Menu
EN

Genesis meets its end, OpenAI on the ropes, Google copies Apple, and more leaky apps. AdGuard’s digest

In this edition of AdGuard’s digest: ChatGPT looks at a first defamation lawsuit and more regulatory woes, dark web marketplace selling stolen credentials implodes, alcohol recovery platforms leak data to advertisers, as Google gives users more control over in-app data.

Italy sets conditions for ChatGPT’s return, and they are all about privacy

Italy has given OpenAI, a US-based startup behind ChatGPT, a list of demands it must meet if it wants its massively popular chatbot to be unbanned in the country. ChatGPT has been inaccessible in Italy since March 31, after the local regulator accused it of violating the EU’s GDPR data protection law.

Now, the Italian regulator has come up with a list of things that OpenAI needs to do to bring ChatGPT into compliance. The demands include that OpenAI clarify a legal basis for processing users’ data to train its AI algorithms; give users and non-users a way to correct any false information the chatbot has spread about them, or, if that’s “technically unfeasible,” have that data deleted. In addition, both users and non-users should have the right to opt out of having their data processed. Finally, the Italian regulator demanded that OpenAI implement an age verification system that would prevent users under the age of 13 from accessing the chatbot. It’s not just Italy that’s taking OpenAI to task — a European privacy watchdog has set up a special ChatGPT task force to help EU member states align their positions on the issue.

It will be interesting to see how/if OpenAI clears the GDPR hurdle, as AI-powered tools, including ChatGPT, are not inherently privacy-friendly by design. The AI models on which ChatGPT and other AI tools, such as DALLE-E, are built were trained on large amounts of data scraped from across the web without user consent. While it’s possible to opt your data out of ChatGPT’s training set and delete your account, having AI to “unlearn” something is a difficult process. Besides, there’s no surefire way to know that your data has actually been removed for good. Either way, if Italy and OpenAI can figure out their issues, it could serve as an example for other countries where GDPR applies.

Hey AI bot, see you in court! Whistleblower mayor claims ChatGPT defamed him

For now, however, ChatGPT is on the ropes, facing more legal challenges every day. It’s no secret that large language models can “hallucinate”, i.e. spread misinformation or even “invent” facts. That’s apparently what happened in the case of an Australian mayor who may file the first ever defamation lawsuit against OpenAI. The official says that ChatGPT falsely claimed that he had served time for bribery, thus damaging his reputation. In fact, the mayor was the one who blew the whistle on the bribery scheme and was never charged with a crime. The mayor’s legal team gave OpenAI 28 days to correct the mistake or face legal action. The mayor could potentially seek more than $200,000 in damages if he follows through on his threat to sue OpenAI.

OpenAI has generally absolved itself of responsibility for the chatbot’s output by warning that it “sometimes writes plausible-sounding but incorrect or nonsensical answers.” It’s hard to say whether the mayor will follow through on his threat to sue OpenAI, but if he does, we’d certainly be grabbing our popcorn and watching, because it could set a precedent for the future.

Whatever the outcome, one thing is certain: as generative AI becomes more skilled at crafting believable answers and more people use it in the workplace, the question of who should be held accountable for its errors and how to stop the spread of falsehoods is a legitimate one.

Alcohol recovery startups spill user data to advertisers

There’s hardly anyone you trust more than your doctor, and there’s hardly a more vulnerable time than when you’re battling an addiction. But 100,000 patients who have their personal data leaked by online alcohol recovery startups, Monument and Tempest, may now think twice when entrusting their data to online healthcare platforms.

In a disclosure first reported by TechCrunch, Monument, who acquired Tempest in 2022, revealed that it may have exposed a vast trove of patients’ personal and health data to advertisers, including Facebook, Google, Microsoft, and Pinterest. The data was funneled to the ad giants through tracking pixels that were embedded with Monument’s site since 2020 and with Tempest’s site since 2017. The company has said that it fully removed third-party trackers only in February this year. Tracking pixels are snippets of code that website owners can place on their websites to track user actions; they also help advertisers to measure performance of their ads and target them. The information that could have been shared include: patients’ names, dates of birth, email addresses, phone numbers, home addresses, insurance number ID, as well as such sensitive information as photos, appointment-related information, selected services, and survey responses.

Needless to say, the patients did not consent to their private data and treatment regimens being shared with ad tech. This incident is unfortunately far from isolated, and follows the case of two mental health platforms who admitted to doing much the same thing last month. These data practices are bad, regrettable, and all too common. If you absolutely must entrust your data to online healthcare providers, make sure you choose reputable ones. However, even that may not be a guarantee.

‘Cookie monsters’ bust dark web site that peddled stolen credentials

Genesis marketplace, which used to be a go-to-place for stolen credentials and digital fingerprints (for more on what a digital fingerprint is read our article) has gone out of business thanks to a joint effort by the FBI and its peers from law enforcement agencies around the world.

The notorious invitation-only dark web marketplace has been taken down in an “Operation Cookie Monster”. The operation led to the arrest of 120 people, including suspected users of the site, and resulted in 200 searches worldwide. Officials made a point of targeting users, not just administrators of the site: “Genesis falsely promised a new age of anonymity and impunity, but in the end only provided a new way to identify, locate, and arrest online criminals.” Since its genesis (pun intended) in 2018 and before its ignominious end, the marketplace offered access to approximately 80 million stolen account access credentials, such as usernames and passwords. Device fingerprints also offered on the site allowed criminals to bypass anti-fraud protections.

The seizure of Genesis is welcome news, but it’s unlikely that we’ve seen its last iteration. And its demise is by no means the end of online identity theft. The problem is that many people give up their sensitive information voluntarily, either by sharing it on social media or by handing it over to unscrupulous third parties. Oversharing is contagious, and it is in our best interest to go against this trend.

Google makes it easier to delete your app account and data

Google wants app developers on its Play Store to make it easy for users to delete their accounts and associated data. Users should be able to do this both within the app and on the web. Google says that by implementing this policy, it’s giving users more control over their in-app data.

With the rule in place, users won’t have to download the app again just to ask for their account to be deleted. They will be able to do that via a web link. When the user requests their account deletion, developers will also have to delete all the data related to that account, unless they have “legitimate reasons” to keep it. They will also have to explain what these “legitimate reasons”, such as preventing fraud, are. Developers have until December 7th this year to provide more information about their data deletion practices, and users may see the changes next year. The rule that Google is introducing is similar to the one that the App Store implemented in 2021. Apple demanded that the apps that enabled account creation also allowed users to delete their accounts, but only from within the app

It’s always a positive thing when big tech companies like Google give users some power over their personal data back, and our only regret is that it didn’t happen sooner. However, it’s also worth noting that unless there’s a way to verify that the data has actually been deleted, unscrupulous app vendors could still be able to keep it.

Liked this post?

AdGuard for Windows

AdGuard for Windows is more than an ad blocker. It is a multipurpose tool that blocks ads, controls access to dangerous sites, speeds up page loading, and protects children from inappropriate content.
User Reviews: 13079
4.7 out of 5
By downloading the program you accept the terms of the License agreement
Read more

AdGuard for Mac

AdGuard for Mac is a unique ad blocker designed with macOS in mind. In addition to protecting you from annoying ads in browsers and apps, it shields you from tracking, phishing, and fraud.
User Reviews: 13079
4.7 out of 5
By downloading the program you accept the terms of the License agreement
Read more

AdGuard for Android

AdGuard for Android is a perfect solution for Android devices. Unlike most other ad blockers, AdGuard doesn't require root access and provides a wide range of app management options.
User Reviews: 13079
4.7 out of 5
By downloading the program you accept the terms of the License agreement

AdGuard for iOS

The most advanced ad blocker for Safari: it makes you forget about pop-up ads, speeds up page loading, and protects your personal data. A manual element-blocking tool and highly customizable settings help you tailor the filtering to your exact needs.
User Reviews: 13079
4.7 out of 5
By downloading the program you accept the terms of the License agreement

AdGuard Browser Extension

AdGuard is the fastest and most lightweight ad blocking extension that effectively blocks all types of ads on all web pages! Choose AdGuard for the browser you use and get ad-free, fast and safe browsing.
User Reviews: 13079
4.7 out of 5

AdGuard for Safari

Ad blocking extensions for Safari are having hard time since Apple started to force everyone to use the new SDK. AdGuard extension is supposed to bring back the high quality ad blocking back to Safari.
User Reviews: 13079
4.7 out of 5
App Store
Download
By downloading the program you accept the terms of the License agreement

AdGuard Home

AdGuard Home is a network-wide software for blocking ads & tracking. After you set it up, it’ll cover ALL your home devices, and you don’t need any client-side software for that. With the rise of Internet-Of-Things and connected devices, it becomes more and more important to be able to control your whole network.
User Reviews: 13079
4.7 out of 5

AdGuard Content Blocker

AdGuard Content Blocker will eliminate all kinds of ads in mobile browsers that support content blocker technology — namely, Samsung Internet and Yandex.Browser. While being more limited than AdGuard for Android, it is free, easy to install and still provides high ad blocking quality.
User Reviews: 13079
4.7 out of 5
By downloading the program you accept the terms of the License agreement
Read more

AdGuard Assistant

A companion browser extension for AdGuard desktop apps. It offers an in-browser access to such features as custom element blocking, allowlisting a website or sending a report.
User Reviews: 13079
4.7 out of 5
Assistant for Chrome Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Firefox Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Edge Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Opera Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Yandex Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Safari Is it your current browser?
If you can't find your browser, try the old legacy Assistant version, which you can find in AdGuard extension settings.

AdGuard Temp Mail β

A free temporary email address generator that keeps you anonymous and protects your privacy. No spam in your main inbox!
User Reviews: 13079
4.7 out of 5

AdGuard for Android TV

AdGuard for Android TV is the only app that blocks ads, guards your privacy, and acts as a firewall for your Smart TV. Get warnings about web threats, use secure DNS, and benefit from encrypted traffic. Relax and dive into your favorite shows with top-notch security and zero ads!
User Reviews: 13079
4.7 out of 5
Downloading AdGuard To install AdGuard, click the file indicated by the arrow Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, drag the AdGuard icon to the "Applications" folder. Thank you for choosing AdGuard! Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, click "Install". Thank you for choosing AdGuard!
Install AdGuard on your mobile device