CAUTION: Avoid Sharing Sensitive Data with ChatGPT—Follow These Guidelines

OpenAI launched ChatGPT online on November 30, 2022.  Like other large language models, ChatGPT uses real data from the internet to respond to user queries.  Among generative AI models, ChatGPT stands out because it can chat like a human.

What Data Does ChatGPT Collect?

ChatGPT stores all user input and responses it generates. Additionally, it gathers user IP addresses, browser details, and interaction data, including content engagement, feature usage, and actions. Moreover, when using the platform, ChatGPT automatically receives following information.

• Log Data: such as IP address, browser type and settings, date and time of request, and how you interacted with the site.
• Usage Data: such as type of content viewed and engaged with, features used, time zone, country, date/time of access, type of device (computer/mobile)
• Device Information: such as Name of device, operating system, and browser use.

Associated Data Privacy Risks

Since ChatGPT saves all user input, you should avoid entering confidential information.  This means that any text you type into ChatGPT may be saved and used by the technology to generate responses for other users.  Once you enter your name, address, phone number, and e-mail address into ChatGPT’s model, your information will be permanently stored in ChatGPT’s model.  It is the same for workplace information, such as spreadsheet data or reports.

Remember these simple Guidelines

When sharing data with ChatGPT, please consider following guidelines:

1. Disable ChatGPT history.
   • Goto ChatGPT> Settings> Turn off Chat history & setting.
   
   
   • This may help somehow but OpenAI will still store your conversations with ChatGPT for 30 days and review those transcripts, even if you turned off your chat history. For this reason, make sure to delete or ‘anonymize’ any sensitive information
2. Protect Confidentiality:
   • Check data thoroughly to ensure it doesn’t contain sensitive or confidential information.
   • Don’t share anything that could compromise security or violate privacy rules.
3. Anonymize Data:
   • Remove personally identifiable information (PII) if possible
     • Anonymizing tips: change names, addresses, financial information, etc before feeding into ChatGPT.
   • This helps keep individuals’ identities safe.
4. Stay Compliant:
   • Follow your company’s data handling policies.
   • Make sure you’re compliant with relevant regulations like Australian Privacy Act/ GDPR or local privacy laws.
5. Share Purposefully:
   • Only share data for specific, legitimate purposes.
   • Get consent if needed, so everyone understands why and how the data is being used.

These simple steps ensure ethical data sharing and protect your organization’s integrity and privacy.

---

Resources:

• https://en.wikipedia.org/wiki/ChatGPT
• https://www.databricks.com/learn/training/generative-ai-fundamentals-accreditation
• https://www.romanolaw.com/caution-do-not-enter-confidential-information-into-chatgpt
• https://www.redscan.com/news/chatgpt-security-risks/