FTC Opens an Investigation into OpenAI Creator ChatGPT for Possible Violations of Consumer Protection Law

Peter_Brosdahl

Moderator
Staff member
Joined
May 28, 2019
Messages
8,154
Points
113
The future of AI development is taking a new turn as the FTC opens an investigation examining possible violations of the consumer protection law. OpenAI became an instant celebrity as news of its ChatGPT chatbot spread across the globe which became the backbone of Microsoft's newly updated Bing search engine. Since then U.S. regulators have increasingly begun striving to understand and create policy regarding the new technology and this investigation is likely to play a role in future laws, policy, and its application.

The FTC has already said that companies claiming to use AI for their responses will be held accountable for false information, its misuse, and including the validity of whether or not that product does not actually have to true AI as its basis. Needless to say, the FTC's investigation into ChatGPT could expand to further levels depending on what is discovered during this probe.

See full article...
 
Not that I am defending AI and the direction its going, but this reads like a fishing expedition.
 
Uvilla said:
Not that I am defending AI and the direction its going, but this reads like a fishing expedition.
Click to expand...
To some extent, I agree. Formally speaking it seems to have been triggered by the complaints and data breach but otherwise . . .
 
Will AI end up on the shelf right next to Radithor, Snake oil, and magnetic healing?
 
The issue with ML Ai is in pointing it to questionable sources to learn from. Sources that SHOULDN'T be exposed to it.

If your ML is learning on massive industrial clusters coming the internet to learn freaking everything it's going to find data it shouldn't have. It's out there in vast quantities.

So if your system crawls and pulls data that shouldn't exist into it and then regurgitates that same information who's at fault? Is it the AI host, the system it pulled the data from? The entity that exposed the data if that wasn't the original source?

I mean if you think about it the likelihood of every citizen in the US with a smartphone or PC having SOME data leaked out there is near 100%. Because an AI knows it, is it protected under free speech or anything else in regurgitating that data? It's not so far fetched if you tie AI to the entity running it and that corporations are seen as individuals. (How they got around PAC law and such in donating to politicians war chests.).

So there are defenses within the realm of free speech to protect the companies who's AI's are divulging the data.

I see it like this.

1. The company doing the at large data crawl for all publicly exposed data has a responsibility to protect that data in the vein of personal privacy. It doesn't matter how they got it. If the content is of a protected nature they are responsible for protecting that data because they went and pulled it down.
a. Addendum if the data were INPUT into the environment into a specific targeted shared distribution that is on whomever uploaded it to the system in question. (Meaning if a company were to use their own data to train an AI and only had company resources allowed to interact with and view that data with the AI even if the data were protected as long as it was not being leaked it's fine. This is a prime use for AI in training for customer service/troubleshooting assistant roles.
b. What the company running the AI has to protect is protected class data being pulled into it through it's own web crawling or other API endpoints. That data needs to be checked and verified to be protected or not so as to prevent privacy and protected data leaks. This protects private Intellectual property of companies at large, as well as the privacy data of individuals.

While it would be difficult to establish the checks for B, it is doable, especially with AI that doesn't expose data but tests it vs privacy data settings and protections.

The problem here with AI is that if AI leaks protected data... could be your Social Security number, or backdoor conversations about a company selling out to another. Once that is proven to be leaked by a 3rd party people can take action with that data (talking stock trades right now) and gain a material advantage over the market.

Analyzing public data to identify investment opportunities is one thing. Ingesting what should be private data and regurgitating it enters into insider trading. Or at the least legitimizing what would be considered insider trading.

So we're talking about a blade that cuts deep both directions here. If an unscrupulous trader is able to gain a competitive advantage by 'accidentally' pointing an AI to crawl data through a hole in a firewall that exists for any period of time, then takes advantage of that data for monetary gain... That could equate to a LOT of money and a lot of losses for illegitimate traders.

We're not worried a lot about people learning about data and using it illeaglly. That's the public statement. We're worried about someone gaining an 'unfair' advantage and making the big money folks loose out on their advantages.
 
Grimlakin said:
1. The company doing the at large data crawl for all publicly exposed data has a responsibility to protect that data in the vein of personal privacy.
Click to expand...
Hmm - is that the responsibility of the AI company, or the responsibility of the platform that is exposing the data out there in the first place (to at least have the tools available to enable privacy controls), or the end user who is making their data available?

I mean, if you have your Facebook page set to public, and you get mad that an AI trained off pictures of your kids - you kinda left the door unlocked and wide open for that to happen.

Kinda like if you stand naked out in your front lawn - yeah, it's your property and you can do what you want, but you don't exactly have any reasonable expectation for privacy out there either.

The AI company can't go out there picking locks, but if you are scraping pages and can show that what you are scraping isn't copyrighted, I would say fair game.
 
Brian_B said:
Hmm - is that the responsibility of the AI company, or the responsibility of the platform that is exposing the data out there in the first place (to at least have the tools available to enable privacy controls), or the end user who is making their data available?

I mean, if you have your Facebook page set to public, and you get mad that an AI trained off pictures of your kids - you kinda left the door unlocked and wide open for that to happen.

Kinda like if you stand naked out in your front lawn - yeah, it's your property and you can do what you want, but you don't exactly have any reasonable expectation for privacy out there either.
Click to expand...
Once you put the data out there it is fair game. But unintended exposure does not equate to a right to publish. Especially for a private individual that isn't in the public eye for some other reason. Movie stars and politicians pay for their fame with an expected loss of personal privacy. An unintended consequence of their fame. Private citizens are a different story and finding the slider for how exposed they should expect to be is important.

If it was announced tomorrow that my data wasn't considered private if I was on Facebook even with ALL of the privacy settings ticked I would delete my content tomorrow. BUT an entity that crawled my data through a leak or obtained otherwise leaked data should not have cartblanche to republish my protected data without consequence.

Just because Sara got Jane's diary and read all of her dirty secrets does not make it legal or right for her to expose Jane's secrets no matter if she wants to or not. Sometimes we require oversite and penalties to keep honest people or entities honest.
 
Grimlakin said:
If it was announced tomorrow that my data wasn't considered private if I was on Facebook even with ALL of the privacy settings ticked I would delete my content tomorrow. BUT an entity that crawled my data through a leak or obtained otherwise leaked data should not have cartblanche to republish my protected data without consequence.

Just because Sara got Jane's diary and read all of her dirty secrets does not make it legal or right for her to expose Jane's secrets no matter if she wants to or not. Sometimes we require oversite and penalties to keep honest people or entities honest.
Click to expand...
Yeah, but what if your Facebook is set to Public? That's what I'm saying - that stuff is fair game. Sure, if Meta sells your data behind your back, or someone uses an exploit or hack to get at your data that you had set to Private - they are liable for something: they showed intent to circumvent a privacy setting and got a hold of something they shouldn't have had.

Sure, you set it to private, you have an expectation to privacy. Same with a diary - you have it locked or in a personal area, you have an expectation of privacy -- but if you are using a public Wordpress blog you don't have that expectation any longer.
 
Brian_B said:
Yeah, but what if your Facebook is set to Public? That's what I'm saying - that stuff is fair game. Sure, if Meta sells your data behind your back, or someone uses an exploit or hack to get at your data that you had set to Private - they are liable for something: they showed intent to circumvent a privacy setting and got a hold of something they shouldn't have had.

Sure, you set it to private, you have an expectation to privacy. Same with a diary - you have it locked or in a personal area, you have an expectation of privacy -- but if you are using a public Wordpress blog you don't have that expectation any longer.
Click to expand...
I'm not disagreeing with you. What I am saying is if data is otherwise expected to be private but an unscrupulous actor exposed it. That doesn't make it legal or right for EVERY OTHER actor to repeat the data or distribute it.
 
You must log in or register to reply here.
Become a Patron!
Back
Top