{"id":22109,"date":"2023-05-26T05:57:02","date_gmt":"2023-05-26T13:57:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2023\/05\/26\/news-15839\/"},"modified":"2023-05-26T05:57:02","modified_gmt":"2023-05-26T13:57:02","slug":"news-15839","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/05\/26\/news-15839\/","title":{"rendered":"OpenAI\u2019s ChatGPT app for iPad, iPhone hits 500K downloads"},"content":{"rendered":"

<\/p>\n

OpenAI shipped its ChatGPT app for iPads and iPhones just a week ago, but it has already become one of the most popular applications in the last two years, with over half a million<\/a> downloads in the first six days. That\u2019s a real achievement, but also a challenge \u2014 that\u2019s half a million potential data vulnerabilities.<\/p>\n

Not to rest on its laurels, this year\u2019s favorite smart assistant (so far) is now also available in 41 additional nations<\/a>. There\u2019s little doubt that this has been one of the most successful software\/service introductions of all time, but that doesn\u2019t change the inherent risk of these technologies.<\/p>\n

The popularity of the app should wave a red flag for IT leaders<\/a>, who must redouble efforts to warn staff not to input valuable personal or corporate data into the service. The danger in doing so is that data gathered by OpenAI has already been attacked once, and it\u2019s only a matter of time until someone gets at that information.<\/p>\n

After all, digital security today isn\u2019t about if<\/em> an incident happens, but when.<\/p>\n

To coin a phrase from Apple\u2019s playbook, the best way to protect data online is not to put the information there in the first place. That\u2019s why iPhones and other products from Cupertino (via China, India, and Vietnam) work on the principle of data minimization<\/a>, reducing the quantity of information collected and taking pains to reduce the need to send it to servers for processing.<\/p>\n

That\u2019s a great approach, not just because it reduces the quantity of information that can slip out but because it also reduces the opportunity for humans to make mistakes in the first place.<\/p>\n

We don\u2019t have that protection with ChatGPT apps. Beyond a wholesale ban on using the service and application on managed devices, IT admins are almost completely reliant on trust when it comes to ensuring their staff don\u2019t share confidential data with the bot.<\/p>\n

Still, humans are humans, so it’s inevitable that \u2014 no matter how stern the exhortations against such use \u2014 we can be certain some people will accidentally share confidential data through the app. They may not even realize they are doing it, simply seeing it as the equivalent of searching the web.<\/p>\n

It\u2019s a similar threat to that of shadow IT, with humans accidentally sharing confidential information in exchange for what seems to be convenience.<\/p>\n

IT must consider the App Privacy label<\/a> OpenAI has attached to its product at the App Store. That label makes it clear that when using the app, the following data is linked to the user:<\/p>\n

Available online, OpenAI\u2019s own Privacy Policy<\/a> should also be explored, although\u00a0the company has not disclosed the training data it uses for its latest bots.<\/p>\n

The challenge here is that IT must consider the limitations of the latter alongside the inevitability of human nature. Regulators are already concerned about the privacy implications. In Canada, privacy regulators are investigating the company\u2019s privacy practices<\/a>, with\u00a0similar activity taking place in Europe<\/a>. (OpenAI seems pretty concerned about these investigations and has warned that it may or may not shut shop in Europe if the law is too rigorous.)<\/p>\n

The deluge of activity around generative AI in general, and ChatGPT in particular ,should not mask the sweeping \u00a0repercussions of these technologies, which offer vast productivity benefits, but threaten job security at a mass scale.<\/p>\n

In the short term at least, IT admins should do their utmost to ensure these consumer-simple products don\u2019t threaten confidential business data. And for that to happen, users must be warned not to share data with these services until ratified under company security and privacy policy.<\/p>\n

Please follow me on\u00a0Mastodon<\/a>, or join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0<\/em>Apple<\/em>\u00a0Discussions<\/em><\/a>\u00a0groups on MeWe.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

\n
\n

OpenAI shipped its ChatGPT app for iPads and iPhones just a week ago, but it has already become one of the most popular applications in the last two years, with over half a million<\/a> downloads in the first six days. That\u2019s a real achievement, but also a challenge \u2014 that\u2019s half a million potential data vulnerabilities.<\/p>\n

Not to rest on its laurels, this year\u2019s favorite smart assistant (so far) is now also available in 41 additional nations<\/a>. There\u2019s little doubt that this has been one of the most successful software\/service introductions of all time, but that doesn\u2019t change the inherent risk of these technologies.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[11113,10480,10554,714,24580],"class_list":["post-22109","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-artificial-intelligence","tag-ios","tag-mobile","tag-security","tag-small-and-medium-business"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/22109","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=22109"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/22109\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=22109"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=22109"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=22109"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}