OpenAI, known for its AI model GPT-4o, has raised privacy issues with its data collection methods, including using extensive user inputs to train its models. Despite claims of anonymization, the broad data hoovering practices and a previous security lapse in the ChatGPT desktop app, which allowed access to plaintext chats, have heightened privacy concerns. OpenAI has addressed this with an update, yet the extent of data collection remains a worry, especially with the sophisticated capabilities of GPT-4o that might increase the data types collected.
Source: https://www.wired.com/story/can-chatgpt-4o-be-trusted-with-your-private-data/
TPRM report: https://scoringcyber.rankiteo.com/company/openai
"id": "ope001080824",
"linkid": "openai",
"type": "Breach",
"date": "7/2024",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Artificial Intelligence',
'name': 'OpenAI',
'type': 'Company'}],
'data_breach': {'type_of_data_compromised': ['User inputs',
'Plaintext chats']},
'description': 'OpenAI, known for its AI model GPT-4o, has raised privacy '
'issues with its data collection methods, including using '
'extensive user inputs to train its models. Despite claims of '
'anonymization, the broad data hoovering practices and a '
'previous security lapse in the ChatGPT desktop app, which '
'allowed access to plaintext chats, have heightened privacy '
'concerns. OpenAI has addressed this with an update, yet the '
'extent of data collection remains a worry, especially with '
'the sophisticated capabilities of GPT-4o that might increase '
'the data types collected.',
'impact': {'brand_reputation_impact': 'Heightened privacy concerns',
'data_compromised': ['User inputs', 'Plaintext chats'],
'systems_affected': ['ChatGPT desktop app']},
'post_incident_analysis': {'corrective_actions': 'Update to address the issue',
'root_causes': 'Broad data hoovering practices'},
'response': {'remediation_measures': ['Update to address the issue']},
'title': 'OpenAI Privacy Concerns with GPT-4o Data Collection',
'type': 'Data Privacy Issue',
'vulnerability_exploited': 'Data Collection Practices'}