Should your company block ChatGPT? 🚫

Big names like Italy (yes, the country!), Verizon, Walmart, JP Morgan, and others have blocked ChatGPT in their workplace. This begs the question, is it safe and practical for you to continue using it? As a decision-maker at your company, should you consider blocking it too? Or as a consultant working for clients, should you avoid ChatGPT in your practice?

Today we explore the answers to all of these questions and more.

First, a quick disclosure: do not use this as legal advice. We are not lawyers and not data security experts (although, as CTO of a Fintech, Hussein was responsible for data security, and Jessica was a lawyer for Halloween last year - so there’s that). 🙃 Jokes aside, always do your due diligence.

⏮️ Previous tips: Master Styles & Tones in ChatGPT (more tips)

🔑TL;DR

1. While some companies block ChatGPT, many embrace it with open arms.

2. Open AI clearly states that if you use the API (this means you have code running somewhere that is integrated with them), then your data is not being used to train their model.

3. However, if you use the website version at https://chat.openai.com, some of your data may be used with some limitations (we look deeper into this below).

4. Taking precautions by implementing guidelines at work is recommended.

5. My assessment (not legal advice) is that the risk of your trade secrets leaking through model training is slim, but you should still proceed with caution.

6. Pro Tip! There is a form you can fill out to request that your data is not used to train ChatGPT.

🧪 OpenAI and Your Data: An Overview

Before writing this article, I read through OpenAI's privacy and terms documents. Surprisingly the docs are written in easy-to-read English and not legalese. Kudos to OpenAI for that!

If you want to read them yourself (highly encouraged), here are the relevant links:

1. Terms of service

2. Privacy policy

3. API data usage policies

4. How your data is used to improve model performance

5. FAQ on data usage for consumer services (i.e. ChatGPT)

But you didn’t come here for links, so let’s unpack these.

🌐 Using ChatGPT on the Website vs. API

In those docs, OpenAI explains what they do with your data. In short:

If you're using their website (i.e. you go to chat.openai.com like most of us), your data may be used for model training - with limitations. We’ll dig into this below.

If you're using the API, your data isn't used for training.

🔒 Data Handling and Anonymization

When using the website, Open AI says that while your data is stored, they scrub it from personally identifiable information (PII).

This means that if they have a data leak, your conversations might be in it, but it would be hard to associate it with you directly. So, instead of saying, "Hussein wrote this prompt," it would be something like, "User 4638d-374729-dhftej-2648202 wrote this prompt."

🤖 Are Your Conversations Used to Train the Model?

Their documents also say that they use a small sampling of data per iteration to improve their model's accuracy and capabilities. This can be a little bit confusing. What do they mean by using a small sampling of data per iteration?!

When an AI model is being trained, its common practice to use a small sample of data to continue the training. Instead of updating the model’s parameters using all of the data they get from users, they use small samples that are randomly chosen.

Parameters are internal values that the model learns and adjusts during the training process to better understand requests and give relevant responses.

Once the training phase is completed, the model moves into the inference (or deployment) phase. The version of ChatGPT that we use is likely in this phase.

For ChatGPT to get better with time, it needs feedback on whether or not the responses it gives are good. It's already been trained on billions of parameters, and it's not designed to intentionally memorize specific user conversations to learn from conversation history.

The only time conversation history is taken into account is when you continue a conversation with follow-up questions. But those questions do not overlap between conversations and definitely don’t cross between users.

To sum it up, even though they don’t explicitly mention what data sampling they are doing, I think they are using a small sampling of our feedback and interactions and not the information we are entering to improve the model.

ProTip: 🛡️If you are worried about whether or not your conversations are used to feed the model more knowledge, fill out this form which requests that your data not be used in any training.

🚀 Ready to launch your dream company? Refer 1 friend to this newsletter using this link, and once they confirm, we'll send you a copy of "Your Startup Copilot: A Guide to ChatGPT" to streamline your journey from idea to launch. Let's make your startup soar! 🚀 

Tip: To make sure you get the eBook, refer at least two friends so at least one confirms.

🔄 The Feedback Loop: Key to AI Model Improvement

When you use ChatGPT (or any AI model), the feedback loop or what happens after the response is crucial for the developers. For example:

• Did the user repeat the question?

• Did the user hit the thumbs-up or down feedback?

• Did the user regenerate a different response?

• Did the user tell the model the answer was not good or wrong?

These actions help fine-tune the model, making it more accurate and helpful.

👥 OpenAI Employees and Your Data

OpenAI also says that humans (employees/consultants of OpenAI) do view your data for a few reasons:

1. Investigate abuse or a security incident

2. Provide support about your account if you reach out to them

3. Comply with legal requirements

4. Improve models and services

This last one means that some employees at OpenAI could manually review the feedback loop I mentioned.

They also go on to say:

Access to content is subject to technical access controls and limited only to authorized personnel on a need-to-know basis. Additionally, we monitor and log all access to user content, and authorized personnel must undergo security and privacy training before accessing any user content.

Basically, yes an OpenAI employee could see your trade secrets if you put them in. But they take this stuff seriously and no, their employees don’t gather around with popcorn in the evenings reading your conversations just for kicks.

🔐 Data Security Measures

OpenAI also says that they take great care to use appropriate technical and process controls to secure your data. They also mention:

Access to content is subject to technical access controls and limited only to authorized personnel on a need-to-know basis.

Additionally, they monitor and log all access to user content, and authorized personnel must undergo security and privacy training before accessing any user content.

💾 Chat History Storage

It's important to note that your chat history is saved in OpenAI's data centers. Even if you clear your conversations, they may still be retained in OpenAI's databases. Unless you ask them to delete your account, you can't ask them to only delete your chat history from their servers.

I didn't see any mention in their documents of how long the data is saved for, so I would assume forever until they tell us. If you use the API, they do say that conversation data is only stored for 30 days.

🚨 Potential Risks

To sum it all up, here are the risks to consider when using ChatGPT at work:

1. Your prompt data (conversations) are stored on their servers. If OpenAI is hacked, there is a chance your conversations will be leaked anonymously.

2. Employees of OpenAI could see your prompt details.

3. We don't know how long conversations are stored on their servers.

4. Unless you delete your entire account, there is no way to be certain that deleting a conversation removes it from their servers.

The ChatGPT model is trained on the feedback you provide, which gives it the feedback loop it needs to get better.

☠️ Open AI Data Leak

Since we are talking about ChatGPT and risks, I also want to mention that ChatGPT recently had a security issue.

There was a bug in the system that allowed some users to see other people’s conversation titles in their sidebar. They could also see another person’s name, email, partial credit card info, and address.

It's worth noting that the leak did not involve a mass download of data; rather, it allowed some users to view the personal information of someone else on the site. OpenAI identified the source of the leak as an issue with an open-source library—a third-party software component used in their own code. They corrected the issue very quickly.

✨Why not block ChatGPT?

Given those risks, why not just block ChatGPT?

I can summarize the reasons in 3 buckets:

1. Missed Opportunity: ChatGPT is a powerful tool that can help you improve and amplify your company’s skills across all disciplines. Your competitors will most likely use it. If they do and your company does not, you run the risk of being left (way) behind.

2. Stifling Innovation: This is a new world. We are still learning about the full potential and capabilities of ChatGPT and models like it, so proceeding with caution makes sense. Completely blocking or denying it? Less sense. Don’t be Blockbuster or Kodak.

3. Productivity Opportunity Lost: Employees can finish tasks much faster by using ChatGPT. You have an opportunity here to create massive productivity gains which would help you reduce costs and maybe reach deadlines, launches, publications, etc. faster.

We view ChatGPT as a transformational tool that can boost productivity across a company from Operations to Marketing to Product to Engineering and everything in between.

If you didn’t read it, see our article that lists 77 ways you can use ChatGPT at work. It gives examples of how it can be used by anyone in a company - and outside of work too.

🎭 Balance the Risks and Rewards

Alright, so where does that leave you now? Here is what I would do (again, not legal advice, don’t sue me, I have kids that need to go to college):

• Let your employees use ChatGPT with guidelines. You want to be the company that embraces innovation and new technology revolutions, not stifle them, right? Your guidelines should make it clear that there are risks in using ChatGPT and employees should not enter any sensitive data into it.

• In your guidelines, make sure your employees know not to share sensitive data such as personally identifiable information (PII), confidential company data, or trade secrets.

• Identify a champion at your company that can become the go-to person to answer questions about ChatGPT and give guidance on how to use it better.

• Regularly review and update your company's ChatGPT usage policy and guidelines.

• Have all your employees opt out of data sharing with Open AI here.

• Train your employees on how they can and cannot use ChatGPT for work-related activities. Give them a list of best practices and dos/don’ts.

• Use context-aware prompts without divulging proprietary details. Just like you would with a consultant, be cautious about sharing sensitive information with ChatGPT.

• Stay updated on ChatGPT’s privacy policy. We all get those emails when changes are made to terms of service or privacy policies. Read them! Or stay subscribed to GPT Hacks, and we’ll include changes in our articles when they happen. ;)

Give examples specific to your company or use cases for employees to know how they can or cannot use ChatGPT. Like this one:

❌ Leaking Company Info: "How should we respond to our competitors Mutt Matcher and Breed Blend after launching our top-secret project “Pawsome Pedigree,” an app that identifies a mutt's breed mix through a series of questions and machine learning algorithms to provide users with an estimated breed composition?.”

✅ Safe & Effective: "What are best practices for responding to competitors after launching a new product in the market?"

Stay safe out there!

New to GPT Hacks? Join to get biweekly tips on how to use ChatGPT to do better, faster, and more creative work than ever before. Subscribe now.

🤖 Prompt to try

Write a poem based on our guidelines below that will be presented to our team members: [insert ChatGPT company guidelines without including sensitive data]

We would love to read your poems, share them and tag us. We are GetGPTHacks on Twitter and Instagram or GPT Hacks on LinkedIn.

🖼 AI Image of the Day 

Here is how I envision a comic book would display a startup office of the future.

🛠 AI Tool to Try

AdCreative.ai helps you create visual elements for ads and social media posts in seconds.

🌟 AI Fact of the Day

Mary Shelley is credited as the first author to include an example of AI in literature. In 1818 novel, "Frankenstein,” the character Dr. Frankenstein creates a sentient being through scientific experimentation, which is often considered an early example of artificial intelligence. 🧟‍♂️