Understanding Chatgpt Data Privacy Issues

ChatGPT's default settings are a privacy trap, and it’s not safe to use ChatGPT until you update those settings! Default settings compromise your privacy because your chats (that likely contain personal or sensitive information) are used to train OpenAI’s models, are reviewed by humans, and can be used to identify you uniquely. ChatGPT is super useful, and I’m not an advocate of advising people to stop using this tool (and others like it) for privacy reasons. In fact, I think most people should be using ChatGPT to be better and more efficient in their work and personal lives. However, using ChatGPT safely and privately is critically important. By taking these 6 simple but critical steps now, you can use ChatGPT with the peace of mind that you are minimizing your privacy and safety risk. 1. Turn off model improvement. On chatgpt.com, Click on your profile icon (in upper right corner) → Settings → Data Controls → Turn Off “Improve the model for everyone”. 2. Use “Temporary Chats” to prevent ChatGPT from saving a history of your chats. 3. Submit a “Do not train on my content” Privacy Center request at https://lnkd.in/dASS6aA8. Ironically, for a privacy site, cookie blockers may cause this website not to load, so try an incognito browser window if you get an error with that link. Enter the email associated with your account, click on the link in the confirmation email OpenAI sends you, and then submit your request. If it works, you’ll get another confirmation email, and a day or so later, you’ll get a final confirmation that this was done. 4. Consider disabling “Memory”. Memory creates ongoing personalization by remembering details between chats and your preferences. From a privacy perspective, this creates ways to uniquely identify you and may store personal information about you. Do this from Settings → Personalization → Turn Off “Memory”. 5. Keep Customization to a minimum. Under Settings → Personalization → Customize ChatGPT, be cautious of what personal information you provide. 6. Periodically delete old chats. Do this from Settings → General → Delete All Chats. For more detailed instructions and additional information on this topic, check out the Substack I wrote about this topic. #LIPostingDayApril #privacy

🧠 “Data systems are designed to remember data, not to forget data.” – Debbie Reynolds, The Data Diva 🚨 I just published a new essay in the Data Privacy Advantage newsletter called: 🧬An AI Data Privacy Cautionary Tale: Court-Ordered Data Retention Meets Privacy🧬 🧠 This essay explores the recent court order from the United States District Court for the Southern District of New York in the New York Times v. OpenAI case. The court ordered OpenAI to preserve all user interactions, including chat logs, prompts, API traffic, and generated outputs, with no deletion allowed, not even at the user's request. 💥 That means: 💥“Delete” no longer means delete 💥API business users are not exempt 💥Personal, confidential, or proprietary data entered into ChatGPT could now be locked in indefinitely 💥Even if you never knew your data would be involved in litigation, it may now be preserved beyond your control 🏛️ This order overrides global privacy laws, such as the GDPR and CCPA, highlighting how litigation can erode deletion rights and intensify the risks associated with using generative AI tools. 🔍 In the essay, I cover: ✅ What the court order says and why it matters ✅ Why enterprise API users are directly affected ✅ How AI models retain data behind the scenes ✅ The conflict between privacy laws and legal hold obligations ✅ What businesses should do now to avoid exposure 💡 My recommendations include: • Train employees on what not to submit to AI • Curate all data inputs with legal oversight • Review vendor contracts for retention language • Establish internal policies for AI usage and audits • Require transparency from AI providers 🏢 If your organization is using generative AI, even in limited ways, now is the time to assess your data discipline. AI inputs are no longer just temporary interactions; they are potentially discoverable records. And now, courts are treating them that way. 📖 Read the full essay to understand why AI data privacy cannot be an afterthought. #Privacy #Cybersecurity #datadiva#DataPrivacy #AI #LegalRisk #LitigationHold #PrivacyByDesign #TheDataDiva #OpenAI #ChatGPT #Governance #Compliance #NYTvOpenAI #GenerativeAI #DataGovernance #PrivacyMatters

60 billion ChatGPT conversations. 👆 That’s how much data a federal court ordered OpenAI to preserve in the New York Times copyright lawsuit. These are conversations users believed were private or temporary. It’s a reminder for anyone leading AI at scale. Your retention policies and governance are more than just legal fine print...they become real, public, and operational in moments like this. Here’s what this case makes clear: >> 𝐏𝐫𝐢𝐯𝐚𝐜𝐲 𝐩𝐫𝐨𝐦𝐢𝐬𝐞𝐬 𝐡𝐚𝐯𝐞 𝐞𝐝𝐠𝐞𝐬. Even if you frame data as “temporary,” clauses like “retained to comply with legal obligations” can turn into long-term storage overnight. >> 𝐃𝐚𝐭𝐚 𝐚𝐫𝐜𝐡𝐢𝐭𝐞𝐜𝐭𝐮𝐫𝐞 𝐦𝐚𝐭𝐭𝐞𝐫𝐬. OpenAI argued that only 0.010% of logs were relevant, but because the data wasn’t tagged or segmented by sensitivity or purpose, the court required everything to be preserved. >> 𝐆𝐨𝐯𝐞𝐫𝐧𝐚𝐧𝐜𝐞 𝐠𝐚𝐩𝐬 𝐬𝐮𝐫𝐟𝐚𝐜𝐞 𝐟𝐚𝐬𝐭. “AI privilege,” as floated by Sam Altman, didn’t hold water. Courts treat AI data like any other data. So, if a subpoena landed tomorrow, could you really find and isolate sensitive AI data in minutes? Could you confidently defend why you keep, or delete the data you do? And could you separate what’s truly relevant from all the noise? This isn't just about copyright...it's what happens when AI, privacy, and the law collide. A key takeaway: segment your data thoughtfully, check your vendor agreements carefully, and ensure your AI governance actually works in practice.

OpenAI MUST save all chat logs in ChatGPT AND its API per court order, regardless of user privacy preferences. This one slipped below my radar. The US District Court Southern District of New York, in the case NYT v OpenAI, ordered OpenAI to preserve all chat logs generated by ChatGPT and OpenAI's models via API, even if users explicitly set their privacy settings to not do this. If you are using OpenAI's services in ANY capacity, your information now MUST be kept and preserved at a minimum for the pending court case. One of the things I talk about in my keynotes on AI is data privacy. The ONLY guaranteed privacy you have is when you run local models - models that run on your hardware/infrastructure. How do you know if you're using local models? If you disconnect the Internet and your AI tools still run, you're using local AI - tools like AnythingLLM, LM Studio, Koboldcpp, etc. This court order makes no exceptions - any data going through OpenAI must be logged and kept, from PII to PHI. It's a big deal. Sources in the comments. #AI #GenerativeAI #GenAI #ChatGPT #ArtificialIntelligence #LargeLanguageModels #MachineLearning #IntelligenceRevolution

Last week I gave a talk at AICAMP NYC and had a really long line of questions around AI memory. It seemed like many founders and developers are struggling to have meaningful conversations about memory, because they there is a lot of fundamental misunderstanding about memory architecture. There are actually three distinct layers of memory in generative AI: 𝗟𝗮𝘆𝗲𝗿 𝟭 - 𝗧𝗵𝗲 𝗙𝗼𝘂𝗻𝗱𝗮𝘁𝗶𝗼𝗻 𝗠𝗼𝗱𝗲𝗹 𝗟𝗮𝘆𝗲𝗿: This is the lowest level: model parameters stored in server DRAM that define how an LLM behaves and what it "remembers" from training. ___________ 𝗟𝗮𝘆𝗲𝗿 𝟮 - 𝗞𝗩 𝗖𝗮𝗰𝗵𝗲: This is the middle layer automatically generated during inference. The KV cache is responsible for helping LLMs respond faster to follow-up questions. It's stored on GPU HB (highbandwidth) memory and CPU DRAM but it is rapidly expanding in size and creating new hardware challenges as there is not enough memory capacity on these two tiers. This is also creating a need for projects like NVIDIA Dynamo that have distributed, shared multi-node memory architectures. ___________ 𝗟𝗮𝘆𝗲𝗿 𝟯 - 𝗖𝗼𝗻𝘁𝗲𝘅𝘁 𝗠𝗲𝗺𝗼𝗿𝘆: The top layer. This is the layer that users experience most directly. Context Memory is your conversation history, context windows, and persistent memory. You see it on the left hand side in the form of historical convos in an app like ChatGPT which allows you to pick up from where you last left off. If you haven't tried yet, ask ChatGPT what it knows about you...you'll be amazed. This is the context memory layer and it is separate and distinct from KV Cache and the associated LLMs themselves. ___________ 𝗞𝗘𝗬 𝗧𝗔𝗞𝗘𝗔𝗪𝗔𝗬 Layer 3 is also where your sensitive data lives and where data portability and privacy concerns matter most — especially for the enterprise: When you use ChatGPT, all your sensitive information gets stored in ChatGPT's memory layer. Even OpenAI's new standalone "ChatGPT Memory" is still running on OpenAI's servers, and not under your control. The Context Memory layer is where I see some enterprises and financial services firms being the most trusting of 3rd parties to own and store sensitive trade secrets. I might even characterize some approaches as borderline careless or reckless, because process knowledge and even IP in the form of code snippets and sensitive enterprise data are being shared with services. I think the reason this is happening is that most people don't know how to build and manage their own AI memory and context layer. When you're building your next AI product, make sure you're making decisions that protect your enterprise's edge in today's AI race.