A Most Ingenious Paradox

One mis-click, and you can lose legal privilege when using ChatGPT. It’s just not a risk you want to take. “Turn off training and use Business or Enterprise accounts” - that should have been enough to ensure that your data is not used for training by OpenAI, Anthropic and Google. Sadly, the business motivation of creating better models through data capture means that there is a loophole. If you hit the thumbs up or thumbs down button (and any other feedback action), your data is opted back in for training, irrespective of the opt-out settings. Reference

‍It's a most ingenious paradox - you opt out but your data is still used for training.

Here's what ChatGPT has to say -

If you’ve opted out of ChatGPT training/feedback use (i.e., turned off “Improve the model for everyone” or a similar setting), pressing the 👍 (thumbs up) button still counts as active feedback you are choosing to provide to OpenAI — and it can override your opt-out for that specific conversation.

Of course, the risks are well discussed. But for me, the issue here came because of working with a law firm and reviewing the details for their use. If they accidentally misclick, they lose legal privilege on the details of that conversation.

If I can't see it, it's not there

I've released Thumbs Away - a Chrome browser extension that removes the feedback controls. It removes the loophole - if you can't press the button, you can't opt back in.

Thumbs Away is Free and Open Source Software - FOSS. You can review all the code on my GitHub - https://github.com/mikethemerry/thumbs-away If you want to install it yourself locally, you can do that as well.

It's very simple - it just injects some custom CSS into your browser to hide those buttons. It's not bullet proof, and certainly not an enterprise-ready solution, but it prevents potential misclicks. And you can turn it off and on for Claude, ChatGPT, and Gemini.

A Question of Incentives

When choosing vendors, AI is not really any different to other software - it's still a question of incentives and trust. Your data being leaked through being used in a training data set is no different to another data breach, but the trust vectors are different.

The major LLM providers have a business model to create better models. Better models require more data. So they are highly incentivised to find ways to capture your data.

On the flip side, companies like AWS are incentivised to maintain their secure-hosting position. Products like Bedrock are incentivised to keep your data safe.

So, when looking at what software to use, it's the same questions of risk management and controls - can this company secure my data appropriately? Or does their business model undermine that possibility?

In Short

Thumbs Away doesn't mean you should use ChatGPT with sensitive data. But the loophole made me grumpy enough that I wanted to prevent my own slip ups for where I am happy using it.

I'm still going to be playing with local LLMs - as Mitko Vasilev says, "AI in the cloud is not aligned with you." Unholy alliances can still be formed where everyone wins, but it can pay to be cautious.