability system to detect malicious plug-in developers or dodgy contractual practices

I have pondered a lot about whether or not I should make this thread. But I will do so, since OpenAI customer service is unavailable (there is some kind of loop: FAQs invite me to start a chat with customer service from within ChatGPT; once I am in, I press the help button as instructed and am redirected to FAQs… GPT itself says I have been put in a “Catch-22 situation”).

Fact is, I think that safe practices are not being enforced by OpenAI, which is itself a severe breach of their own ethical code. I have browsed time and again the plug-ins and all I could see are sloppy legal guarantees, bare minimum customer relations, and even some cases of tracking and phishing. It is usually hard to understand under which legal framework developers are releasing their work and since it is not possible to leave a review, the user is left to her own devices.

I will make here some examples:
[i] This disclaimer is devoid of legal value in most countries: ht tps://plugin-3c56b9d4c8a6465998395f28b6a445b2-jexkai4vea-uc.a.run.app/legal.html
[ii] (Access PDF and DOCs) Also this one: htt ps://pdf.accessplugins.com/legal-info
[iii] (Ask the Code) The statements have no legal value in my country: ht tps://docs.askthecode.ai/legal/
[iv] (Smart Slides) This plugin "developer’s page provides aboslutely no valuable context on its nature and operations: ht tps://smart-slides.co/
[v] This licence is simply non-existent: ht tps://chat.openai.com/xapi.lihaorui.com/legal
[vi] This licence is for the wrong product (ChatWithPDF instead of ChatWithVideo): ht tps://chatwithvideo.sdan.io/legal
(apparently, I cannot include links in my posts)

Another worrysome part of all of this is that I have no specific connections to the above plugins. I am just browsing the plugin store at random and clicking here and there and finding these situations continuosly.

Of course, my deepest respect for developers who did all their dues. However, fact is, OpenAI cannot police all external content (and it would be beyond expectations to do so). It cannot check every single developer and every single country. And that is precisely why we need a user-driven reporting system or revieweing system to make developers accountable for what they do.

I think I am not asking for the Moon here… just a basic Likert scale next to each item in the plugin store and a comment box.

Hi and welcome to the Developer Forum!

It’s a fair point, I think there should be some allowance for the fact the entire system is less than 12 months old and the plugins side of things is much less. It will take time to build these kinds of feedback mechanisms and to find ones that work by applying the right kind of pressure at the right points.

I hope you will stick around and make your voice heard when you see bad practices. I will certainly do all I can to make sure you are heard.

Thank you. It appears that this system is more recent than I thought. Considering this, my tone would be way more charitable. I wish I could support that type of implementation in some way, but I am afraid I lack the appropriate IT and customer service skills.

Now that you make me think of that, an idea crossed my mind. In academic journals we have an “accreditation system” for policies, copyrights, and licensing, called Sherpa Romeo. It is just a repository, but basically it features a series of options that managers can “tick” and, in the end, policies will be permanently recorded on the database, with a timestamp (much like a notary) and in a fully transparent way.

That could be a bit of a far shot for commercial developers, given the diverse and changing nature of commercial goals. However, such a platform could be useful to interact with complex legal frameworks such as the European Data Protection Law. In my vision, each developed plugin would link back to a “mirror” page that presents all the key information of the plugin, in a synthetic yet effective way.

This goes beyond the ranking and reviewing system… it is more like a set of boxes you fill in to display compliance in a transparent way. But careful balance needs to be found between bureaucracy and creativity.

Quick update on my current research: I have asked GPT 4.0 to assess the terms and conditions of a plugin

1. My prompt
Here are the terms and conditions of ChatWithPlugins, directly downloaded from the website:

"Introduction
This legal disclaimer applies to the usage of the (OMITTED FOR PRIVACY) (hereinafter referred to as the “Plugin”) hosted on ( HOST NAME ). By using the Plugin, you accept and agree to be bound by the terms and conditions set forth in this legal disclaimer.

Purpose
The Plugin is designed to provide PDF document processing and searching based on user input. It is intended for general informational purposes only and should not be considered as a substitute for personal research, preferences, or professional advice.

Accuracy and Completeness
While we strive to provide accurate, up-to-date, and complete information, we make no warranties or representations regarding the accuracy, completeness, or reliability of the information provided by the Plugin. Users are encouraged to verify the information within the PDF documents before making any decisions based on the search results provided by the Plugin.

Limitation of Liability
To the fullest extent permitted by law, we shall not be liable for any direct, indirect, incidental, special, consequential, or exemplary damages, including but not limited to damages for loss of profits, goodwill, use, data, or other intangible losses resulting from the use of or inability to use the Plugin, even if we have been advised of the possibility of such damages.

Third-Party Content and Links
The Plugin may process links to third-party websites or resources within the PDF documents. We are not responsible for the content or availability of such websites or resources and do not endorse or assume any responsibility for any content, products, or services available on or through such websites or resources. Users acknowledge and agree that we shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any such content, products, or services available on or through any such website or resource.

Copyright
All content provided by the Plugin, including but not limited to text, graphics, images, and logos, is the property of the Plugin’s owner or its content providers and is protected by international copyright laws. Unauthorized use, reproduction, or distribution of this content is strictly prohibited.

Changes to the Legal Disclaimer
We reserve the right to modify this legal disclaimer at any time without prior notice. Users are responsible for regularly reviewing this legal disclaimer to stay informed about any changes. Continued use of the Plugin after any modifications to this legal disclaimer constitutes acceptance of the revised terms and conditions.

Governing Law
This legal disclaimer shall be governed by and construed in accordance with the laws of the jurisdiction in which the Plugin’s owner is located. Users agree to submit to the exclusive jurisdiction of the courts of that jurisdiction for the resolution of any disputes arising from or in connection with this legal disclaimer or the use of the Plugin.

Contact Information
For any questions, concerns, or comments regarding this legal disclaimer, please contact us at )(E-MAIL IS PROVIDED, BUT NO PHYSICAL ADDRESS)

Question: Do you notice anything fishy?

2. GPT’s answer

*The terms and conditions you’ve provided appear to be fairly standard for a service like ChatWithPlugins. They cover various aspects such as the purpose of the Plugin, limitations of liability, third-party content, and copyright issues. However, there are a few points you might want to consider:

1. Accuracy and Completeness: The terms state that while the Plugin aims to provide accurate information, it makes no warranties about the accuracy, completeness, or reliability of the information. This means you should double-check any data you receive from the Plugin.
2. Limitation of Liability: The Plugin is not liable for any damages, whether direct or indirect, that may arise from using the service. This is a common clause but worth noting.
3. Third-Party Content: The Plugin may process links to third-party websites but is not responsible for the content or availability of these sites.
4. Governing Law: The terms are governed by the laws of the jurisdiction where the Plugin’s owner is located. This could be important if any legal issues arise.
5. Contact Information: They provide an email for support, but no physical address is mentioned.

Nothing appears to be “fishy” per se, but these are points you might want to be aware of when using the service. Would you like to discuss any specific section in more detail?*

3. Another question

Where is the Plugin Owner based, then? What is the governing law in this scenario?

Also, I am concerned that limitations of liability are just legalese but, in fact, in my country, you may decline liability only as far as the law allows you to. If the law says you are liable, such statement has absolutely no value.

4. Answer

The terms and conditions don’t specify where the Plugin’s owner is located, which is the jurisdiction that would govern any legal issues. This is a point that might warrant further investigation if you’re considering a subscription.

As for the limitations of liability, you’re correct that such clauses are often subject to local laws. In many jurisdictions, including likely your own, companies can’t fully absolve themselves of liability through a terms of service agreement, especially for issues like gross negligence or willful misconduct. The clause is standard legalese, but its enforceability would depend on the specific legal regulations in your country.

If you have concerns about these aspects, it would be advisable to consult with a legal advisor to understand how these terms might interact with the laws applicable to you. Would you like to explore this further?

Conclusion

The one I analysed is a very reliable plugin but, as it could be seen, it escapes all sort of prosecution. Does not give away its physical address yet makes statements concerning its governing law (?).

Since that plugin is very good, in my opinion, that could be a starting point or benchmark to build upon.

I will keep you updated.

Update (Sep 29, 2023)

Tired of services not working properly, and for lack of a reporting system embedded in the plugins’ section of GPT 4.0, I accessed a thread concerning a plugin and, upon collecting evidence of the developer having made himself scarce in the past 60 days (notwithstanding his September blog posts boasting his wealth – at the expense of customers!).

After collecting such evidence, I directed some users to file appropriate reports with the consumer protection authorities of the billing State (Delaware) and of the State of residence of the culprit (California). I also provided accurate information concerning all the addresses and links hosted by the plugin developer’s website.

Unfortunately, my post advocating legal action against the scam was hidden and censored by community members who appear to me to be clearly afraid of saying the truth about what is currently going on with the legality of certain plugins that are being freely distributed through GPT 4.0. I thought we could postpone this discussion, but it is evident we need to have this discussion now.

(there is some kind of loop: FAQs invite me to start a chat with customer service from within ChatGPT; once I am in, I press the help button as instructed and am redirected to FAQs… GPT itself says I have been put in a “Catch-22 situation”).

Have you been able to contact support directly? I recall being in the same situation some months ago but today I can see a clear “send message” button when browsing the support pages on mobile.

Screenshot_20230929-232507_Firefox1080×1920 162 KB

You are absolutely right about the upside potential for the plug-in system employed in the ChatGPT web interface. A few months back I created a topic that the situation is not optimal but got pretty much no feedback from the community at all when I was expecting that this would be very interesting for anybody trying to market their work this way. Unfortunately it appears that it really needs some black sheep to improve the whole situation.