Comment by blueblimp
10 hours ago
> Yet this approach is obviously much better than what’s being done at companies like OpenAI, where the data is processed by servers that employees (presumably) can log into and access.
No need for presumption here: OpenAI is quite transparent about the fact that they retain data for 30 days and have employees and third-party contractors look at it.
https://platform.openai.com/docs/models/how-we-use-your-data
> To help identify abuse, API data may be retained for up to 30 days, after which it will be deleted (unless otherwise required by law).
https://openai.com/enterprise-privacy/
> Our access to API business data stored on our systems is limited to (1) authorized employees that require access for engineering support, investigating potential platform abuse, and legal compliance and (2) specialized third-party contractors who are bound by confidentiality and security obligations, solely to review for abuse and misuse.
I have to say — I’m kind of amazed that anyone would expect privacy out of chat bot companies and products. You’re literally having a “conversation” with the servers of companies that built their entire product line using other people’s professional and personal output whether they approved, or even knew about it or not. Less a “it’s better to ask for forgiveness than permission” sort of thing than a “we’d rather just not ask and be pretty cagey about it if they ask, and then if they prove it, tell them they tacitly agreed to it by not hiding it from us even though they had no way to know we were looking at it“ sort of thing. Frankly I’m astonished that open ai, specifically, promises as much as they do in their privacy policy. Based on their alleged bait-and-switch tactics quietly swapping out models or reducing compute for paying customers after the initial “gee wiz look at that” press cycle, I can’t imagine those privacy policies will have much longevity when the company gets a more stable footing, and whooops looks like they figured out how to extract the training data from the models! And it’s different data since we extracted it from the model so the old privacy policy doesn’t apply! You think Altman wouldn’t sell that in a heartbeat to try and fund some big moonshot product if they get clobbered in the marketplace? Never mind the sketchy girlfriend-in-an-app-class chatbots.
Don’t get me wrong — I absolutely think the privacy SHOULD be there, but I’m just shocked that anyone would assume it was. Maybe I’m being overly cynical.