Is OpenAI’s ChatGPT threatening privacy?.

There has been a rush of excitement in recent weeks for OpenAI’s chatbot, ChatGPT. It’s hard not to share in the excitement, when one can ask a question as unusual as “write me a poem about patents in the style of Shakespeare” and receive a coherent and original reply on your screen (as, admittedly, I did).

ChatGPT, in its own words, is a language model developed by OpenAI that can understand and respond to human language. It can answer questions, write creative pieces, and even computer code. Trained on a large dataset of text from the internet, this allows it to generate human-like responses to prompts given to it – think of it like a computer program that can understand and respond to you as if it were a person.

The possibilities appear to be endless for the language model, capable of processing billions of data points per second and synthesizing human questions in to concise, and often useful, answers. As a patent attorney, my mind was jumping around considering how this might change my career – or end it! Do you take 20 minutes to read and summarize an examination report for your client? ChatGPT can do it in (less than) 20 seconds. Spend hours reviewing prior art documents looking for points of novelty in your clients’ claims? ChatGPT represents the possibility to do that in seconds. Drafting entire patent specifications is down the line, too.

But the purpose of this article is not to speculate on the moral utility of artificial intelligence and how it might replace part of the human workforce.

Rather, my chief concern in recent days has been privacy.

No doubt many patent attorneys will have pondered the value of plugging an invention disclosure into ChatGPT and asking it to draft them an independent claim or three. But do our inputs become part of the training data? If they do, that would suggest something of our inputs could be outputted in response to another user at a later date. No need to elaborate on why that would be a problem for a patent attorney!

I asked ChatGPT “do my inputs to ChatGPT become part of the training data?”, and received the following reply:

“While the model is able to generate new text based on the patterns it has learned, it does not retain any specific input from individual users like yourself.

Also, OpenAI is committed to protecting the privacy of its users and does not share user input data with any third parties. It is possible that some of your inputs may have been used in the training data, but it’s not possible to know this specifically.

It is important to note that the inputs provided to the model are not stored, and will not be used to train the model further. They are only used to generate a response for the specific input you provided.”

In other words, to my question: no, yes, no. Not very helpful, ChatGPT. Meanwhile, OpenAI’s terms of use state that user inputs may be used to “develop and improve services”, but that you can opt out of having your inputs used for improvement by contacting them. The conclusion any sensible attorney will draw from this is to steer clear of inputting any confidential information in to ChatGPT as it is currently available on OpenAI’s website.

All hope is not lost, however. The possibility to sandbox a customer’s language model still exists. Microsoft’s announcement that they will soon begin offering ChatGPT as a service brings their own AI platform, Azure, in to focus. Azure provides guarantees that training data inputted to a customer’s model will only be used to train the customer model, and not any Microsoft models. No doubt with the passage of time this will become a more widely available feature offered by other players in the industry which is inevitably marching towards full scale usage of AI.

Attorneys would do well to get on the bandwagon of AI early – it’s coming to our industry, like it or not.

Originally posted in Patent Lawyer Magazine here


Privacy Settings

Privacy Settings
Saves the current privacy settings.
Retention period: This cookie will remain for 30 days.
Saves the current PHP session.
Retention period: This cookie will only remain for the current browser session.
Performance and Analytics Cookies
These technologies allow us to analyze website usage in order to measure and improve performance.
Google Analytics
This is a web analytics service. It allows the user to measure advertising ROI, track flash, video and social networking sites and applications.
Provider: Google Ireland Limited - Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Technical name: _ga,_gat_gtag_UA_120928533_6,_gid
Show more details

Data Purposes

This list represents the purposes of the data collection and processing.
- Marketing
- Analytics

Technologies Used

- Cookies
- Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

- App updates
- Click path
- Date and time of visit
- Device information
- Downloads
- Flash version
- Location information
- IP address
- JavaScript support
- Pages visited
- Purchase activity
- Referrer URL
- Usage data
- Widget interactions
- Browser information

Legal Basis

In the following the required legal basis for the processing of data is listed.

- Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

- European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.
The Retention Period depends on the type of the saved data. Each client can choose how long Google Analytics retains data before automatically deleting it.
Data Recipients

- Google Ireland Limited, Alphabet Inc., Google LLC

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

United States of America,Singapore,Chile,Taiwan

Click here to read the privacy policy of the data processor

Click here to opt out from this processor across all domains

Click here to read the cookie policy of the data processor

Storage Information

Below you can see the longest potential duration for storage on a device, as set when using the cookie method of storage and if there are any other methods used.

- Maximum age of cookie storage: 2 years

  Accept all
Please upgrade your browser. This website is not compatible with Internet Explorer.