WEBVTT - TechSupport: Nothing’s Private – Even Conversations with ChatGPT

0:00:14.040 --> 0:00:16.520
<v Speaker 1>Welcome to tech stuff. This is tech Support. I'm os

0:00:16.560 --> 0:00:18.560
<v Speaker 1>Valoshin and I'm here with Cara Price.

0:00:18.680 --> 0:00:19.840
<v Speaker 2>Hey us, Hey Karra.

0:00:20.480 --> 0:00:23.480
<v Speaker 1>So today we wanted to talk about this chatchypt feature,

0:00:23.520 --> 0:00:26.960
<v Speaker 1>which is now defunct, but our friends at four or

0:00:26.960 --> 0:00:30.200
<v Speaker 1>Form Media had a story with the headline nearly one

0:00:30.280 --> 0:00:34.839
<v Speaker 1>hundred thousand chatchypt conversations were searchable on Google. And as

0:00:34.880 --> 0:00:36.599
<v Speaker 1>soon as that email hit my in box, before I'd

0:00:36.600 --> 0:00:38.559
<v Speaker 1>even read it, I've forwarded it to you and to

0:00:38.600 --> 0:00:41.440
<v Speaker 1>our producer Eliza, and I said, let's jump on this.

0:00:41.760 --> 0:00:43.280
<v Speaker 3>Yeah. You know, part of it is that it taps

0:00:43.320 --> 0:00:45.400
<v Speaker 3>into this fear that we all have about our most

0:00:45.440 --> 0:00:48.199
<v Speaker 3>intimate thoughts being made public. This isn't like having a

0:00:48.200 --> 0:00:52.199
<v Speaker 3>private Instagram account. This is very much between us and

0:00:52.320 --> 0:00:55.440
<v Speaker 3>chat gpt. It's a little bit like talking in our sleep.

0:00:55.880 --> 0:00:57.760
<v Speaker 3>And I think most people who have played around with

0:00:57.800 --> 0:01:00.800
<v Speaker 3>a chatbot have some questions or responses that they'd rather

0:01:00.840 --> 0:01:03.040
<v Speaker 3>the general public be blind to. I know I have

0:01:03.080 --> 0:01:03.760
<v Speaker 3>my fair share.

0:01:04.120 --> 0:01:04.360
<v Speaker 2>Yeah.

0:01:04.400 --> 0:01:07.280
<v Speaker 1>We did that piece recently with Kashmir Hill about AI

0:01:07.440 --> 0:01:11.120
<v Speaker 1>induced psychosis and the guy who'd fallen into the rabbit

0:01:11.200 --> 0:01:14.080
<v Speaker 1>hole by talking with chat Gibt about whether or not

0:01:14.080 --> 0:01:16.559
<v Speaker 1>he might be living in a simulation. So I started

0:01:16.600 --> 0:01:18.480
<v Speaker 1>talking about chat gpt with this to see if I

0:01:18.520 --> 0:01:20.080
<v Speaker 1>would also be taking down the rabbit hole, and then

0:01:20.080 --> 0:01:21.440
<v Speaker 1>I was like, oh my god, I'm not sure if

0:01:21.440 --> 0:01:23.520
<v Speaker 1>I want this to be made public at a later date.

0:01:24.120 --> 0:01:27.200
<v Speaker 1>So yeah, open Ai says they're now working with Google

0:01:27.280 --> 0:01:31.000
<v Speaker 1>to scrape these conversations off the web, but of course

0:01:31.160 --> 0:01:34.119
<v Speaker 1>some quick thinkers have already archived them.

0:01:34.400 --> 0:01:35.960
<v Speaker 2>And I can't help but be rather.

0:01:35.880 --> 0:01:38.360
<v Speaker 1>Curious about what it is that people are talking to

0:01:38.440 --> 0:01:39.680
<v Speaker 1>chat Gibt about.

0:01:40.000 --> 0:01:42.399
<v Speaker 3>I mean, obviously, we do have a segment at the

0:01:42.480 --> 0:01:45.320
<v Speaker 3>end of every Friday episode called Chat and Me about

0:01:45.319 --> 0:01:48.520
<v Speaker 3>how our listeners are really using their chatbots, and now

0:01:49.520 --> 0:01:52.440
<v Speaker 3>we have hundreds of thousands of additional responses to explore.

0:01:52.560 --> 0:01:54.920
<v Speaker 1>Of course, there's a difference between how our listeners tell

0:01:55.000 --> 0:01:59.440
<v Speaker 1>us they're using chambots and the reality which apparent from

0:01:59.440 --> 0:02:02.440
<v Speaker 1>these logs, and one researcher was actually created a data

0:02:02.520 --> 0:02:05.080
<v Speaker 1>set of all the responses that were indexed by Google,

0:02:05.480 --> 0:02:07.480
<v Speaker 1>and again our friends at four or four Media were

0:02:07.480 --> 0:02:10.000
<v Speaker 1>able to take a look here to tell us about

0:02:10.000 --> 0:02:12.240
<v Speaker 1>what everyone's asking chat is.

0:02:12.280 --> 0:02:14.120
<v Speaker 2>Four or four Media's Joseph.

0:02:13.800 --> 0:02:16.280
<v Speaker 3>Cox Joseph, Welcome back to tech stuff.

0:02:16.560 --> 0:02:17.600
<v Speaker 4>Hi, thank you for having me.

0:02:17.919 --> 0:02:18.239
<v Speaker 2>Joseph.

0:02:18.320 --> 0:02:20.920
<v Speaker 1>Let's start at the beginning. How is it that one

0:02:21.000 --> 0:02:25.200
<v Speaker 1>hundred thousand chat GPT conversations ended up on Google Search.

0:02:25.240 --> 0:02:27.080
<v Speaker 1>I thought that these conversations were private.

0:02:27.480 --> 0:02:31.120
<v Speaker 4>Yeah. So this starts with an article on Fast Company

0:02:31.320 --> 0:02:36.760
<v Speaker 4>on July thirtieth, and that outlook found that chat GPT

0:02:36.880 --> 0:02:41.440
<v Speaker 4>conversations were being indexed by Google. That is, as your

0:02:41.440 --> 0:02:44.639
<v Speaker 4>listeners will know, Google is constantly going around the web

0:02:44.960 --> 0:02:48.639
<v Speaker 4>and essentially grabbing content from websites. Of course, it can

0:02:48.760 --> 0:02:52.240
<v Speaker 4>use it to make its search engine. What was different

0:02:52.320 --> 0:02:56.560
<v Speaker 4>here was that while ordinarily, when you're talking to chat gpt,

0:02:56.840 --> 0:03:01.480
<v Speaker 4>thankfully all of the content of that conversation is private,

0:03:01.880 --> 0:03:04.600
<v Speaker 4>in this case, what some people have been doing was

0:03:04.680 --> 0:03:07.480
<v Speaker 4>using i think a little known feature where they could

0:03:07.520 --> 0:03:11.399
<v Speaker 4>share the contents of that communication. Now, maybe you want

0:03:11.400 --> 0:03:13.680
<v Speaker 4>to do that because you want to show your friend, wow,

0:03:13.720 --> 0:03:16.920
<v Speaker 4>look at this really wacky, crazy thing that chat GPT

0:03:17.080 --> 0:03:19.760
<v Speaker 4>told me. Or maybe there's a business need right like, hey,

0:03:19.840 --> 0:03:22.360
<v Speaker 4>I've done this with chat GPT, now I need to

0:03:22.360 --> 0:03:25.320
<v Speaker 4>show other people in my team. And you would select

0:03:25.440 --> 0:03:30.480
<v Speaker 4>the share feature and this would create a public essentially

0:03:30.520 --> 0:03:35.040
<v Speaker 4>a public web page version of that chat, and although

0:03:35.080 --> 0:03:36.960
<v Speaker 4>you can then send that to your friends or your

0:03:36.960 --> 0:03:40.600
<v Speaker 4>co workers, it can also be seen by Google obviously,

0:03:41.040 --> 0:03:44.080
<v Speaker 4>and OpenAI probably could have done some stuff to protect

0:03:44.120 --> 0:03:46.680
<v Speaker 4>it there. But the result is that a bunch of

0:03:46.680 --> 0:03:51.000
<v Speaker 4>these conversations and now publicly available, are indexed by Google,

0:03:51.400 --> 0:03:54.760
<v Speaker 4>and I seriously doubt that all of the people using

0:03:54.840 --> 0:03:59.240
<v Speaker 4>this share feature really understood what they were getting into.

0:03:59.440 --> 0:04:03.440
<v Speaker 1>Yeah, can you elaborate on that, because I thinking about WhatsApp,

0:04:03.520 --> 0:04:06.120
<v Speaker 1>for example, where there's like a forward button, or like

0:04:06.200 --> 0:04:11.200
<v Speaker 1>on x, I can do like a share link to tweet.

0:04:11.720 --> 0:04:14.720
<v Speaker 1>Is this like a somebody thinks they're pressing a button

0:04:14.800 --> 0:04:18.440
<v Speaker 1>to share an individual version of the transcript with another person,

0:04:18.880 --> 0:04:21.120
<v Speaker 1>but in so doing is kind of making their whole

0:04:21.480 --> 0:04:24.520
<v Speaker 1>chat GPT history visible to Google. Or what's the practical

0:04:25.200 --> 0:04:26.720
<v Speaker 1>explanation of how this happened?

0:04:27.040 --> 0:04:32.400
<v Speaker 4>Yeah, the users are making that particular conversation publicly available,

0:04:32.920 --> 0:04:35.359
<v Speaker 4>and it works in a very similar way to the

0:04:35.360 --> 0:04:38.799
<v Speaker 4>things you just outlined. I sometimes compare it a little

0:04:38.839 --> 0:04:42.400
<v Speaker 4>bit to a Google doc link where you will go

0:04:42.440 --> 0:04:44.800
<v Speaker 4>and you'll make that public and there's that setting you

0:04:44.839 --> 0:04:48.159
<v Speaker 4>can do that says Hey, anybody with this link is

0:04:48.200 --> 0:04:51.600
<v Speaker 4>going to be able to read your aw full article draft.

0:04:51.640 --> 0:04:53.359
<v Speaker 4>I mean that would be my case or whatever, or

0:04:53.400 --> 0:04:56.560
<v Speaker 4>your private thoughts or whatever. But you don't then go

0:04:56.680 --> 0:05:00.840
<v Speaker 4>and paste that link online and Google take steps so

0:05:00.880 --> 0:05:04.440
<v Speaker 4>that's not included in search engine results. Of course, if

0:05:04.480 --> 0:05:06.080
<v Speaker 4>you want to post it on a forum or you

0:05:06.120 --> 0:05:08.400
<v Speaker 4>post it on Twitter, that's going to be something else.

0:05:08.440 --> 0:05:11.520
<v Speaker 4>But that's usually how I think most people expect this

0:05:11.720 --> 0:05:14.880
<v Speaker 4>sort of sharing behavior to work. They expect that, well,

0:05:14.920 --> 0:05:16.719
<v Speaker 4>I'm going to just share it with one or two

0:05:16.800 --> 0:05:20.040
<v Speaker 4>people or you know, a dozen or whatever. They don't

0:05:20.120 --> 0:05:24.240
<v Speaker 4>expect typically that it's going to be available to anyone

0:05:24.640 --> 0:05:26.960
<v Speaker 4>on the Internet who knows where to look, or of

0:05:27.000 --> 0:05:31.400
<v Speaker 4>course anyone with Google now because Google has archived it

0:05:31.480 --> 0:05:34.480
<v Speaker 4>as well. It's sort of a big mix of the

0:05:34.600 --> 0:05:38.159
<v Speaker 4>user is partly at fault for perhaps not fully understanding

0:05:38.160 --> 0:05:40.640
<v Speaker 4>what is going on. Of course open AI, maybe not

0:05:40.640 --> 0:05:43.560
<v Speaker 4>fully explaining what is going on, and not taking steps

0:05:43.600 --> 0:05:46.640
<v Speaker 4>to stop Google indexing, and then of course Google indexing

0:05:46.680 --> 0:05:49.840
<v Speaker 4>it as well. There's a lot of maybe blame is

0:05:49.880 --> 0:05:51.839
<v Speaker 4>too strong a word, there's love blame to go around,

0:05:51.880 --> 0:05:52.839
<v Speaker 4>I think, to all parties.

0:05:53.600 --> 0:05:55.640
<v Speaker 2>So this is one hundred thousand conversations.

0:05:55.680 --> 0:05:59.920
<v Speaker 1>Do we know how many users those hundred thousand conversations represent?

0:06:00.120 --> 0:06:02.400
<v Speaker 1>And also you know what are some of the things

0:06:02.520 --> 0:06:03.560
<v Speaker 1>in those conversations.

0:06:03.680 --> 0:06:05.880
<v Speaker 4>Yeah, I don't think I've seen figures that drill down

0:06:05.960 --> 0:06:08.599
<v Speaker 4>to how many users, but you're right, it's nearly one

0:06:08.680 --> 0:06:14.240
<v Speaker 4>hundred thousand conversations with this data set the researcher scraped

0:06:14.279 --> 0:06:17.680
<v Speaker 4>from Google. I mean, before this, some researchers were going

0:06:17.680 --> 0:06:21.240
<v Speaker 4>through hundreds of conversations and that was already bad enough,

0:06:21.240 --> 0:06:24.919
<v Speaker 4>and of course Newsworthy. Well, this researcher did was scrape

0:06:24.960 --> 0:06:27.320
<v Speaker 4>them on mass put them into a data set. And

0:06:27.360 --> 0:06:29.880
<v Speaker 4>I'm actually looking at it now and there's a lot

0:06:29.920 --> 0:06:32.359
<v Speaker 4>of benign stuff in here. It looks like somebody is

0:06:32.400 --> 0:06:36.359
<v Speaker 4>making their first iPhone app and they're using chat GPT

0:06:36.560 --> 0:06:40.560
<v Speaker 4>for that. There are others where people are clearly discussing

0:06:41.080 --> 0:06:45.000
<v Speaker 4>sensitive business materials, such as could you help me write

0:06:45.000 --> 0:06:48.760
<v Speaker 4>this contract? There is potentially, you know, some bank information

0:06:49.320 --> 0:06:51.839
<v Speaker 4>in here. I say potentially because it sure looks like

0:06:51.880 --> 0:06:55.680
<v Speaker 4>bank information. And then you have I mean you mentioned

0:06:55.920 --> 0:07:00.760
<v Speaker 4>at the top these sort of delusional conversation that some

0:07:00.800 --> 0:07:04.280
<v Speaker 4>people have with chatjeput and I'm sure there is some

0:07:04.360 --> 0:07:07.159
<v Speaker 4>of that in here. I have seen some people talking

0:07:07.160 --> 0:07:12.240
<v Speaker 4>about therapy. I have seen some people talking about relationship issues,

0:07:12.280 --> 0:07:15.160
<v Speaker 4>such as one it seems to be a man talking

0:07:15.200 --> 0:07:18.080
<v Speaker 4>about his ex girlfriend and wondering why she's not looking

0:07:18.160 --> 0:07:22.520
<v Speaker 4>at his Instagram stories, that sort of thing, which I

0:07:22.520 --> 0:07:23.440
<v Speaker 4>don't know if I would turn.

0:07:23.480 --> 0:07:24.720
<v Speaker 2>It's just not that into you.

0:07:26.080 --> 0:07:28.680
<v Speaker 4>That means yes, I think chat GPT was trying to

0:07:28.720 --> 0:07:33.760
<v Speaker 4>say that basically, so this is only what people have

0:07:33.840 --> 0:07:38.120
<v Speaker 4>decided to share, which is a very interesting caveat to

0:07:38.760 --> 0:07:39.280
<v Speaker 4>the data.

0:07:39.440 --> 0:07:40.920
<v Speaker 1>They don't want to share it with the world, but

0:07:40.960 --> 0:07:43.480
<v Speaker 1>they've chosen at least one other person to share it with,

0:07:43.560 --> 0:07:47.360
<v Speaker 1>so therefore, by definition, is not their most private use case.

0:07:47.600 --> 0:07:51.800
<v Speaker 4>Yes, and maybe the research or others will be able

0:07:51.840 --> 0:07:55.240
<v Speaker 4>to do some sort of deeper analysis on this than me.

0:07:55.640 --> 0:07:57.840
<v Speaker 4>But that's interesting and that what are the sorts of

0:07:57.880 --> 0:08:00.720
<v Speaker 4>things that people are willing to share with another person?

0:08:00.880 --> 0:08:02.760
<v Speaker 4>And of course, you know, what does that tell us

0:08:02.760 --> 0:08:05.480
<v Speaker 4>about the things they're not sharing. That being said, I

0:08:05.480 --> 0:08:07.760
<v Speaker 4>don't think anybody wants a security issue where we're actually

0:08:07.760 --> 0:08:09.560
<v Speaker 4>able to see all of that private data either.

0:08:10.200 --> 0:08:12.360
<v Speaker 3>So this was something that was reported out a few

0:08:12.400 --> 0:08:15.239
<v Speaker 3>weeks ago, As you said, has there been any change

0:08:15.440 --> 0:08:19.920
<v Speaker 3>and how did open ai respond to the exclusive.

0:08:19.720 --> 0:08:23.680
<v Speaker 4>So open ai has now disabled this like opt in

0:08:24.160 --> 0:08:27.440
<v Speaker 4>sharing feature because the company actually said they don't think

0:08:27.480 --> 0:08:30.840
<v Speaker 4>people fully understood what was going on. And then the

0:08:30.880 --> 0:08:33.960
<v Speaker 4>company also says it is working with Google to remove

0:08:34.520 --> 0:08:37.839
<v Speaker 4>some of those indexed results. Because of course there's a

0:08:37.880 --> 0:08:40.120
<v Speaker 4>few things going on here. There's the exposure in the

0:08:40.160 --> 0:08:43.520
<v Speaker 4>first place, there's the sharing, there's the indexing by Google.

0:08:43.760 --> 0:08:48.240
<v Speaker 4>But even if Google does remove these search results, these

0:08:48.520 --> 0:08:52.600
<v Speaker 4>chats have been archived by this researcher, and I presume

0:08:52.760 --> 0:08:55.800
<v Speaker 4>others as well, Like I seriously doubt there's only one

0:08:55.880 --> 0:08:58.680
<v Speaker 4>or two people who grabbed all of this data. It's

0:08:58.960 --> 0:09:02.800
<v Speaker 4>very much an interesting privacy issue that I think researchers

0:09:02.800 --> 0:09:04.160
<v Speaker 4>want to look into and learn from.

0:09:04.440 --> 0:09:07.520
<v Speaker 3>I don't understand why open ai seem to think that

0:09:07.559 --> 0:09:09.560
<v Speaker 3>this tool would be useful, Like, have you given that

0:09:09.600 --> 0:09:10.080
<v Speaker 3>any thought?

0:09:10.600 --> 0:09:14.520
<v Speaker 4>Yeah, I think that people do want to sometimes share

0:09:15.160 --> 0:09:21.319
<v Speaker 4>the interesting or crazy or insightful stuff they get from GPT. Now,

0:09:21.720 --> 0:09:25.679
<v Speaker 4>open ai probably should have taken steps to ensure that

0:09:25.720 --> 0:09:29.920
<v Speaker 4>people can share this in a much more private manner,

0:09:30.200 --> 0:09:33.679
<v Speaker 4>maybe something like you have to add a particular chat

0:09:33.800 --> 0:09:36.520
<v Speaker 4>GPT user to the conversation, then they can see it

0:09:36.559 --> 0:09:38.880
<v Speaker 4>in the same way you add somebody to a Google doc,

0:09:39.000 --> 0:09:42.119
<v Speaker 4>for example. That would be a little bit more laborious,

0:09:42.160 --> 0:09:44.880
<v Speaker 4>there'd be a bit more friction there. But I'm just

0:09:45.000 --> 0:09:49.280
<v Speaker 4>interested in why open ai did not take more steps

0:09:49.320 --> 0:09:52.640
<v Speaker 4>to protect this from being scraped by Google. It is

0:09:52.840 --> 0:09:57.480
<v Speaker 4>possible to share material online without it being touched by

0:09:57.520 --> 0:10:00.240
<v Speaker 4>search engines. You can ask search engines, hey, if you

0:10:00.240 --> 0:10:03.800
<v Speaker 4>come across this, please do not index it. I'm curious

0:10:03.840 --> 0:10:06.840
<v Speaker 4>why OpenAI did not take those steps, and I don't

0:10:06.880 --> 0:10:10.240
<v Speaker 4>have any insight either way. But the result is that

0:10:10.280 --> 0:10:12.800
<v Speaker 4>all of these chats have now been indexed on Google,

0:10:12.840 --> 0:10:14.160
<v Speaker 4>and I think that's pretty significant.

0:10:14.440 --> 0:10:15.720
<v Speaker 2>What do you think might happen next?

0:10:15.960 --> 0:10:19.560
<v Speaker 4>What happens next is that I think other companies are

0:10:19.640 --> 0:10:24.880
<v Speaker 4>going to start checking whether they also have similar issues

0:10:25.440 --> 0:10:27.000
<v Speaker 4>like this. And I do want to stress like, this

0:10:27.040 --> 0:10:30.559
<v Speaker 4>is not the vast majority of chat GPT conversations or

0:10:30.559 --> 0:10:33.880
<v Speaker 4>anything like that. Chat GPT was not hacked, it wasn't breached.

0:10:33.920 --> 0:10:38.240
<v Speaker 4>There was a somewhat niche security issue, but because these

0:10:38.280 --> 0:10:42.640
<v Speaker 4>tools are becoming so so popular now, even a relatively

0:10:42.760 --> 0:10:45.640
<v Speaker 4>niche issue can actually impact a ton of people.

0:10:51.960 --> 0:10:56.560
<v Speaker 3>After the break, So how secure are AI chatbots stay

0:10:56.640 --> 0:10:56.959
<v Speaker 3>with us?

0:11:11.720 --> 0:11:16.560
<v Speaker 1>It's interesting because Sam Altman was recently on THEO Vonn's

0:11:16.640 --> 0:11:20.560
<v Speaker 1>podcast and he was sort of pointing out some of

0:11:20.600 --> 0:11:25.080
<v Speaker 1>the risks to my surprise, about the privacy issues in

0:11:25.640 --> 0:11:29.280
<v Speaker 1>chat shept. He was saying, like therapists conversations are protected

0:11:29.280 --> 0:11:34.040
<v Speaker 1>by hippa lawyer conversations are protected by attorney client privilege,

0:11:34.040 --> 0:11:37.360
<v Speaker 1>and people assume that when they're talking with chat that

0:11:37.520 --> 0:11:40.839
<v Speaker 1>maybe some of these protections apply, whereas in fact they don't.

0:11:41.120 --> 0:11:43.720
<v Speaker 1>And I was kind of wondering why he, of all people,

0:11:44.040 --> 0:11:46.560
<v Speaker 1>was out there on this topic. I did read some

0:11:46.600 --> 0:11:48.880
<v Speaker 1>other reporting saying that it may be part of the

0:11:49.400 --> 0:11:51.640
<v Speaker 1>lawsuit with the New York Times. The New York Times

0:11:51.679 --> 0:11:55.480
<v Speaker 1>is part of their discovery in the lawsuit against open

0:11:55.520 --> 0:11:58.400
<v Speaker 1>Ai for copyright infringement. Are demanding I think one hundred

0:11:58.480 --> 0:12:03.000
<v Speaker 1>million open ai converse stations for analysis, But I was

0:12:03.040 --> 0:12:06.120
<v Speaker 1>surprised to hear Altman out there on this. Nonetheless, can

0:12:06.120 --> 0:12:08.400
<v Speaker 1>you kind of take a step back and maybe reflect

0:12:08.440 --> 0:12:12.239
<v Speaker 1>on this story about the breach in the broader context

0:12:12.559 --> 0:12:18.400
<v Speaker 1>of how people are using chatbots and what chatbot makers

0:12:18.600 --> 0:12:21.920
<v Speaker 1>are incentivized to do or not do to protect their users.

0:12:22.360 --> 0:12:25.319
<v Speaker 4>Yeah, so I haven't seen those comments. But to zoom

0:12:25.360 --> 0:12:29.240
<v Speaker 4>out a little bit, Altman and other people in the space,

0:12:29.880 --> 0:12:34.160
<v Speaker 4>they enjoy kind of getting their cake and eating it too,

0:12:34.240 --> 0:12:37.480
<v Speaker 4>where on one side they will warn about the dangers

0:12:37.480 --> 0:12:40.640
<v Speaker 4>of AI. They'll say it needs to be regulated, it

0:12:40.640 --> 0:12:43.600
<v Speaker 4>needs to be taken really very seriously, and also it

0:12:43.679 --> 0:12:45.679
<v Speaker 4>is coming and there's nothing we can do about it,

0:12:45.920 --> 0:12:48.600
<v Speaker 4>while also building those tools at the same time and

0:12:48.640 --> 0:12:50.880
<v Speaker 4>making a lot of money from it. They actually benefit

0:12:50.920 --> 0:12:53.600
<v Speaker 4>from being on both sides of the conversation at the

0:12:53.640 --> 0:12:58.000
<v Speaker 4>same time, and Oltman and others very easily switch between

0:12:58.000 --> 0:13:01.560
<v Speaker 4>those positions depending on the context and which they're talking about.

0:13:01.600 --> 0:13:05.079
<v Speaker 4>So of course, you know, an AI developer can say

0:13:05.480 --> 0:13:08.800
<v Speaker 4>very very sensitive stuff is going on here and people

0:13:08.880 --> 0:13:10.680
<v Speaker 4>need to be careful, and then on the other side

0:13:10.679 --> 0:13:13.840
<v Speaker 4>they'll say, while our technology is absolutely suitable for that

0:13:13.880 --> 0:13:16.960
<v Speaker 4>because we take privacy very seriously or whatever. I've just

0:13:17.040 --> 0:13:19.920
<v Speaker 4>kind of got a little bit jaded by all of

0:13:19.960 --> 0:13:22.880
<v Speaker 4>these companies playing both sides at the same time, And

0:13:22.920 --> 0:13:27.760
<v Speaker 4>that's why I think you need outside journalists, outside experts, policymakers,

0:13:28.240 --> 0:13:31.319
<v Speaker 4>activists who can probe it a little bit more because

0:13:31.360 --> 0:13:34.560
<v Speaker 4>every time I hear Oltmann or someone similar make these

0:13:34.600 --> 0:13:37.240
<v Speaker 4>points about their own technology, I have to remember, yeah,

0:13:37.280 --> 0:13:37.920
<v Speaker 4>but they're making it.

0:13:38.120 --> 0:13:38.840
<v Speaker 2>Yeah.

0:13:39.120 --> 0:13:42.199
<v Speaker 3>Open ai is apparently trying to remove the shared content

0:13:42.240 --> 0:13:45.760
<v Speaker 3>from search engines, but smart people like this researcher accessed

0:13:45.760 --> 0:13:48.520
<v Speaker 3>and stored it while it was live. While they're using

0:13:48.559 --> 0:13:51.000
<v Speaker 3>it for an altruistic purpose. I'm wondering if you think

0:13:51.040 --> 0:13:54.920
<v Speaker 3>people should be concerned, like what if they do end

0:13:55.000 --> 0:13:55.880
<v Speaker 3>up in the wrong hands.

0:13:56.160 --> 0:13:59.440
<v Speaker 4>I don't think people need to necessarily be concerned about

0:13:59.520 --> 0:14:02.880
<v Speaker 4>this specific breach. I mean that being said, maybe there's

0:14:03.000 --> 0:14:05.680
<v Speaker 4>something really really bad in there and I simply haven't

0:14:05.800 --> 0:14:08.080
<v Speaker 4>seen it, and the researcher and others are going to

0:14:08.120 --> 0:14:12.080
<v Speaker 4>continue to dig through it. But people should absolutely be

0:14:12.200 --> 0:14:15.800
<v Speaker 4>careful with how they are using chatbots. I mean, maybe

0:14:15.800 --> 0:14:18.480
<v Speaker 4>they use this now disabled feature and maybe they're going

0:14:18.520 --> 0:14:21.000
<v Speaker 4>to be concerned about that. But putting that aside, you

0:14:21.280 --> 0:14:25.400
<v Speaker 4>have to remember every single command, every single prompt, every

0:14:25.400 --> 0:14:29.200
<v Speaker 4>single sentence that you put into chatch, GPT or any

0:14:29.240 --> 0:14:33.000
<v Speaker 4>of these other ones. It is going somewhere. It's not

0:14:33.560 --> 0:14:36.720
<v Speaker 4>just sat on your computer. It's not being locally processed.

0:14:36.880 --> 0:14:40.200
<v Speaker 4>Is going off to their systems, and ultimately you don't

0:14:40.280 --> 0:14:43.480
<v Speaker 4>really know what it's being used for. That is, maybe

0:14:43.480 --> 0:14:47.360
<v Speaker 4>it's you retraining and improving the training of the system itself,

0:14:47.560 --> 0:14:51.960
<v Speaker 4>or whether there's some sort of quirk in its security

0:14:52.040 --> 0:14:54.640
<v Speaker 4>or privacy or sharing settings that ends up with it

0:14:54.720 --> 0:14:58.280
<v Speaker 4>now being publicly available. And I know that I'm a

0:14:58.320 --> 0:15:00.600
<v Speaker 4>little bit more extreme than others, but I would never

0:15:01.040 --> 0:15:04.640
<v Speaker 4>put sensitive information into one of these things. And I

0:15:04.720 --> 0:15:08.920
<v Speaker 4>know that plenty of companies are having to implement policies

0:15:08.960 --> 0:15:12.600
<v Speaker 4>where they tell employees, please do not put competential information

0:15:13.000 --> 0:15:16.240
<v Speaker 4>into the chatbot that we don't own. I think people

0:15:16.320 --> 0:15:20.160
<v Speaker 4>just have to be really, really cognizant of that. In

0:15:20.200 --> 0:15:22.920
<v Speaker 4>the same way that when we all first got smartphones,

0:15:22.960 --> 0:15:25.800
<v Speaker 4>we had to learn, oh, right, it's tracking my location

0:15:25.960 --> 0:15:28.320
<v Speaker 4>data if I turn location data on. I think we

0:15:28.360 --> 0:15:30.840
<v Speaker 4>need to remember and to learn, oh, when I put

0:15:30.840 --> 0:15:34.200
<v Speaker 4>this thing into chat GPT, I don't know exactly where

0:15:34.200 --> 0:15:37.400
<v Speaker 4>it's going, and it could potentially bite me later if

0:15:37.400 --> 0:15:38.080
<v Speaker 4>I'm not careful.

0:15:38.360 --> 0:15:40.000
<v Speaker 2>Yeah, And I think it's an important point.

0:15:40.040 --> 0:15:42.320
<v Speaker 1>Just we think about the stakes of the you know,

0:15:42.360 --> 0:15:46.000
<v Speaker 1>open AI or chatchbt logs being indexed and available on

0:15:46.040 --> 0:15:50.120
<v Speaker 1>Google because like information that you know, you share with

0:15:50.200 --> 0:15:53.359
<v Speaker 1>a chatbot that you may think is more or less harmless,

0:15:53.840 --> 0:15:58.480
<v Speaker 1>could have you know, identifying information or sensitive personal information

0:15:58.560 --> 0:16:01.640
<v Speaker 1>about addresses or accouncilor whatever it may be.

0:16:01.800 --> 0:16:05.000
<v Speaker 2>And so I think there's this kind of almost.

0:16:04.640 --> 0:16:09.240
<v Speaker 1>Willful ignorance which many of us, including me, persist with

0:16:09.400 --> 0:16:13.479
<v Speaker 1>despite knowing better in terms of how important proper security

0:16:13.520 --> 0:16:17.480
<v Speaker 1>practices around digital information are. And as you say, like

0:16:17.800 --> 0:16:21.120
<v Speaker 1>with all of a sudden standing on the doorstep of

0:16:21.200 --> 0:16:22.920
<v Speaker 1>a much more scary reality.

0:16:23.280 --> 0:16:26.720
<v Speaker 4>Yeah, I would say that with security you really have

0:16:26.800 --> 0:16:30.280
<v Speaker 4>to be proactive rather than reactive after something has happened,

0:16:30.520 --> 0:16:34.480
<v Speaker 4>you know, your bank account got broken into or anything

0:16:34.560 --> 0:16:37.040
<v Speaker 4>like that. Sure, you can deal with it, but it's

0:16:37.080 --> 0:16:39.280
<v Speaker 4>going to be annoying, it's going to be hard, it's

0:16:39.320 --> 0:16:41.520
<v Speaker 4>going to be tricky, and maybe some people steal some

0:16:41.560 --> 0:16:44.120
<v Speaker 4>money from you, maybe somebody hacks into your company or

0:16:44.160 --> 0:16:48.920
<v Speaker 4>something like that. You really should do security proactively if

0:16:48.920 --> 0:16:51.160
<v Speaker 4>you can. And a really thing that applies to everybody,

0:16:51.160 --> 0:16:53.760
<v Speaker 4>which isn't to say that it should be on users

0:16:53.800 --> 0:16:56.080
<v Speaker 4>all of the time. It really is up to the

0:16:56.080 --> 0:16:59.400
<v Speaker 4>people who make these products such as chat, GPT by

0:16:59.440 --> 0:17:02.960
<v Speaker 4>open Ai or whatever else for them to put in

0:17:03.000 --> 0:17:06.520
<v Speaker 4>these guardrails so people can't make these mistakes in the

0:17:06.560 --> 0:17:07.160
<v Speaker 4>first place.

0:17:07.680 --> 0:17:09.159
<v Speaker 3>You were lucky enough to get a hold of this

0:17:09.240 --> 0:17:11.639
<v Speaker 3>data set by this researcher. Do you know what the

0:17:11.640 --> 0:17:14.120
<v Speaker 3>researcher is planning to do with the information.

0:17:14.119 --> 0:17:20.000
<v Speaker 4>Not specifically beyond analyzing it for trends. I believe seeing

0:17:20.040 --> 0:17:25.320
<v Speaker 4>what is in there absolutely no criminal activity or anything

0:17:25.400 --> 0:17:28.240
<v Speaker 4>like that. But again, that's not to say that other

0:17:28.280 --> 0:17:30.879
<v Speaker 4>people may not be doing that as well. I can

0:17:30.960 --> 0:17:34.240
<v Speaker 4>imagine the situation which let's say, and this is a hypothetical,

0:17:34.359 --> 0:17:36.520
<v Speaker 4>but I'm sure I can find something that would reflect

0:17:36.520 --> 0:17:38.879
<v Speaker 4>this in some sort of data set. They're say you

0:17:38.920 --> 0:17:42.640
<v Speaker 4>were using Chatchuputi or something similar to make a quick

0:17:42.760 --> 0:17:46.360
<v Speaker 4>prototype app for your company. In that you include your

0:17:46.480 --> 0:17:50.920
<v Speaker 4>username and password and access keys for the infrastructure of

0:17:50.960 --> 0:17:53.400
<v Speaker 4>your company to make that app. It's all well and good,

0:17:53.440 --> 0:17:56.159
<v Speaker 4>it works, and it accidentally gets shared in a database

0:17:56.440 --> 0:17:59.840
<v Speaker 4>like this, Someone who is malicious could then go in, well,

0:18:00.040 --> 0:18:02.040
<v Speaker 4>thank you very much for those access keys. I'm now

0:18:02.080 --> 0:18:05.560
<v Speaker 4>going to break into XYZ company. And although we haven't

0:18:05.560 --> 0:18:08.800
<v Speaker 4>seen that happen specifically with this data set, that sort

0:18:08.800 --> 0:18:14.040
<v Speaker 4>of stuff happens constantly where you know, an engineer company,

0:18:14.080 --> 0:18:17.919
<v Speaker 4>even a very junior one, will put those keys in

0:18:18.040 --> 0:18:22.680
<v Speaker 4>code which is accidentally exposed online. It's accidentally publicly available,

0:18:22.840 --> 0:18:24.840
<v Speaker 4>and that's how we end up with data breaches.

0:18:24.920 --> 0:18:27.439
<v Speaker 1>Now, yeah, I mean as AI is being marketed as

0:18:27.480 --> 0:18:30.720
<v Speaker 1>a tool for work, obviously, the leverage like an individual

0:18:30.800 --> 0:18:35.360
<v Speaker 1>consumer has versus Open Ai or Google is really limited, right,

0:18:35.400 --> 0:18:38.600
<v Speaker 1>Like you know, I can complain and holler and post

0:18:38.600 --> 0:18:41.480
<v Speaker 1>on Reddit, and journalists like you can pick it up.

0:18:41.920 --> 0:18:45.640
<v Speaker 1>But when you know, PEPSI or Ernst and Young has

0:18:45.720 --> 0:18:50.240
<v Speaker 1>concerns about how its employees chats are being handled by

0:18:50.280 --> 0:18:53.880
<v Speaker 1>third party companies that perhaps you know, can can drive

0:18:54.000 --> 0:18:56.680
<v Speaker 1>change more rapidly, given these are like big corporate spenders.

0:18:56.680 --> 0:18:59.320
<v Speaker 1>So I'm curious do you know anything about what the

0:18:59.320 --> 0:19:03.159
<v Speaker 1>conversation alike but kind of B to B conversations around

0:19:03.600 --> 0:19:07.360
<v Speaker 1>operational security for NLMs, Well, I.

0:19:07.280 --> 0:19:09.280
<v Speaker 4>Mean I would also draw a parallel even just with

0:19:09.440 --> 0:19:13.400
<v Speaker 4>the intellectual property one, where a lot of these companies

0:19:13.400 --> 0:19:17.040
<v Speaker 4>weren't really paying attention until somebody was taking Mickey Mouse

0:19:17.520 --> 0:19:20.960
<v Speaker 4>doing some very strange things with AI with it for example.

0:19:20.960 --> 0:19:22.560
<v Speaker 4>And now of course we have the lawsuit you know

0:19:22.600 --> 0:19:25.239
<v Speaker 4>between Disney and mid Journey, for example, which is an

0:19:25.280 --> 0:19:30.280
<v Speaker 4>AI image generator engine. When it comes to security, I

0:19:30.320 --> 0:19:33.879
<v Speaker 4>don't know about the specific conversations, but it's absolutely something

0:19:33.920 --> 0:19:37.639
<v Speaker 4>that people need to be educated at inside their companies.

0:19:38.000 --> 0:19:41.320
<v Speaker 4>Funny enough about Disney, there was a breach of Disney

0:19:41.640 --> 0:19:43.720
<v Speaker 4>I think a year ago at this point, and that

0:19:43.880 --> 0:19:47.399
<v Speaker 4>started because one of their employees downloaded the piece of

0:19:47.440 --> 0:19:50.560
<v Speaker 4>software that they believed was some sort of AI agent

0:19:50.720 --> 0:19:54.280
<v Speaker 4>or some sort of AI generation tool. Hidden inside that

0:19:54.920 --> 0:19:59.160
<v Speaker 4>was malware which then stole passwords, and which then logged

0:19:59.200 --> 0:20:03.840
<v Speaker 4>into Disney's slack and stole a mountain of data. And

0:20:03.880 --> 0:20:06.320
<v Speaker 4>it turns out the hacker behind this had been deliberately

0:20:06.640 --> 0:20:10.320
<v Speaker 4>putting malware into their own custom AI tools to try

0:20:10.359 --> 0:20:13.520
<v Speaker 4>to get unsuspecting people to download it. So this is

0:20:13.560 --> 0:20:17.280
<v Speaker 4>a real threare to anybody working I think in any

0:20:17.320 --> 0:20:22.040
<v Speaker 4>sort of company. Hackers do not care really who you are.

0:20:22.080 --> 0:20:24.520
<v Speaker 4>They only care what you may or may not have

0:20:25.000 --> 0:20:29.159
<v Speaker 4>access to, and AI is just another consideration of that,

0:20:29.240 --> 0:20:33.200
<v Speaker 4>whether that's the data that an employee is inversely putting

0:20:33.240 --> 0:20:38.160
<v Speaker 4>into chat, GPT or a sketchy tool that someone may download.

0:20:38.240 --> 0:20:39.720
<v Speaker 4>You know, like, this is something that we have to

0:20:39.760 --> 0:20:40.320
<v Speaker 4>live with now.

0:20:40.520 --> 0:20:43.560
<v Speaker 2>Joseph, thank you, Thank you, Joseph, thank you so much.

0:20:58.680 --> 0:20:59.359
<v Speaker 3>For Tech Stuff.

0:20:59.400 --> 0:21:02.520
<v Speaker 1>I'm care and I'm os Valoshin. This episode was produced

0:21:02.560 --> 0:21:05.600
<v Speaker 1>by Eliza Dennis and Tyler Hill. It was executive produced

0:21:05.600 --> 0:21:08.919
<v Speaker 1>by me Karroen Price and Kate Osborne for Kaleidoscope and

0:21:09.000 --> 0:21:13.120
<v Speaker 1>Katrin norvelfa I Heart Podcasts. Jack Insley mixed this episode

0:21:13.160 --> 0:21:14.840
<v Speaker 1>and Kyle Murdoch rodel theme song.

0:21:15.040 --> 0:21:17.240
<v Speaker 3>Join us on Friday for the weekend tech Ars and

0:21:17.280 --> 0:21:19.800
<v Speaker 3>I will run through the tech headlines you may have missed.

0:21:19.680 --> 0:21:22.159
<v Speaker 1>And please do rate and review the show wherever you

0:21:22.200 --> 0:21:24.560
<v Speaker 1>listen to your podcasts, and also send us a note

0:21:24.600 --> 0:21:27.520
<v Speaker 1>at tech Stuff podcast at gmail dot com with any

0:21:27.520 --> 0:21:28.600
<v Speaker 1>comments or suggestions