AI Warning: Five Prohibited Disclosures to Avoid when Interacting with Automated Assistants

In the digital age, our reliance on artificial intelligence (AI) has grown significantly, with one billion queries fired off daily by users worldwide. However, as more personal information is shared with AI systems like ChatGPT, a privacy conundrum known as the digital confession paradox arises. This paradox suggests that people are more likely to reveal sensitive details to AI systems than they would to friends, increasing privacy risks.

Recent events highlight the potential perils of sharing proprietary information with AI assistants. For instance, the Samsung case serves as a stark reminder of the risks involved when company code is shared with such systems. In 2023, Samsung employees discovered that code they had shared with ChatGPT became visible to other users, underscoring the need for caution when using AI tools.

When interacting with public AI systems, it's essential to assume anything you type could eventually become public knowledge. This is particularly concerning for businesses, as the use of AI tools can inadvertently expose confidential business information, including trade secrets, client confidentiality, regulatory compliance requirements, and internal strategic discussions.

Healthcare organizations also face significant privacy risks when employees use public AI tools to process patient information. Breaches can lead to HIPAA violations, compromised patient confidentiality, inaccurate self-diagnosis, and the creation of sensitive health profiles outside protected systems.

Security experts often refer to ChatGPT as a "privacy black hole," given its potential to collect and use personal information. OpenAI, the company behind ChatGPT, can use user inputs to further train their models. Each interaction with the AI potentially exposes pieces of personal information.

To protect sensitive information, it's advisable to use specialized, secure AI tools, review privacy policies, and check for enterprise AI agreements with stronger privacy protections. AI companies have shown they're willing to report problematic requests to authorities, providing some reassurance for users concerned about privacy.

In response to growing concerns about AI privacy, regulations are being implemented. For example, the EU AI Act requires clear labeling of AI-generated media. Businesses should also develop clear AI usage policies specifying what information can be shared, approved AI tools, personal account usage rules, and required security features for sensitive data.

Remember, the most important principle to remember is that anything you tell ChatGPT today could be read by anyone tomorrow. As we continue to navigate the digital landscape, it's crucial to stay vigilant and make informed decisions about sharing our personal and professional information with AI systems.