The author raises concerns about OpenAI's compliance with privacy regulations like CCPA and GDPR, the transparency of their training data, and their ability to handle privacy requests. He also questions the company's use of the "hallucination excuse" to handle privacy requests, where the AI is said to fabricate likely personal data based on a user's question. The author concludes by suggesting improvements in data governance, transparency, error correction, AI disclosure, and the establishment of AI usage guidelines.
Key takeaways:
- The author filed a CCPA request with OpenAI to understand how they handle privacy regulations in relation to their training data sets. The exchange revealed a lack of clarity in OpenAI's approach to privacy and training data.
- OpenAI's responses to the author's inquiries were inconsistent and slow, raising questions about their ability to handle privacy requests effectively. They failed to provide verified personal data and their explanations were vague.
- The author suggests that OpenAI, and other companies using large language models (LLMs), may struggle to comply with privacy regulations without being transparent about their training data. He recommends investment in data governance, transparency about training data, defining standard metrics for errors, disclosing AI as fallible, and establishing guidelines for AI use.
- The author's experience highlights the potential for AI to generate personal information, even if it's not in the training data, raising further questions about privacy and compliance with regulations like CCPA and GDPR.