GPT apps fail to disclose data collection, study finds • The Register | Laptop News

Many of the GPT apps in OpenAI’s GPT Store collect data and facilitate online tracking in violation of OpenAI policies, researchers claim.

Boffins from Washington University in St. Louis, Missouri, recently analyzed almost 120,000 GPTs and more than 2,500 Actions – embedded services – over a four-month period and found expansive data collection that’s contrary to OpenAI’s rules and often inadequately documented in privacy policies.

The researchers – Evin Jaff, Yuhao Wu, Ning Zhang, and Umar Iqbal – describe their findings in a paper titled “Data Exposure from LLM Apps: An In-depth Investigation of OpenAI’s GPTs.”

“Our measurements indicate that the disclosures for most of the collected data types are omitted in privacy policies, with only 5.8 percent of Actions clearly disclosing their data collection practices,” the authors claim.

The data gathered includes sensitive information such as passwords. And the GPTs doing so often include Actions for ad tracking and analytics – a common source of privacy problems in the mobile app and web ecosystems.

“Our study identifies several privacy and security issues within the OpenAI GPT ecosystem, and similar issues have been noted by others as well,” Yuhao Wu, a third-year PhD candidate in computer science at Washington University, told The Register.

“While some of these problems have been addressed…

read more www.theregister.com

FTC: We use income earning affiliate links. More on Sposored links.
Terms of use and third-party services. More here.

Advertisement Amazon

Related Posts