Overview
- Harsh Varshney, a Google Chrome AI security engineer, says to treat public chatbots like open postcards and never share credit cards, social security numbers, home addresses or medical details.
- An analysis cited from Stanford’s Institute for Human-Centered AI finds major chatbot providers default to using user data for model improvement, with some policies allowing indefinite retention.
- Long-term memory features can resurface past disclosures, as Varshney observed when Gemini recalled his address from an earlier email-editing prompt.
- Recommended safeguards include regularly deleting chat histories, using temporary or incognito chats, checking privacy settings to disable training where possible, and choosing enterprise tiers for work content.
- Growing user attachment, especially among youth, increases disclosure risks, with experts warning of identity theft, targeted phishing and accidental leakage of corporate code or plans.