OpenAI's release of the GPT-4o AI model raised significant privacy concerns due to its extensive data collection practices. Issues were highlighted when it was discovered that the AI could inadvertently access user data and store conversations in plain text. Despite steps to anonymize and encrypt data, critiques pointed out that the privacy policy allows for broad data hoovering to train models, encompassing an array of user content. The potential misuse of personal and usage data has led to increased scrutiny by regulators and the public.
Source: https://www.wired.com/story/can-chatgpt-4o-be-trusted-with-your-private-data/
TPRM report: https://scoringcyber.rankiteo.com/company/openai
"id": "ope000080124",
"linkid": "openai",
"type": "Vulnerability",
"date": "7/2024",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Technology',
'name': 'OpenAI',
'type': 'Company'}],
'data_breach': {'data_encryption': 'Anonymize and Encrypt Data',
'type_of_data_compromised': ['User Data', 'Conversations']},
'description': "OpenAI's release of the GPT-4o AI model raised significant "
'privacy concerns due to its extensive data collection '
'practices. Issues were highlighted when it was discovered '
'that the AI could inadvertently access user data and store '
'conversations in plain text. Despite steps to anonymize and '
'encrypt data, critiques pointed out that the privacy policy '
'allows for broad data hoovering to train models, encompassing '
'an array of user content. The potential misuse of personal '
'and usage data has led to increased scrutiny by regulators '
'and the public.',
'impact': {'brand_reputation_impact': 'Increased Scrutiny by Regulators and '
'the Public',
'data_compromised': ['User Data', 'Conversations']},
'title': 'Privacy Concerns with GPT-4o AI Model Release',
'type': 'Data Privacy Issue',
'vulnerability_exploited': ['Data Collection Practices',
'Privacy Policy Loopholes']}