> The key issue here is that people are worried that their private files on Dropbox are being passed to OpenAI to use as training data for their models
This is only part of it. I don’t want my data being sent anywhere unless I authorize it, regardless of what it’s being used for.
In this case, we not only have to worry about OpenAI training on our files (I have no reason to doubt that they are truthful when they say they won’t), but we also have to trust that they can securely handle our files.
That's true. It's very reasonable to worry that OpenAI's "we only hold on to your data for 30 days for auditing purposes" policy means there's 30 days in which they might have a breach that leaks your data.
Especially since they've had a few documented security problems in the past.
The same argument could apply to processing data in the cloud, and somehow nobody complains anout the fact
that Dropbox stores their data on AWS/Google cloud or wherever
I complain about my data being stored in the cloud all the time. I won't use services like Dropbox in large part because of the cloud, but I can't do a thing about other entities I do business with storing the data they glean about me in the cloud.
That is not entirely accurate. Thanks to the GDPR subprocessors need to be disclosed and changes to them too. As a result plenty of companies are now much more selective about how many they are willing to entertain.
you may win the court case... 3 years from now. your secrets have been on the dark web for that whole time, and have filtered to the regular web by then. even if you know who did it, and can get them extradited they may not have cash to pay for the damages, and seeing them in jail, though nice, won't make your data private again.
There is also the distinct possibility that the wording is literally true in sense they don't train their model on your data ("train" can be interpreted as having a very specific meaning...), but they nevertheless also undertake some sort of monitoring of the outputs a model produces (which could obviously entail privacy leaks, especially if it's using RAG on your personal files).
Seems quite sensible for people not to trust that they fully understand the small print, since (i) they probably don't and (ii) the one thing most AI companies have made clear is that they think they should be able to use whatever material they like however they like, regardless of whether the creator of that material gives them their blessing or not.
Even if you have a deep technical understanding of how this stuff works and how these tools are built, you can still have very legitimate questions and doubts about how your data is being used beyond pure model training.
I think local models will be more and more relevant. First of all, the locally available computing power for inference is going up. In addition, inference is much cheaper than training. Finally, there are diminishing returns with more and more parameters.
Yes and if we start chatting to a local AI model instead of searching on Google, that means we get an overall increase in privacy. So the new local AI era could actually be much more private than the previous Web era - an era in which we could have much more freedom.
This isn't really AI specific. The AI angle I suppose is that there is a new way for companies to exploit data they get from you, but like the article says with Facebook, people already believe their info is being exploited. Laws won't change it (not that they shouldn't exist) there's always too much fine print that can be gamed and they'd never be enforced to the benefit of the consumer anyway. Like privacy, it's awareness and not giving companies the chance, which will take a long time but hopefully will be the default instead of just not caring. For AI, local or own-cloud models are a good start, it's actually hard to belive a company like dropbox would go with OpenAI and not see how bad it looks.
Just read this. I have had enough weird incidents where you for example chat with somebody about a topic and a day later I suddenly received ads Youtube recommendations about this topic. There is a lot of reason to not believe big companies. I don't see why Facebook should be more ethical than tobacco or oil companies that have been lying and obfuscating for decades.
The only solution I see is to make it illegal to use personal data. Especially make data brokers illegal. When you give a company access to your data, you often agree that they will pass the data to third parties who then pass it on and suddenly everybody has your data because you have permission to use your data.
If that is the case, why aren't developers who are implementing such pipelines coming forward. This was the case for 9/11 being an inside job because many workers are needed for such an inside job. A whistleblower like Tristan Harris could come forward and accept that facebook is doing such stuff.
But the whole „facebook listening to you” os absurd - on iOS you would see a system notification that the microphone is active, I assume on android as well. Also, it would take crazy amounts of bandwidth/battery/processing power to pull off.
It would also be trivially discoverable - a ton of people are listening to what apps are sending out, and even if encrypted, it would be noticeable by the outgoing traffic volume being high.
It is virtually impossible to pull off even today, as anyone who ever developed anything on mobile can tell you
Likely a cognitive bias there, we pay selective attention to the topics we've been discussing previously, and likely remember when an ad comes up that's related. So yes, they're not listening to our microphones. It's just our selective attention and memory, instead.
The scarier reality to me is less that I'm being actively spied on and more that we're all very algorithmically predictable. Why bother actively spying when it turns out that the websites they visit in a day does a good enough of a job predicting what kind of person they are.
And even if it were trivially easy to pull off surreptitious microphone monitoring, Facebook's incentives to do so aren't obvious. You can't charge advertisers more for an ad-targeting feature which officially doesn't exist (and if optimising targeting above and beyond expectations was that important, they could probably start by fixing some of the terrible choices made by self service buyers that wouldn't incur the same risk)
It's not absurd. Siri is listening for "hey siri" all the time. Folks don't really grok how that's different than Facebook spying as described. I'm frankly not sure that it's impossible, just that there's enough churn of Facebook employees that it would eventually leak if it was being done.
It's plausible to a naive observer, but it's absurd from a technical level. As you're probably aware, there's an entirely separate low-power coprocessor tasked with understanding just the words "hey Siri", because keeping the main processor awake for that task would absolutely destroy the battery life.
It's not absurd from a technical level. The coprocessor can absolutely have a larger vocabulary and adding an entry to local storage for hearing "tennis watch" would be valuable for ad-marketing.
It's not impossible to do, but impossible to hide, and not feasible to do anyway. The technical complexity is massively higher than just using your browser history, which means there would have to be a huge team that does it, and therefore no secrecy. Also for the same reason it would be massively more expensive than existing data collection, but the ads would sell for the same price,.so it's not economically viable.
I think some people need to figure out how those high speed video cameras work. It would affect their view of what is possible and not possible with electronics.
The ELI5 version is that it can watch everything and then keep the bits that happen just before the person hits the button.
That’s how they can catch things that explode or do something and you aren’t sure when it will happen. Like popcorn popping.
> chat with somebody about a topic and a day later I suddenly received ads Youtube recommendations about this topic
What's funny about it is that counterclaims will often be that this information doesn't necessarily need to be coming from reading your chat messages. It could be that they just know you happened to be chatting to that person -- despite "metadata" supposedly not being personally identifiable information -- and then one or more parties started to look up on google the topic they were discussing. As if that's supposed to be less invasive.
People often get mixed up about what causes what in these situations:
We might chat about all sorts of random things, but many times there's something that happened before, let's call it event X, that leads us to talk about a certain topic, say topic Y (like when you mention a cool shirt a friend just bought).
Then, if they see an ad about that later, folks jump to the conclusion that "Facebook was listening" to their chat. But what's more likely is that this topic was already trending among people like you, and that's why it popped up in your ads.
So, it's not that talking about it made it appear in your ads. It's more about a common event that sparked your conversation about it and also made it show up in your ads.
I'm not so worried about the corporation's ROI calculations at the top as much as paperclip maximizing middle management with warped incentives and little in the way of corporate controls or morals. We're one badly designed KPI and generic internal data collection API away from such spying falling through the cracks. Once it's there, the incentives are heavily against looking too hard at where the data came from until a public scandal draws an executive's attention.
It's played out over and over again, especially with Facebook. They don't deserve the benefit of the doubt, even when "logically" the ROI for the company doesn't make sense. Facebook specifically can't be trusted at the executive level either; that culture trickles down.
Sorry, I’ve worked for and known about too many companies that “spent money to make money” and went bankrupt.
You can’t use net profit as a yardstick of rationality in the corporate world, but especially Corporate America. People will seek revenue that results in negative returns on investment. There’s nothing rational about it, which is the problem.
They can increase revenue by making ethically terrible decisions. Full stop.
It doesn’t have to be something the “deserve” really. Facebook, data brokers, and other creeps have already infected the whole internet. They spy on the content you aren’t even willing to talk about with anybody. They don’t need to secretly access your microphone because they’ve openly violated your privacy more throughly than that.
Not sure anyone's asking for "benefit of the doubt". As defenses against privacy intrusion go, "Of course Facebook isn't listening to all your conversations and using that to serve ads to you. Why, that would be too expensive to contemplate. All they're doing is tracking everything you and your friends do on the web, tracking your location, noticing you're physically close to each other, inferring that you're probably having a conversation together, and using your friend's web activity to serve you targeted ads, as just one of a suite of methods for targeting ads based on your context. Also as soon as it's not too expensive to contemplate we're probably going to actually do it. We're not failing to do it for any ethical reason. It's just too expensive right now." is pretty weak sauce.
"We're not actually transcribing every word you hear and say, we're just using capabilities that the Stasi could only dream of at rates of speed they couldn't even conceive of, and it's just that these coincidences happen so often that it looks like we're transcribing your speech. Come on, be less paranoid."
Your example right here is exactly why I care so much about this.
If people think "they listen to me through the microphone" it distracts them from understanding what's actually happening - the whole sequence of things you listed there.
Which means they can't take measures to protect themselves, or campaign for better practices - because they're working off the wrong mental model of how this stuff works.
No company has ever deserved the benefit of doubt. There are plenty of examples in history where companies prioritized profits over harm to people. And they knew exactly what's going on.
Every time i've received a hyper targeted ad, it's because the person I was just on the phone with was googling the thing we were talking about.
I told my mom i wanted a vacuum cleaner for christmas - guess what, facebook advertises to all your friends what you're shopping for. "lookalike audience" - to your point.
"So, it's not that talking about it made it appear in your ads. It's more about a common event that sparked your conversation about it and also made it show up in your ads."
It's not a common event. They were totally random conversations. That's why I noticed that something is going on. I am not sure if they really listening on the microphone or what else they are doing but it's super creepy and should not happen.
No matter what exactly the mechanism is they use to end up with these hyper-specific results the end results is that by fusing data from an always expanding amount of sources companies are gaining insights into peoples lives which are nearing the almost mythical "all seeing eye" in a way that never happened before in human history. And I think we should ask really hard questions of whether society should continue to allow this or whether it should be reigned in. And we shouldn't accept vague "oh, you know, a person could do this too, so it's okay" or "companies are just persons" statements as an answer. Even for die-hard market fans there's the question if a market can work if the other side in an transaction knows everything about you.
GDPR is on the right track, but they made collecting consent too easy so now the entire Internet is covered with dark patterns trying to trick you into giving consent.
What we need is basically GDPR except that consent can only be collected in the form of a signed and notarized contract.
> I took that screenshot on my own account. It’s toggled “on”—but I never turned it on myself.
There is a consent crisis as well, though I agree it's a smaller issue related to trust. There needs to be an actionable, legal definition of consent as it applies to website privacy—my naive assumption is that there was, but clearly that's not true, or it's not good enough or actionable enough—and it needs to preclude implying users must positively grant consent to harvest, process, or transfer data to third parties, when in fact the dirty deeds have already been done in secret.
Very few of those are about consent. Which is quite striking, as practically all of the spyware nags are illegal and thus the consent is violated probably billions of times every day.
Given that I encounter at least one violation a day, it's really a small list.
It should contains hundred of thousands of entries.
Like fines for speeding.
Imagine if you had a page for parking tickets since 2018 (!) and it contained only a few hundred penalties.
This is ridiculous, especially since:
- it's not hard to find most cases. Just take any cookie banner that makes harder to opt out than opt in, and that's it, you have a violation. It can even be automated.
- it can bring a lot of money to a system that is dying for it.
Are you reporting such violation? How authorities would know about it?
Also the jurisdiction is in question. Who should enforce? Country where user is? Country where domain is registered? Country where data center with servers is? Country where nominal owner of the web page is? Country where final beneficiary is? Country where creator of the banner is?
The jurisdiction is EU (GDPR is binding legislation for all member countries, not dissimilar to US federal law), and the enforcer is primarily the country where the company that owns the website has European incorporation.
In theory anybody can report to their country's data protection officer, although at least in Finland they don't care about individual citizen complaints.
The NGO noyb is sending out batches of these reports. They have some minor wins, but as you can probably tell from all these nags around, by and large there's not much effect.
Whatever comes out of the courts will be just another anchor point to abuse civilian VS cooperate power asymmetry. What we need is the ability to revert laws back to the thrust bust new deal era laws, crush the bad influence and rebuild.
There already is. There always has been! It's called fraud.
If you trick someone into signing a contract, then that contract is fraudulent.
If you tell someone that you will ask their permission before doing something; then silently claim you already obtained that permission in a prior contract, you are committing fraud.
I don't know when our judicial system lost all of its teeth, but you sure as hell can't blame that on the citizens they are failing to defend.
Dave is a prostitute. He is hired by Sue via contract. In this contract, Dave agrees to have sex with Sue. Also in the contract is the agreement that Sue may introduce any sex toys that will not physically harm Dave.
When they get together, Dave notices a camera pointed at them. Sue tells Dave that, "I only record sex with people who consent to my use of a camera."
Later, Dave learns that Sue did in fact record the encounter. Sue's defense? The camera was a sex toy! It didn't physically harm you! This was all in the contract!
Is Sue's defense valid? Of course not! Sue has committed fraud.
---
We should hold corporations every bit as accountable as we would fictional prostitutes.
That's still fraud in most jurisdictions (although it's no longer provable unless there's a paper trail that says it's intentionally designed to deceive). However, even if fraud can't be proven, it may no longer be a valid contract. A contract is the mutual understanding of an agreement, not the words printed on a piece of paper. The paper can be used as evidence of mutual understanding, but it's not incontrovertible evidence of that. Many kinds of evidence can go the other way, such as unconscionability (terms that there's no way anyone would willingly agree to, thus suggesting coercion or subterfuge).
Or, framed another way: consent, in both a moral sense and a legal one, requires awareness from both parties of what you are consenting to. Each party is, to some extent, responsible for using the resources at their disposal to ensure they understand the contract (e.g. a blind person must find someone to read them the contract), but intentionally undermining the process of mutual understanding is at best very good evidence against enforcement of the contract and at worst fraud.
Its my understanding that contracts are only enforceable when there is a meeting of the minds. At lease on common law, and I think some of these people that run these companies should be dragged before a common law court to answer for these things.
> I don't know when our judicial system lost all of its teeth
Easy. It's when we started treating the virtual reality of the internet as though it is actual reality.
Digital contracts shouldn't be binding, any more than mowing down pedestrians in Grand Theft Auto constitutes murder. These video-game contracts are mutable and ephemeral; how the hell do you prove what version of the contract/TOS you agreed to, when companies can change it arbitrarily-- and without any revision history? Tech makes it easy to gaslight the fuck out of anybody.
There'd be an actual cost to them were they do play this game with paper contracts.
Are you saying that because something is digital and exists as data on a computer, that it is not valid? As opposed to something on paper? How is that different in any real way? Paper is transitory -- anyone can forge a signature or reprint a contract and photocopy your name on it and shred the original and put the modified one in the file cabinet. Just because the materials used are different doesn't make the law any less applicable.
This is an actual issue in consumer banking. If a bank forges a paper document, it's possible to hold up the original countercopy (assuming you filed it) and say "No, your document is fake, and you are attempting fraud."
These agreements often have millions of copies, so it's easy to find the applicable version of the T&Cs.
If all you have are digital T&Cs at the end of a web link, and those T&Cs can be updated at any time, and you are only ever sent the link, and not the updated T&Cs - you have nothing.
You could argue that everyone should download every T&C update. In theory that's true. But in practice a problem that could be solved relatively simply - keep a single letter - now requires many more steps, backup strategies, and so on.
You could also argue that banks should keep copies of their T&C versions and supply them on request. Which they do - except that in practice a bank that's trying to forge a document won't have a problem forging T&Cs.
This not hypothetical. I've known people win court cases because they kept a single piece of paper.
> I don't know when our judicial system lost all of its teeth
The actions of the government have been and likely always will be done for the interests of the wealthy and powerful. Policing itself was a concept first introduced by the wealthy to protect them and their interests. I mean just look at George Washington - he was the richest US president of all time after Trump at a present valuation of around $700 million.
it blew my mind when i logged into dropbox that sharing my data with third party "vetted" AI companies was enabled by default.
i just wrote a WTF email to their support, but most likely i will be discontinuing my account. can't imagine what they can possibly say that will make this OK
I saw the writing on the wall when they started sending ads via their notification system with no way to turn it off. I'm on pCloud now, but its not looking like it's not much better, They recently started spamming my mobile app with thanks giving ads to upgrade to a different tier of their product even though I had offer notifications turned off.
I had some words with their support department, here is what they said:
>Hello,
>Thank you for contacting pCloud's Technical Support.
>This is a pCloud banner for Black Friday and it's not a notification. Unfortunately, you won't be able to remove it manually and you should wait until the end of the Black Friday promo - 30.11.2023.
>Should you require any further assistance, do not hesitate to contact us.
>Regards,
>George Lewis
>pCloud's Technical Support
Like it matters that its not a notification. You still need my consent regardless of what kind of ad it is.
This sounds like a variation on the line that "it's not an ad if we aren't getting paid to show it to you". Like with Windows notifications "informing" you of other Microsoft products. It's bullshit, and is one of the things that decreases trust.
Hi there,
Thanks for taking the time to write in to Dropbox Support. My name is Ross, and I will provide assistance with your case.
From my understanding, you are inquiring about being opted into Dropbox AI by default.
Thank you for alerting us to this problem.
Dropbox engineers are aware of the problem and are working on a solution.
Also, please note that no files were shared in this case.
Sorry for any inconvenience this is causing.
We'll update you shortly on this issue.
Don't hesitate to reach out to me again for further questions!
Best regards,
Ross
The cost/benefit of believing an infotech company about privacy concerns not backed by an explicit contract is firmly on the side of "don't bother believing them".
The problem with AI isn't (p)doom it's the 99% probability that the people at companies like Dropbox will continue to treat customers like human chattel.
They'd enslave you and charge you a subscription for oxygen if they could – and insist it was a feature.
> people at companies like Dropbox will continue to treat customers like human chattel.
The key question is: Who is the actual customer?
That drives everything else. The FAANG's customer isn't the "users", but rather its advertisers, et al. Anyone who will pay for the data their "users" generate.
This is the Faustian bargain we all made when we decided that free stuff from the internet was a good idea. Someone else pays, and they get our data in exchange for that payment. The same data is likely sold as many times as they can do so, of course.
Even if we accept that we made this bargain: I pay for Dropbox. If they want to use my data for their shit they better make it a) optional and b) make me pay less.
Also, I have a feeling this could be another case of the EU having to fine an US company, which means half of HN will cry again how the EU is always so mean to US companies. Or maybe this time HN acknowledges that the reason could be that the companies trying to use private data without permission are often US companies.
> when we decided that free stuff from the internet was a good idea
I agree it's a faustian bargain but I don't think we had much agency here. Our society now depends on these services to a high degree, which is why these companies are (and probably should) face increased scrutiny and regulation.
> There are a lot of misconceptions about maximizing shareholder value, even among economists. But talk to a legal scholar or a corporate lawyer: a CEO or board is not legally obliged to maximize shareholder value. They need to maximize the value of the corporation and act in its best interest. Only when there is a change in legal control, such as a merger or imminent hostile takeover, do they have to maximize shareholder value.
I am building an AI content generator and my edge that makes it better is sourcing data from not easily accessible data sources (think research papers) through SEO. I cannot imagine that these companies are not using every bit of confidential data for their advantage. Proprietary data access is the only thing that matters in the future of AI wars
Yes. In general, it would be great if companies threw away the outdated PR-communication playbook, and instead took a leaf from some indie devs and had the builders directly communicate with users as people. Products are built by people, companies are made up of people, but most communication is instead corporate.
In practice, I think the PR playbook is too entrenched, but we can dream.
The problem is that large companies are made of lots of people, and some of those people might have awful opinions or say things that will get your business in trouble.
The larger you are and the more people that are communicating, the bigger the chance that someone says something terrible.
Particularly if you are a large public company and there may be legal requirements around specific parts of disclosure.
Besides, companies don't want their secret new feature announced before their competitors know about it, in a way that is poorly communicated and confuses customers, and then find that the person who announced it has a profile picture which is them at a far-right protest / far-left protest / made some sexist jokes / has a bio advertising their onlyfans account etc or a million other things that could be seen as against the corporate image.
You can only truly trust someone when your incentives are aligned, and people's incentives aren't aligned with OpenAI, Facebook or Dropbox. That trust simply can't be earned.
> I don’t think so: I think this is a combination of confusing wording and the eternal vagueness of what the term “consent” means in a world where everyone agrees to the terms and conditions of everything without reading them.
Bullshit. Consent means consent.
There is no confusion here. Nothing is vague. This is explicit fraud.
I feel like every day now, I'm reading an article where the problem is obviously just fraud.
Fraud has always been illegal. When did we stop prosecuting it? Why aren't we talking about that every day?
The entire basis of the current generation of AI is in stolen materials. Stolen writing, stolen art, stolen music, all of it taken because it was "publicly available" meaning "there was nothing in existing law that said we couldn't take it for training a learning model." Now they've done the same with Dropbox contents.
AI is very cool technology. The incredible overstepping of any and all ethics with regard to getting training data, just all of the data from any source as fast as possible right now, in this mad dash to create it at all costs is not and should mandate a complete restart on behalf of the people behind it. For this one, and for so many other ethical lapses on the part of OpenAI, the models as they exist are tainted beyond any ethical use as far as I'm concerned.
If your product uses this stuff, you are not getting one red cent from me for it. Period, paragraph.
This is a silly argument. Public sharing on the internet has nothing in common with storing on a private storage service. Posting something online you are literally inviting people to look at it, and there is copyright law that governs how it can be copied. You can argue training AI models on internet data violates copyright (though it almost certainly doesn't) or that the law needs to be changed. But none of that has anything to do with training on private data. It's the same kind of "you wouldn't steal a car" false comparison.
> Public sharing on the internet has nothing in common with storing on a private storage service.
No shit.
> Posting something online you are literally inviting people to look at it,
Yes, PEOPLE. Posting things for people to see is why the Internet exists, is why USENET was created, is why web forums were created, is why social media was created, is why 9/10ths of the Internet as we know it today was brought into creation.
It was not put there so people who do not know any of those people and do not give a rats ass about what they made could take millions of images, writings, and sounds and shove them into their product without their consent for purposes it was never meant for so they could automate art. That is categorically not what any of that is for, and you, and everyone else making this tired point damn well know that.
If you have no issue at all with your creative output being used to train data models, more power to you! That's how consent works! You consent and that's completely, 100% fine. That consent should not have been presumed as it was, and even if you assume complete and total innocence on the part of the AI creators, once it became extremely fucking obvious that tons, and tons, and tons of creatives absolutely would not have consented if asked, then their data models should've been re-trained with that misused data removed. That is the ETHICAL thing to do: when someone says "hey I really don't like what you're doing with my material, please stop" you STOP, not because that's legally binding, not because you'll be sued, not because you're infringing copyrights, but because you have a fundamental respect for your fellow human being who says "I don't like this, please don't do it" and then you, you know, don't do it.
Unless of course what you actually are is an ethics-free for-profit entity that needs to get to market as soon as possible with a product to sell that you probably can't be sued over, in which case you tell those people who's work your product could not exist without to eat shit, and proceed anyway. Which is basically exactly what happened and continues to happen.
And before you even go there to the "well how could they ask for the entire dataset's contents" I DON'T CARE. I'm not the one doing this, this is not my problem to solve, just because the ethical way to do a thing is hard, time consuming, and/or expensive or otherwise difficult, you don't get to just waltz past the ethics involved, even if you're a research project! I personally wouldn't want to get permission from a few million artists to use their work in this way, I don't think most of them would be comfortable with it, and even if they were, I don't really want to do that, it sounds like a ton of work. SO I DIDN'T.
Not to mention that a lot of the time it wasn't just that they didn't ask first, but they ignored specific widely used and machine readable license abbreviations and copyright symbols attached to the content
If a corporation argues that it can ignore your AGPL because it didn't have to blow the bloody doors off to get hold of your code and its training process is "just like your browser cache" or "a person learning" and the derivative stuff is completely novel, why would you trust them not to deploy the same "but it's not exactly copying" arguments when given access to other stuff that has third-party "no copying" agreements wrapped around it, like your Dropbox?
Agreed, it feels like people's copyright wishes are being flagrantly ignored, with a sense of "well, it's too late now, just live with it".
And I do not buy the "just like a person learning" argument. At least, not fully.
I could see that, if you have a fully-functioning AI system, then handing it a new article to ingest could be "just like a person learning".
But many people graduate high school having read just a few dozen books (or less), having been around maybe a few dozen people (or less), and watched a few dozen movies (or less). A person does not need to ingest a nontrivial percentage of the entire wealth of human knowledge just to be able to be intelligent enough to read an article in the first place.
There may be people who do not care about this distinction. That's fine. But I am quite convinced that the distinction exists. And thus I do not believe that training an AI system is just like teaching a person -- and making copyright decisions on the basis that the two things are identical does not make sense.
> And thus I do not believe that training an AI system is just like teaching a person
100%. I love the way you put this and just wanted to expand on it a little bit, to remind everyone that there have been numerous, flagrant examples of various creators of various media who have their names/handles put into these models, who have work that is ludicrously similar to theirs in style produced from the model, and despite the fact that it's technically original, it is not original in any way meaningful to the topic, or defensible by anyone debating in good faith. That you need to put things like "unreal engine" "featured on artstation" and the like proves this. You're telling the machine to aim for works you know are of a higher quality in the dataset to get a better result.
Now if you're just fine with that and content to fuck over artists like that for no other reason than you can, I can't stop you. But please spare me the righteous indignation of objecting to the characterization of such behavior. It's fucking obvious, do not insult the intelligence of your opponents by insisting otherwise.
And tbh even if people are absolutely fine with that, and think that the analogies and legal arguments that they make are absolutely sound and maybe think copyright's a terrible idea anyway, I still can't see why they'd expect Big AI to suddenly drop the "don't care what you think about how we use your stuff, if it's not explicitly illegal we're going to use it" stance when it comes to stuff that's supposed to be 'private' rather than stuff that supposed to be 'property'.
Sure maybe you care more about whether OpenAI has stuff derived from the contents of your Dropbox on their servers which is technically neither "training a model" nor the actual "copy" they were required to delete after 30 days than you ever did about copyrighted stuff. But why would OpenAI?
It's well past time for the end of the Digital Millennium of Copyright.
The problem here is that these corporations are given carte blanche to make any derivative works they want. They get the exclusive freedom to ignore copyright law.
The rest of us don't.
The worst part is that they get to turn around and say their models are protected by copyright!
This is copyright laundering. There are only 2 reasonable avenues for us to react:
1. Make "AI" companies respect existing copyright law when compiling training datasets.
See also e.g. YouTube advertisements for financial schemes, supplements, health devices - and all the products that just don’t do what they say they do.
In a conversation online about this recently, someone said (paraphrasing) ‘Government should regulate this!’ - but there are already regulations about all of this! It’s fraud! Fraud is literally paying for YouTube (and to varying extents a lot of the rest of the web) and nothing is being done about it.
I fear that it’s just considered so normal now that it will take a very long time to stop. If existing regulations about fraud had been enforced when the fields were nascent, establishing norms that it was just as unacceptable ‘with tech’ as it was before, I think it would be a lot less widespread now.
Here's my advice: stop coloring our discussions with those norms.
We all expect the courts to give the benefit of the doubt. The problem is that we echo that expectation in our discussions. We are not the courts! We should be loud and direct with our criticism.
There is no doubt here. I refuse to give corporations that benefit.
I certainly don't "trust" OpenAI or any other big company about what they say they did, or will do, or are doing.
Yet I believe OpenAI isn't using data from Dropbox to train their models without users' consent.
BUT I don't think that's the problem here. The problem is data in transit; data sent to third parties who can actually read it, and who may have rogue employees that Dropbox has no control over; data that can appear in logs or subject to different policies, etc.
If I send private data to Dropbox they can't send it to anyone for any reason, including "improving" their product, without my explicit and informed consent. I'm not sure how this is even debatable.
If Dropbox wants to house models and offer RAG search themselves, to consenting users, that's one thing.
If Dropbox sends all data of all users to third parties without telling anyone before the fact, that's another thing. A terrible thing.
> If Dropbox wants to house models and offer RAG search themselves, to consenting users, that's one thing.
Well, I'm a paying Dropbox customer, and I would not pay for this feature. I would like it if they encrypted my data in a way that made offering this sort of feature impossible. I do want my data recoverable, but the fact that they can offer this AI "feature" at all, it seems like they've made zero effort to prevent malicious internal employees or third parties from accessing my data.
It’s like when forgot my password features send you back your current password instead of a new temporary one. Great, I’m back in my account, but now I dread even being here. What other stupid shit are you doing?
> If Dropbox sends all data of all users to third parties without telling anyone before the fact, that's another thing
If they've ever signed a BAA (business associate agreement) with any enterprise customers using Dropbox for documents bound by HIPAA, this would get them into a lot of trouble very quickly. The financial penalties are _high and per exposure per employee involved_. They also hit employees doing directly (if you disclose/share HIPAA info then you personally are liable).
So I'm certain that even if they did share documents with undisclosed 3rd parties without notice, it wouldn't be "all". Enterprise data is likely safe. Those contracts get heavy scrutiny before signing.
1. How do you know for sure it was trained on your code?
1.1 if you saw it reproduce you code verbatim how do you know it didn't just hallucinate it ?
2. Was you code publicly available?
3. What licence was it under?
Training against your code shouldn't be kosher if your code isn't open, you retain a copyright, and you didn't consent.
Even if training on copyrighted, private code _was_ fair use, training on PII without consent is _still_ problematic. It's a huge violation of privacy and adds all kinds of legal/regulatory/ethical risks that potential consumers of said models won't be on board with.
The language and spirit of the law certainly hasn't caught up, but I feel like in some cases (unconsenting use of PII, medical information, etc), the laws and ethics of how such data is used is pretty well established.
AI systems are trained against private, PII, copyrighted data all the time without explicit consent. For example, consider the spellcheck in Google search. Every query you make will go into the training for that system, along with your preferred language and country of origin.
You can certainly argue that generative AI systems are different than previous AI systems and should be treated differently. But the current situation is basically that you are allowed to train an AI on any data you have, regardless of copyright or consent. I wouldn't be surprised if that ends up being considered legally and ethically okay, because it's the status quo, and because it's hard to define "what counts as AI".
The point about spell check is a very good one. I think one big differentiator is that the attack/risk surface for something as complex as a LLM is much higher and that much, much more information is encoded in an LLM than a spell checking dictionary.
For example, it's possible to extract training data from an LLM—which could include PII/medical data/etc. Those risks don't exist with spellcheck as far as I'm aware.
To your point about what is "AI", I'd state that AI is a misnomer. What we're really talking about are generative large language models (LLMs). What an _can_ be considered an LLM is definitely up for debate, but if you were to describe one in general terms I think we could reasonably say that most (or all) things we consider LLMs are:
1. A probabilistic model of a natural language
2. Have the ability to interpret and generate natural language text
3. Typically encode a large volume of training data
I'd love to hear other thoughts on how one would define an LLM in practical, simple language. I imagine doing so would be a pre-requisite to any effective legislation.
> why? they trained on my code without my consent, why is user data any different?
It's different. Code and other content that you shared online - no matter what license you shared it under - is still fundamentally different from user data that you never shared anywhere at all.
That difference is really important, to me at least.
I would be absolutely furious if I found that someone had trained an AI model on my private data in Dropbox. I personally have no problem at all with someone training an AI model on content I have posted to my blog.
A huge problem with the art community right now is if you're a professional artist, you basically need to maintain a public portfolio and social media presence to find work. That ecosystem was developed and existed before image generation AI was a commercial thing, yet artists are finding out retroactively that their data got pulled into these training sets without their knowledge or consent. Even if it's legal, it's still pretty gross imo.
The two things aren't the same, and one is more egregious than the other. But I do think that hoovering up all that web data to train models was way over the line. Worse, there's nothing I can do to prevent it. That's why I felt forced to remove my websites from the public web. I can't think of any other way to defend myself from these entities.
> If I send private data to Dropbox they can't send it to anyone for any reason, including "improving" their product, without my explicit and informed consent. I'm not sure how this is even debatable.
It'd debatable because your data isn't "private" when you foolishly hand it over to some third party without encrypting it first and their policies say they can basically use it for anything as long as they can claim that it was "in furtherance of its legitimate interests in operating our Services and business". In fact their policy says they can update their policies any time they feel like it.
Privacy policies aren't even legally binding. If you're in the US and didn't sign a contract with dropbox you have near-zero rights, and any attempt to assert whatever rights you think you have will require going to court which is basically a pay to win system and you'll be up against a company with billions in assets so good luck with that.
Yes, it'd be a very shitty thing for dropbox to outright violate the trust you put in them, and it might be a terrible business decision that means no one ever trusts dropbox with their data again, but if they one day decided to go fully evil and start handing your data over to anyone willing to pay for it I doubt there'd be much of anything you could do about it.
Don't put any data you care about in the cloud without locally backing up and encrypting it and you'll never have to worry about what the cloud provider does with it or who they give it to.
Other than just manually generating a UUID and storing it then doing searches for it, is there any sort of formalized service/application/library for "Air Tag but for your data"?
Generate a unique string, store it along with my data, notify me if it shows up anywhere.
I wonder if it's possible to generate a canary of that sort that can be detected in AI models.
> think this is a combination of confusing wording and the eternal vagueness of what the term “consent” means in a world where everyone agrees to the terms and conditions of everything without reading
I think this is always the case. Unless the companies are forced to actually simplify and limit their TOS -or even divide it by features-. No one is realistically expected to read hundred of pages daily in legalize. I don't think many vendors do it our of necessity but as a workaround consent issue. This needs to be addressed by legislation that ban those practices.
If I can be automatically signed up to allow openai to process (but not train on) my data, I absolutely don't trust that the deal will not be altered the moment any counter-party to the “agreement” (besides me) desires it be altered.
I've briefly touched it in another blog post. It is not just trusting the institutions to not use the data for training. Optimizations you apply to making LLM inference fast might present new security landscape that we don't know much about. For example, if your LLM inference engine stores KV cache across user sessions, you can in theory do a timing attack to retrieve what's in the KV cache, potentially leaking other users' requests.
> Facebook say they aren’t doing this. The risk to their reputation if they are caught in a lie is astronomical.
The author refers to the theory that FB is always listening as “laughable”, but this statement is even more laughable. If FB actually got caught doing this, at most there might be a few articles about it, and maybe a class action lawsuit resulting in a few pennies distributed to individual users, and then things would go right back to business as usual.
The only convincing argument that FB isn’t always listening is that it would be too expensive to be worth it. Arguments about “reputation” risk are beyond absurd. They don’t care.
I think your article glosses over the fact that we have privacy concerns beyond training on my data.
I'm a working professional and I have clients that are governed by confidentiality agreements and regulations regarding where information goes, and I would just prefer using a service where my data rests on a server instead of having more and more points for a data breach to be introduced.
I don't really understand why my data isn't fully encrypted at all times and only I can view it in the first place, but the idea that they are actively sending it across the internet to be ingested by other companies and processed without my consent or interest is so terrible.
I often use AI features when I opt into them, but having a company just sending my personal files all over the internet without my consent is insanity.
Honestly, OneDrive has a migration tool and I got a trial for dropbox business and moved all my files automatically last night. It's just the last straw in their company constantly doing things I don't ask them to do like introducing crap and popups into my desktop interface and never offering the feature I constantly ask for... end to end encryption.
Nope, but it just makes sense as a quick and easy stopgap measure until I find time to figure out who to use, because it's easily compatible with my mac and pc, I already pay for a subscription so it saves money, it can run without putting all the files on every machine that I own, they aren't sending my info everywhere.
If anyone has suggestions on a reliable end-to-end encrypted solution with a lightweight cross platform sync software that doesn't force you to download all the files to your device (my Mac's HD is too small) and is generally fully featured. That won't take very much time to migrate with a trustworthy migration vendor. I'm willing to pay a premium price for it and I'm all ears.
iCloud isn't cross platform enough
ProtonDrive is going to pull down every file to every device and act in a dumb way
Sync might be a good choice actually. I have to investigate them further
They’ve already announced “M365 Copilot”, which is in the same ballpark as the Dropbox features (ask questions about your documents, etc.), and of course uses OpenAI like Dropbox does. So the only real difference here would be trust.
I would imagine it doesn’t use OpenAI’s servers, but their hosted versions of OpenAI’s technology though right? Like whatever they’re currently selling to enterprise customers via Azure?
iCloud Files is the only major cloud file syncing service that is e2e encrypted afaik. Was my reason to migrate over from OneDrive (especially since I was already using Apple devices and paying for iCloud for photos anyway).
Thanks! I would use iCloud, but I have a few windows devices I need for work unfortunately. It doesn't let me use the advanced security and maintain a windows device. Ironically, like many of these services I already have an Apple One subscription and am paying for it anyways.
Can you trust anyone who claims that things are end-to-end encrypted? Microsoft could take the point of view that you are one "end" and DropBox is the other "end". If they encrypt the data in transit and decrypt it on their end, it's still technically "end-to-end encrypted".
They could also just lie. Having a company claim end-to-end encryption still means that I have to trust that the company isn't being sleazy.
The only encryption you can really have some measure of trust in is the encryption you apply yourself.
What you're describing is a deeper problem not only with "AI" but with
the entire cloud-centric side of the tech world. Homomorphic
encryption might save the day for delocalised computing but we're some
years away from that being a reality. Meanwhile de-clouding,
"repatriation" to on-prem and hybrid private cloud cooperatives within
a trusted group are how we get there. Another good reason is simply to
stem the enormous wealth transfer to big-data from individuals and
smaller companies.
I'm glad to see that fantasies about omniscient AI taking over the
world are giving way to a better grasp of the more mundane realities;
AI just accelerating the already obscene power imbalances present in
our world. Keep your private stuff private.
Yeah, the problem is that I just need something quick and easy. I'm not an idealist. I just need something simple that checks most of the boxes and works easily across my blended eco-system of devices.
I get you, but when you say "sending my personal files all over the
internet without my consent is insanity", that sounds like pretty
strong affect. Maybe it's time you re-evaluated your choice for
expediency and ease in tension with something sane you believe in.
In today's world just championing sanity is already an "ideology" :)
I really do genuinely think is that at the core the is problem that it's very hard to address your real computer from the Internet.
There are programs that effortlessly can make a directory on your PC into the quite secure "cloud". Windows lets you share a password-protected directory right out of the box!
It is that easy to buy a few Tb disk and just run a program, if not for the:
1. Routers that doesn't allow easy port forwarding (or even ban certain ports)
2. Dynamic IPs
3. People selling domains pushing their own VPS services.
4. The amount of steps you have to take to allow
A lot of small organizations I know didn't need a system administrators to configure and run programs like this. A lot of them are beginner friendly! They needed them to configure the network.
Same applies for self-hosting sites. If there was a program that just hosted on your PC address any html-page you put into it, a lot of people would self-host something. But you can't unless you can wrangle your router and figure out how to buy static IP – two tasks that are way harder than basic html.
The stack for easy and secure self-hosting is here, but the network changed too much.
Hopefully, ipv6 will help to solve this problem.
Oh, and it's free for the networks with up to 100 devices!
Thank you for recommending, I'll definitely look into it.
For now it's funny how Tailscale in their "How Tailscale works" post asks you to pretend that everyone uses ipv6 to simplify explanation, and then acknowledges that almost no one uses ipv6 and a lot of clients are behind NATs and firewalls.
The tricks they deploy to pass through NATs are fascinating to me though.
A great service and a great blog, thank you for sharing!
I agree with most of your points, but why not encrypt sensitive information yourself before it gets uploaded/shared on your dropbox account?
Sure, it's not end to end encryption but it prevents the company from using the encrypted data as a training corpus.Are shared folders and files created by co-workers and family not tech savvy enough to know about encryption?
I agree this is a good practice, but if you have to do this to defend yourself against the rogue actions of a service you’re paying for, you’re probably better off not suing the service.
Different services have different and unclear expectations. For example, you'd imagine that a big online storage service would have some access controls in place to limit what uploaded data random employees in operations and engineering can see, but in at least one case you'd be totally wrong. This strikes me as a perfectly reasonable expectation - the data isn't just sitting there exposed to arbitrary employees and that only trusted employees have that kind of access, and not broadly.
I don't think this is rogue actions, I think it falls into the category of perfectly reasonable expectations that are not actually met by a wide variety of cloud services.
Because Dropbox acquired Boxcryptor -- one of the tools that easily let people encrypt files before upload -- to be replaced with "plans for end-to-end encryption"
Nit, but what you’re describing is e2ee (except for the metadata). If you encrypt your files before uploading and decrypt it only locally then only the logical sender and recipient have access. That it goes through Dropbox is not important (and also the beauty of e2ee).
This is a bit unusual, otherwise it’s typically people (and shady service providers) who say that something is e2ee when it isn’t.
The better solution is to use a separate encryption overlay like Cryptomator over whatever cloud storage you use. If you have confidentiality agreements with clients, you shouldn’t be using Dropbox without E2EE anyway, nor OneDrive.
Is it going to work on my iPad or iPhone? How long is it going to take? I tried to research that once, but it looked like Dropbox bought whatever service worked well and no longer seemed like a good solution. I would prefer the service to just work out of the box.
Yes, it works on iOS [0]. Personally I’m still using the standalone mode of Boxcryptor (the iOS app is still receiving updates), which unfortunately was bought up by Dropbox, and in the past there were opinions that it worked better than Cryptomator, but many people seem to be happy with Cryptomator now, so I’d give it a shot.
I found solutions like Boxcryptor cumbersome to use. Unless you stored the data redundantly locally, you had to download big encrypted files in order to access a small file.
Also searching files was impossible unless you downloaded everything, decrypted it, and searched locally.
I quickly realized it was adding huge delays in my day-to-day work and a lot of stress during time-sensitive tasks.
Have these e2ee overlays improved in usability since then?
Obviously you can’t search contents in encrypted state, and with E2EE this means that server-side search is not possible.
I rarely use indexed file contents search (filename search is usually enough and that works well, and tools like grep work transparently), however the Boxcryptor drive can be added to the Windows Search Index (or whatever search software you use), and I assume it’s similar on Mac. You don’t have to decrypt manually. Indexing causes more system load due to the necessary decryption, of course.
On desktop systems I always store all relevant data locally, exactly for the redundancy. I’m not sure what you mean by “big encrypted files”, because each original file is encrypted individually and thus has basically the same size as the original.
Do you want your cloud storage to "just work everywhere" or do you want to have full control of your data? Basically you get to choose one of the two options.
Cryptomater on top of any of the cloud storage providers is a great setup for home / personal use. I have been doing this for the past 3 years with minimal issues. Google Drive + Cryptomater on Windows + Cryptomater on ios, working pretty seamlessly.
I'm a little bit scared of using Mega, because it's linked to Kim Dot Com, a wanted fugitive and Megaupload used to be known for hosting tons of pirated files.
I know they have a cheap solution, but it's not exactly something that checks my box for stability and high character for hosting my very important files.
Seems like an s3 bucket would have been a better alternative. We have no idea what OpenAI does with Dropbox customer data outside of storing it for 30 days. They're doing something, basically all Dropbox customer files with get propagated to OpenAI by default and that should be scary, not feel good.
Dropbox’s practices aren’t unprecedented, but customer documents do pass through OpenAI’s servers and are stored there for up to 30 days, and the “third-party AI” toggle is turned on by default in account settings.
Turning on AI by default seems to indicate they're sending your data somewhere automatically before seeking approval or opt-in. I could be very wrong, but the wording alone would at the very least make me cautious.
If it’s turned on by default and one of its capabilities is to use AI to search your files, then why wouldn’t we assume it applies to basically all files? How could it not?
So that depends entirely on how they implemented the feature. There are a few ways this could be working:
- They gave their chat interface the ability to run regular full-text searches against Dropbox - when you ask a question that can be answered by file content, it searches for relevant files and then copies just a few paragraphs of text into the prompt to the AI.
- They might be doing this using embeddings-based semantic search. This would require them to create an embeddings vector index of all of your content and then run vector searches against that.
- If they're doing embeddings search, they might have calculated their own embeddings on their own servers... or they might have sent all of your content to OpenAI's embeddings API to calculate those vectors.
Without further transparency we can't tell which of these they've done.
My strong hunch is that they're using the first option, for cost reasons. Running embeddings is an expensive operation, but storing embeddings is even more expensive - to get fast results from an embeddings vectors store you need dedicated RAM. Running that at Dropbox scale would be, I think, prohibitively expensive if you could get not-quite-as-good results from a traditional search index, which they have already built.
If they ARE sending every file through OpenAI's embedding endpoint that's a really big deal. It would be good if they would clarify!
It's such an obvious obfuscation of what everyone can assume is a permanent ownership of user data. As well as the assumption that it's use will be limited. There are no supports for user data retention in the ToS. Unless a whistleblower reveals specific uses of the data and users litigate the issue, they do what they want with zero opposition.
I very much agree with you, however, do you really think that Microsoft, of all companies, isn't using your data for training LLMs, with all the data leakage risks? What makes you think that your data is safer on OneDrive?
Bing Chat (based on ChatGPT), Copilot, etc. As a GitHub user, I never got a checkbox to opt-out of GitHub Copilot's training on my code. At least Dropbox provides a checkbox.
I've worked for multiple department of defense contractors where they have their entire code base, to the tune of a few dozen terabytes - including highly sensitive ML training data - in their dropbox accounts. I bet they are in full panic.
Providing evidence to support a conclusion is a perfectly valid rhetorical strategy.
It's only annoying if a blog post is using the structure to pull a "here's a list of reasons why X sucks; this is why my monetized project Y is better, please use it!" which is not the case here.
My agenda with this article is to make AI companies aware that they have a genuine crisis on their hands, and hopefully push them to be more transparent and work hard to try and regain the trust that they have lost.
I added the bit about local models mainly because I knew that if I didn't 90% of the conversation about the article would be "yeah but he didn't talk about the obvious solution, which is local models".
I agree that “opt in by default” is a dark pattern - but how else would any cloud service provide a RAG enabled service? Perhaps it should be made explicit during the onboarding process like geolocation (opinions as a former location PM at faang)
> As with many conspiracy theories, too many people would have to be “in the loop” and not blow the whistle.
I used to believe this, but I do not understand how anyone can say this after the Snowden revelations. The vast majority of engineers are not martyrs. Given a choice to blow the whistle and then seek politcal asylum in Russia, most will not blow that whistle. Instead, they will live their lives and work to support their families.
"But this is not about Goverment Surveillance!"
Maybe this is true - I don't want to argue it here but I do think large tech companies are willing accomplices in many surveillance states - but an engineer at Open AI or Dropbox will probably not be facing felony charges for blowing the whistle. They will be facing the end of their career in big tech, and that's enough to dissuade most of them.
I'd guess maybe 200 engineers would have to be in loop before there is an 80% chance that one blows the whistle in any five-year period, and if they are careful they can keep the number of engineers in the know MUCH, MUCH smaller than that.
Well we know the official history books are lying to us. Manhattan project? No way that could have been kept secret for as long as it was. All those people "in the loop" and not a single one choosing to blow the whistle? Preposterous.
The idea that conspiracy is impossible ignores the conspiracies that happened and were covered up for significant amounts of time, long before we have the aid of modern technology. Why does the argument receive much attention despite that?
The Manhattan project did leak info to the Soviets. It is true it stayed out of public view for several years, but a difference in the Manhattan project is that every single person involved was investigated by the FBI beforehand, and the country was so heavily united in the fight against the Axis powers that it is quite likely almost everyone involved was a true believer.
The Facebook Mobile apps teams have thousands of engineers. They have access to the source code for the apps.
Is there a big black binary blob of source-not-available functionality in there that they are told to include in their builds without question, and for which a competent iOS or Android engineer wouldn't be able to tell if it has access to the microphone?
I was referring to the specific argument I quoted, not to the Facebook audio conspiracy it was applied to, since it is also being applied to Dropbox/Open AI where the numbers are much smaller. I think the technical arguments in the Facebook case are compelling enough on their own.
People believing the FB was eavesdropping on their conversations might be wrong, but that's mostly a technicality. It's like saying that I passed out because you hit me with a baseball bat, to which you'd reply: naaa...ah! it was a hockey stick!
FB has been/is spying on people and making us collectively more stupid, but using different, more esoteric/harder to explain methods (e.g. cross-device behavioural targeting).
> Those companies need to earn our trust. How can we help them do that?
This is a wicked problem and such a broad question (+ a bit of a weird take imho), that I don't see anything actionable. So, here's a half-baked list off the top of my head (so, poorly expressed, incomplete, incoherent):
- slow down the ill-conceived progress at all cost and understand that moving fast in the wrong direction ≠ progress
- force stricter transparency rules through legislative action
- understand and accept that no-trust should be the default
- invest more in open and offline models
- educate people
- accept that some of those companies in their current shape don't deserve our trust
If OpenAI say "we promise 100% that the data you submit to us through our API is not being used to train models" do you think they are straight-up lying to you?
289 comments
[ 2.7 ms ] story [ 271 ms ] threadThis is only part of it. I don’t want my data being sent anywhere unless I authorize it, regardless of what it’s being used for.
In this case, we not only have to worry about OpenAI training on our files (I have no reason to doubt that they are truthful when they say they won’t), but we also have to trust that they can securely handle our files.
Especially since they've had a few documented security problems in the past.
It's a real issue.
If you don’t want third (or second) parties reading your data, make sure it is e2e encrypted clientside.
This means no Dropbox, but Syncthing instead. That means no Slack or Discord, but Signal.
Use clientside encryption. Technical measures, not legal ones.
you may win the court case... 3 years from now. your secrets have been on the dark web for that whole time, and have filtered to the regular web by then. even if you know who did it, and can get them extradited they may not have cash to pay for the damages, and seeing them in jail, though nice, won't make your data private again.
Seems quite sensible for people not to trust that they fully understand the small print, since (i) they probably don't and (ii) the one thing most AI companies have made clear is that they think they should be able to use whatever material they like however they like, regardless of whether the creator of that material gives them their blessing or not.
Even if you have a deep technical understanding of how this stuff works and how these tools are built, you can still have very legitimate questions and doubts about how your data is being used beyond pure model training.
Local models also solve a lot of the trust issues
The only solution I see is to make it illegal to use personal data. Especially make data brokers illegal. When you give a company access to your data, you often agree that they will pass the data to third parties who then pass it on and suddenly everybody has your data because you have permission to use your data.
But the whole „facebook listening to you” os absurd - on iOS you would see a system notification that the microphone is active, I assume on android as well. Also, it would take crazy amounts of bandwidth/battery/processing power to pull off.
It would also be trivially discoverable - a ton of people are listening to what apps are sending out, and even if encrypted, it would be noticeable by the outgoing traffic volume being high.
It is virtually impossible to pull off even today, as anyone who ever developed anything on mobile can tell you
The ELI5 version is that it can watch everything and then keep the bits that happen just before the person hits the button.
That’s how they can catch things that explode or do something and you aren’t sure when it will happen. Like popcorn popping.
Siri is basically doing the same thing.
Siri also misfires. And that data can be sent in.
What's funny about it is that counterclaims will often be that this information doesn't necessarily need to be coming from reading your chat messages. It could be that they just know you happened to be chatting to that person -- despite "metadata" supposedly not being personally identifiable information -- and then one or more parties started to look up on google the topic they were discussing. As if that's supposed to be less invasive.
We might chat about all sorts of random things, but many times there's something that happened before, let's call it event X, that leads us to talk about a certain topic, say topic Y (like when you mention a cool shirt a friend just bought).
Then, if they see an ad about that later, folks jump to the conclusion that "Facebook was listening" to their chat. But what's more likely is that this topic was already trending among people like you, and that's why it popped up in your ads.
So, it's not that talking about it made it appear in your ads. It's more about a common event that sparked your conversation about it and also made it show up in your ads.
Simon does a great job highlighting why this doesn't make sense from the technical and business standpoints: https://simonwillison.net/2023/Dec/14/ai-trust-crisis/#faceb...
It's played out over and over again, especially with Facebook. They don't deserve the benefit of the doubt, even when "logically" the ROI for the company doesn't make sense. Facebook specifically can't be trusted at the executive level either; that culture trickles down.
You can’t use net profit as a yardstick of rationality in the corporate world, but especially Corporate America. People will seek revenue that results in negative returns on investment. There’s nothing rational about it, which is the problem.
They can increase revenue by making ethically terrible decisions. Full stop.
"We're not actually transcribing every word you hear and say, we're just using capabilities that the Stasi could only dream of at rates of speed they couldn't even conceive of, and it's just that these coincidences happen so often that it looks like we're transcribing your speech. Come on, be less paranoid."
If people think "they listen to me through the microphone" it distracts them from understanding what's actually happening - the whole sequence of things you listed there.
Which means they can't take measures to protect themselves, or campaign for better practices - because they're working off the wrong mental model of how this stuff works.
I told my mom i wanted a vacuum cleaner for christmas - guess what, facebook advertises to all your friends what you're shopping for. "lookalike audience" - to your point.
It's not a common event. They were totally random conversations. That's why I noticed that something is going on. I am not sure if they really listening on the microphone or what else they are doing but it's super creepy and should not happen.
Technology good enough is indistinguishable from magic.
What we need is basically GDPR except that consent can only be collected in the form of a signed and notarized contract.
There is a consent crisis as well, though I agree it's a smaller issue related to trust. There needs to be an actionable, legal definition of consent as it applies to website privacy—my naive assumption is that there was, but clearly that's not true, or it's not good enough or actionable enough—and it needs to preclude implying users must positively grant consent to harvest, process, or transfer data to third parties, when in fact the dirty deeds have already been done in secret.
It should contains hundred of thousands of entries.
Like fines for speeding.
Imagine if you had a page for parking tickets since 2018 (!) and it contained only a few hundred penalties.
This is ridiculous, especially since:
- it's not hard to find most cases. Just take any cookie banner that makes harder to opt out than opt in, and that's it, you have a violation. It can even be automated.
- it can bring a lot of money to a system that is dying for it.
Also the jurisdiction is in question. Who should enforce? Country where user is? Country where domain is registered? Country where data center with servers is? Country where nominal owner of the web page is? Country where final beneficiary is? Country where creator of the banner is?
In theory anybody can report to their country's data protection officer, although at least in Finland they don't care about individual citizen complaints.
The NGO noyb is sending out batches of these reports. They have some minor wins, but as you can probably tell from all these nags around, by and large there's not much effect.
All these questions are sorted, on paper.
https://techcrunch.com/2022/08/08/noyb-gdpr-cookie-consent-c...
If you trick someone into signing a contract, then that contract is fraudulent.
If you tell someone that you will ask their permission before doing something; then silently claim you already obtained that permission in a prior contract, you are committing fraud.
I don't know when our judicial system lost all of its teeth, but you sure as hell can't blame that on the citizens they are failing to defend.
See. No fraud.
Dave is a prostitute. He is hired by Sue via contract. In this contract, Dave agrees to have sex with Sue. Also in the contract is the agreement that Sue may introduce any sex toys that will not physically harm Dave.
When they get together, Dave notices a camera pointed at them. Sue tells Dave that, "I only record sex with people who consent to my use of a camera."
Later, Dave learns that Sue did in fact record the encounter. Sue's defense? The camera was a sex toy! It didn't physically harm you! This was all in the contract!
Is Sue's defense valid? Of course not! Sue has committed fraud.
---
We should hold corporations every bit as accountable as we would fictional prostitutes.
Or, framed another way: consent, in both a moral sense and a legal one, requires awareness from both parties of what you are consenting to. Each party is, to some extent, responsible for using the resources at their disposal to ensure they understand the contract (e.g. a blind person must find someone to read them the contract), but intentionally undermining the process of mutual understanding is at best very good evidence against enforcement of the contract and at worst fraud.
Easy. It's when we started treating the virtual reality of the internet as though it is actual reality.
Digital contracts shouldn't be binding, any more than mowing down pedestrians in Grand Theft Auto constitutes murder. These video-game contracts are mutable and ephemeral; how the hell do you prove what version of the contract/TOS you agreed to, when companies can change it arbitrarily-- and without any revision history? Tech makes it easy to gaslight the fuck out of anybody.
There'd be an actual cost to them were they do play this game with paper contracts.
These agreements often have millions of copies, so it's easy to find the applicable version of the T&Cs.
If all you have are digital T&Cs at the end of a web link, and those T&Cs can be updated at any time, and you are only ever sent the link, and not the updated T&Cs - you have nothing.
You could argue that everyone should download every T&C update. In theory that's true. But in practice a problem that could be solved relatively simply - keep a single letter - now requires many more steps, backup strategies, and so on.
You could also argue that banks should keep copies of their T&C versions and supply them on request. Which they do - except that in practice a bank that's trying to forge a document won't have a problem forging T&Cs.
This not hypothetical. I've known people win court cases because they kept a single piece of paper.
The actions of the government have been and likely always will be done for the interests of the wealthy and powerful. Policing itself was a concept first introduced by the wealthy to protect them and their interests. I mean just look at George Washington - he was the richest US president of all time after Trump at a present valuation of around $700 million.
i just wrote a WTF email to their support, but most likely i will be discontinuing my account. can't imagine what they can possibly say that will make this OK
I had some words with their support department, here is what they said:
>Hello,
>Thank you for contacting pCloud's Technical Support.
>This is a pCloud banner for Black Friday and it's not a notification. Unfortunately, you won't be able to remove it manually and you should wait until the end of the Black Friday promo - 30.11.2023.
>Should you require any further assistance, do not hesitate to contact us.
>Regards,
>George Lewis
>pCloud's Technical Support
Like it matters that its not a notification. You still need my consent regardless of what kind of ad it is.
Restore the trust? Pay us.
They'd enslave you and charge you a subscription for oxygen if they could – and insist it was a feature.
The key question is: Who is the actual customer?
That drives everything else. The FAANG's customer isn't the "users", but rather its advertisers, et al. Anyone who will pay for the data their "users" generate.
This is the Faustian bargain we all made when we decided that free stuff from the internet was a good idea. Someone else pays, and they get our data in exchange for that payment. The same data is likely sold as many times as they can do so, of course.
Also, I have a feeling this could be another case of the EU having to fine an US company, which means half of HN will cry again how the EU is always so mean to US companies. Or maybe this time HN acknowledges that the reason could be that the companies trying to use private data without permission are often US companies.
I agree it's a faustian bargain but I don't think we had much agency here. Our society now depends on these services to a high degree, which is why these companies are (and probably should) face increased scrutiny and regulation.
https://insight.kellogg.northwestern.edu/article/shareholder...
> There are a lot of misconceptions about maximizing shareholder value, even among economists. But talk to a legal scholar or a corporate lawyer: a CEO or board is not legally obliged to maximize shareholder value. They need to maximize the value of the corporation and act in its best interest. Only when there is a change in legal control, such as a merger or imminent hostile takeover, do they have to maximize shareholder value.
In practice, I think the PR playbook is too entrenched, but we can dream.
The larger you are and the more people that are communicating, the bigger the chance that someone says something terrible.
Particularly if you are a large public company and there may be legal requirements around specific parts of disclosure.
Besides, companies don't want their secret new feature announced before their competitors know about it, in a way that is poorly communicated and confuses customers, and then find that the person who announced it has a profile picture which is them at a far-right protest / far-left protest / made some sexist jokes / has a bio advertising their onlyfans account etc or a million other things that could be seen as against the corporate image.
I'm not worried, because I use Cryptomator. Great app, acts as a file encryption layer on top of any cloud storage.
Bullshit. Consent means consent.
There is no confusion here. Nothing is vague. This is explicit fraud.
I feel like every day now, I'm reading an article where the problem is obviously just fraud.
Fraud has always been illegal. When did we stop prosecuting it? Why aren't we talking about that every day?
It's not free to read his articles on Bloomberg, but his newsletter, Money Stuff, is free and one of my favorite daily reads.
https://www.bloomberg.com/account/newsletters/money-stuff
AI is very cool technology. The incredible overstepping of any and all ethics with regard to getting training data, just all of the data from any source as fast as possible right now, in this mad dash to create it at all costs is not and should mandate a complete restart on behalf of the people behind it. For this one, and for so many other ethical lapses on the part of OpenAI, the models as they exist are tainted beyond any ethical use as far as I'm concerned.
If your product uses this stuff, you are not getting one red cent from me for it. Period, paragraph.
This is what I mean by the "trust crisis".
Dropbox very clearly deny that Dropbox content is being used to train AI models, by them or by OpenAI.
You don't believe them, because you don't trust them.
No shit.
> Posting something online you are literally inviting people to look at it,
Yes, PEOPLE. Posting things for people to see is why the Internet exists, is why USENET was created, is why web forums were created, is why social media was created, is why 9/10ths of the Internet as we know it today was brought into creation.
It was not put there so people who do not know any of those people and do not give a rats ass about what they made could take millions of images, writings, and sounds and shove them into their product without their consent for purposes it was never meant for so they could automate art. That is categorically not what any of that is for, and you, and everyone else making this tired point damn well know that.
If you have no issue at all with your creative output being used to train data models, more power to you! That's how consent works! You consent and that's completely, 100% fine. That consent should not have been presumed as it was, and even if you assume complete and total innocence on the part of the AI creators, once it became extremely fucking obvious that tons, and tons, and tons of creatives absolutely would not have consented if asked, then their data models should've been re-trained with that misused data removed. That is the ETHICAL thing to do: when someone says "hey I really don't like what you're doing with my material, please stop" you STOP, not because that's legally binding, not because you'll be sued, not because you're infringing copyrights, but because you have a fundamental respect for your fellow human being who says "I don't like this, please don't do it" and then you, you know, don't do it.
Unless of course what you actually are is an ethics-free for-profit entity that needs to get to market as soon as possible with a product to sell that you probably can't be sued over, in which case you tell those people who's work your product could not exist without to eat shit, and proceed anyway. Which is basically exactly what happened and continues to happen.
And before you even go there to the "well how could they ask for the entire dataset's contents" I DON'T CARE. I'm not the one doing this, this is not my problem to solve, just because the ethical way to do a thing is hard, time consuming, and/or expensive or otherwise difficult, you don't get to just waltz past the ethics involved, even if you're a research project! I personally wouldn't want to get permission from a few million artists to use their work in this way, I don't think most of them would be comfortable with it, and even if they were, I don't really want to do that, it sounds like a ton of work. SO I DIDN'T.
If a corporation argues that it can ignore your AGPL because it didn't have to blow the bloody doors off to get hold of your code and its training process is "just like your browser cache" or "a person learning" and the derivative stuff is completely novel, why would you trust them not to deploy the same "but it's not exactly copying" arguments when given access to other stuff that has third-party "no copying" agreements wrapped around it, like your Dropbox?
And I do not buy the "just like a person learning" argument. At least, not fully.
I could see that, if you have a fully-functioning AI system, then handing it a new article to ingest could be "just like a person learning".
But many people graduate high school having read just a few dozen books (or less), having been around maybe a few dozen people (or less), and watched a few dozen movies (or less). A person does not need to ingest a nontrivial percentage of the entire wealth of human knowledge just to be able to be intelligent enough to read an article in the first place.
There may be people who do not care about this distinction. That's fine. But I am quite convinced that the distinction exists. And thus I do not believe that training an AI system is just like teaching a person -- and making copyright decisions on the basis that the two things are identical does not make sense.
100%. I love the way you put this and just wanted to expand on it a little bit, to remind everyone that there have been numerous, flagrant examples of various creators of various media who have their names/handles put into these models, who have work that is ludicrously similar to theirs in style produced from the model, and despite the fact that it's technically original, it is not original in any way meaningful to the topic, or defensible by anyone debating in good faith. That you need to put things like "unreal engine" "featured on artstation" and the like proves this. You're telling the machine to aim for works you know are of a higher quality in the dataset to get a better result.
Now if you're just fine with that and content to fuck over artists like that for no other reason than you can, I can't stop you. But please spare me the righteous indignation of objecting to the characterization of such behavior. It's fucking obvious, do not insult the intelligence of your opponents by insisting otherwise.
Sure maybe you care more about whether OpenAI has stuff derived from the contents of your Dropbox on their servers which is technically neither "training a model" nor the actual "copy" they were required to delete after 30 days than you ever did about copyrighted stuff. But why would OpenAI?
The problem here is that these corporations are given carte blanche to make any derivative works they want. They get the exclusive freedom to ignore copyright law.
The rest of us don't.
The worst part is that they get to turn around and say their models are protected by copyright!
This is copyright laundering. There are only 2 reasonable avenues for us to react:
1. Make "AI" companies respect existing copyright law when compiling training datasets.
2. Get rid of digital copyright for everyone.
I vote option #2.
In a conversation online about this recently, someone said (paraphrasing) ‘Government should regulate this!’ - but there are already regulations about all of this! It’s fraud! Fraud is literally paying for YouTube (and to varying extents a lot of the rest of the web) and nothing is being done about it.
I fear that it’s just considered so normal now that it will take a very long time to stop. If existing regulations about fraud had been enforced when the fields were nascent, establishing norms that it was just as unacceptable ‘with tech’ as it was before, I think it would be a lot less widespread now.
We all expect the courts to give the benefit of the doubt. The problem is that we echo that expectation in our discussions. We are not the courts! We should be loud and direct with our criticism.
There is no doubt here. I refuse to give corporations that benefit.
Yet I believe OpenAI isn't using data from Dropbox to train their models without users' consent.
BUT I don't think that's the problem here. The problem is data in transit; data sent to third parties who can actually read it, and who may have rogue employees that Dropbox has no control over; data that can appear in logs or subject to different policies, etc.
If I send private data to Dropbox they can't send it to anyone for any reason, including "improving" their product, without my explicit and informed consent. I'm not sure how this is even debatable.
If Dropbox wants to house models and offer RAG search themselves, to consenting users, that's one thing.
If Dropbox sends all data of all users to third parties without telling anyone before the fact, that's another thing. A terrible thing.
Well, I'm a paying Dropbox customer, and I would not pay for this feature. I would like it if they encrypted my data in a way that made offering this sort of feature impossible. I do want my data recoverable, but the fact that they can offer this AI "feature" at all, it seems like they've made zero effort to prevent malicious internal employees or third parties from accessing my data.
If they've ever signed a BAA (business associate agreement) with any enterprise customers using Dropbox for documents bound by HIPAA, this would get them into a lot of trouble very quickly. The financial penalties are _high and per exposure per employee involved_. They also hit employees doing directly (if you disclose/share HIPAA info then you personally are liable).
So I'm certain that even if they did share documents with undisclosed 3rd parties without notice, it wouldn't be "all". Enterprise data is likely safe. Those contracts get heavy scrutiny before signing.
why? they trained on my code without my consent, why is user data any different?
training is either fair use or it isn't
and high growth Silicon Valley companies aren't known for the adherence to the spirit of the law
“ GitHub Copilot is trained on all languages that appear in public repositories.”
Note it says “public” and not “open source”
https://docs.github.com/en/copilot/overview-of-github-copilo...
Even if training on copyrighted, private code _was_ fair use, training on PII without consent is _still_ problematic. It's a huge violation of privacy and adds all kinds of legal/regulatory/ethical risks that potential consumers of said models won't be on board with.
The language and spirit of the law certainly hasn't caught up, but I feel like in some cases (unconsenting use of PII, medical information, etc), the laws and ethics of how such data is used is pretty well established.
You can certainly argue that generative AI systems are different than previous AI systems and should be treated differently. But the current situation is basically that you are allowed to train an AI on any data you have, regardless of copyright or consent. I wouldn't be surprised if that ends up being considered legally and ethically okay, because it's the status quo, and because it's hard to define "what counts as AI".
For example, it's possible to extract training data from an LLM—which could include PII/medical data/etc. Those risks don't exist with spellcheck as far as I'm aware.
To your point about what is "AI", I'd state that AI is a misnomer. What we're really talking about are generative large language models (LLMs). What an _can_ be considered an LLM is definitely up for debate, but if you were to describe one in general terms I think we could reasonably say that most (or all) things we consider LLMs are:
I'd love to hear other thoughts on how one would define an LLM in practical, simple language. I imagine doing so would be a pre-requisite to any effective legislation.But my point is, this (training) isn't the main problem.
It's different. Code and other content that you shared online - no matter what license you shared it under - is still fundamentally different from user data that you never shared anywhere at all.
That difference is really important, to me at least.
I would be absolutely furious if I found that someone had trained an AI model on my private data in Dropbox. I personally have no problem at all with someone training an AI model on content I have posted to my blog.
It'd debatable because your data isn't "private" when you foolishly hand it over to some third party without encrypting it first and their policies say they can basically use it for anything as long as they can claim that it was "in furtherance of its legitimate interests in operating our Services and business". In fact their policy says they can update their policies any time they feel like it.
Privacy policies aren't even legally binding. If you're in the US and didn't sign a contract with dropbox you have near-zero rights, and any attempt to assert whatever rights you think you have will require going to court which is basically a pay to win system and you'll be up against a company with billions in assets so good luck with that.
Yes, it'd be a very shitty thing for dropbox to outright violate the trust you put in them, and it might be a terrible business decision that means no one ever trusts dropbox with their data again, but if they one day decided to go fully evil and start handing your data over to anyone willing to pay for it I doubt there'd be much of anything you could do about it.
Don't put any data you care about in the cloud without locally backing up and encrypting it and you'll never have to worry about what the cloud provider does with it or who they give it to.
Generate a unique string, store it along with my data, notify me if it shows up anywhere.
I wonder if it's possible to generate a canary of that sort that can be detected in AI models.
I think this is always the case. Unless the companies are forced to actually simplify and limit their TOS -or even divide it by features-. No one is realistically expected to read hundred of pages daily in legalize. I don't think many vendors do it our of necessity but as a workaround consent issue. This needs to be addressed by legislation that ban those practices.
Well, unfortunately, we have a government trust crisis also.
Concluding "if we respect people's feelings and do one weird trick, people will suddenly trust AI" is naive beyond number.
The author refers to the theory that FB is always listening as “laughable”, but this statement is even more laughable. If FB actually got caught doing this, at most there might be a few articles about it, and maybe a class action lawsuit resulting in a few pennies distributed to individual users, and then things would go right back to business as usual.
The only convincing argument that FB isn’t always listening is that it would be too expensive to be worth it. Arguments about “reputation” risk are beyond absurd. They don’t care.
I'm a working professional and I have clients that are governed by confidentiality agreements and regulations regarding where information goes, and I would just prefer using a service where my data rests on a server instead of having more and more points for a data breach to be introduced.
I don't really understand why my data isn't fully encrypted at all times and only I can view it in the first place, but the idea that they are actively sending it across the internet to be ingested by other companies and processed without my consent or interest is so terrible.
I often use AI features when I opt into them, but having a company just sending my personal files all over the internet without my consent is insanity.
Honestly, OneDrive has a migration tool and I got a trial for dropbox business and moved all my files automatically last night. It's just the last straw in their company constantly doing things I don't ask them to do like introducing crap and popups into my desktop interface and never offering the feature I constantly ask for... end to end encryption.
If you want a couple click migration from Dropbox Business to an Office 365 Onedrive account, it's right here: https://learn.microsoft.com/en-us/sharepointmigration/mm-dro...
If anyone has suggestions on a reliable end-to-end encrypted solution with a lightweight cross platform sync software that doesn't force you to download all the files to your device (my Mac's HD is too small) and is generally fully featured. That won't take very much time to migrate with a trustworthy migration vendor. I'm willing to pay a premium price for it and I'm all ears.
They could also just lie. Having a company claim end-to-end encryption still means that I have to trust that the company isn't being sleazy.
The only encryption you can really have some measure of trust in is the encryption you apply yourself.
I'm glad to see that fantasies about omniscient AI taking over the world are giving way to a better grasp of the more mundane realities; AI just accelerating the already obscene power imbalances present in our world. Keep your private stuff private.
It's why I use dropbox to begin with.
In today's world just championing sanity is already an "ideology" :)
It is that easy to buy a few Tb disk and just run a program, if not for the: 1. Routers that doesn't allow easy port forwarding (or even ban certain ports) 2. Dynamic IPs 3. People selling domains pushing their own VPS services. 4. The amount of steps you have to take to allow
A lot of small organizations I know didn't need a system administrators to configure and run programs like this. A lot of them are beginner friendly! They needed them to configure the network.
Same applies for self-hosting sites. If there was a program that just hosted on your PC address any html-page you put into it, a lot of people would self-host something. But you can't unless you can wrangle your router and figure out how to buy static IP – two tasks that are way harder than basic html.
The stack for easy and secure self-hosting is here, but the network changed too much. Hopefully, ipv6 will help to solve this problem.
For now it's funny how Tailscale in their "How Tailscale works" post asks you to pretend that everyone uses ipv6 to simplify explanation, and then acknowledges that almost no one uses ipv6 and a lot of clients are behind NATs and firewalls.
The tricks they deploy to pass through NATs are fascinating to me though. A great service and a great blog, thank you for sharing!
Sure, it's not end to end encryption but it prevents the company from using the encrypted data as a training corpus.Are shared folders and files created by co-workers and family not tech savvy enough to know about encryption?
I don't think this is rogue actions, I think it falls into the category of perfectly reasonable expectations that are not actually met by a wide variety of cloud services.
https://techcrunch.com/2022/11/29/dropbox-acquires-boxcrypto...
Nit, but what you’re describing is e2ee (except for the metadata). If you encrypt your files before uploading and decrypt it only locally then only the logical sender and recipient have access. That it goes through Dropbox is not important (and also the beauty of e2ee).
This is a bit unusual, otherwise it’s typically people (and shady service providers) who say that something is e2ee when it isn’t.
[0] https://apps.apple.com/us/app/cryptomator-2/id1560822163
Also searching files was impossible unless you downloaded everything, decrypted it, and searched locally.
I quickly realized it was adding huge delays in my day-to-day work and a lot of stress during time-sensitive tasks.
Have these e2ee overlays improved in usability since then?
I rarely use indexed file contents search (filename search is usually enough and that works well, and tools like grep work transparently), however the Boxcryptor drive can be added to the Windows Search Index (or whatever search software you use), and I assume it’s similar on Mac. You don’t have to decrypt manually. Indexing causes more system load due to the necessary decryption, of course.
On desktop systems I always store all relevant data locally, exactly for the redundancy. I’m not sure what you mean by “big encrypted files”, because each original file is encrypted individually and thus has basically the same size as the original.
Cryptomater on top of any of the cloud storage providers is a great setup for home / personal use. I have been doing this for the past 3 years with minimal issues. Google Drive + Cryptomater on Windows + Cryptomater on ios, working pretty seamlessly.
No affiliation, but it does exactly what you're asking for, and I've been very happy with it.
I know they have a cheap solution, but it's not exactly something that checks my box for stability and high character for hosting my very important files.
https://en.wikipedia.org/wiki/Kim_Dotcom
- They gave their chat interface the ability to run regular full-text searches against Dropbox - when you ask a question that can be answered by file content, it searches for relevant files and then copies just a few paragraphs of text into the prompt to the AI.
- They might be doing this using embeddings-based semantic search. This would require them to create an embeddings vector index of all of your content and then run vector searches against that.
- If they're doing embeddings search, they might have calculated their own embeddings on their own servers... or they might have sent all of your content to OpenAI's embeddings API to calculate those vectors.
Without further transparency we can't tell which of these they've done.
My strong hunch is that they're using the first option, for cost reasons. Running embeddings is an expensive operation, but storing embeddings is even more expensive - to get fast results from an embeddings vectors store you need dedicated RAM. Running that at Dropbox scale would be, I think, prohibitively expensive if you could get not-quite-as-good results from a traditional search index, which they have already built.
If they ARE sending every file through OpenAI's embedding endpoint that's a really big deal. It would be good if they would clarify!
Bing Chat (based on ChatGPT), Copilot, etc. As a GitHub user, I never got a checkbox to opt-out of GitHub Copilot's training on my code. At least Dropbox provides a checkbox.
It's only annoying if a blog post is using the structure to pull a "here's a list of reasons why X sucks; this is why my monetized project Y is better, please use it!" which is not the case here.
I added the bit about local models mainly because I knew that if I didn't 90% of the conversation about the article would be "yeah but he didn't talk about the obvious solution, which is local models".
I agree that “opt in by default” is a dark pattern - but how else would any cloud service provide a RAG enabled service? Perhaps it should be made explicit during the onboarding process like geolocation (opinions as a former location PM at faang)
Having a "enable AI features" checkbox seems to me like it would be a smart approach here.
Not only that, it's a nonsequitor. It's ridiculous on its face to say someone else making a decision for you is you "opting in".
I used to believe this, but I do not understand how anyone can say this after the Snowden revelations. The vast majority of engineers are not martyrs. Given a choice to blow the whistle and then seek politcal asylum in Russia, most will not blow that whistle. Instead, they will live their lives and work to support their families.
"But this is not about Goverment Surveillance!"
Maybe this is true - I don't want to argue it here but I do think large tech companies are willing accomplices in many surveillance states - but an engineer at Open AI or Dropbox will probably not be facing felony charges for blowing the whistle. They will be facing the end of their career in big tech, and that's enough to dissuade most of them.
I'd guess maybe 200 engineers would have to be in loop before there is an 80% chance that one blows the whistle in any five-year period, and if they are careful they can keep the number of engineers in the know MUCH, MUCH smaller than that.
The idea that conspiracy is impossible ignores the conspiracies that happened and were covered up for significant amounts of time, long before we have the aid of modern technology. Why does the argument receive much attention despite that?
Because government national security secrets and dumb corporate secrets are different.
Is there a big black binary blob of source-not-available functionality in there that they are told to include in their builds without question, and for which a competent iOS or Android engineer wouldn't be able to tell if it has access to the microphone?
FB has been/is spying on people and making us collectively more stupid, but using different, more esoteric/harder to explain methods (e.g. cross-device behavioural targeting).
> Those companies need to earn our trust. How can we help them do that?
This is a wicked problem and such a broad question (+ a bit of a weird take imho), that I don't see anything actionable. So, here's a half-baked list off the top of my head (so, poorly expressed, incomplete, incoherent):
- slow down the ill-conceived progress at all cost and understand that moving fast in the wrong direction ≠ progress
- force stricter transparency rules through legislative action
- understand and accept that no-trust should be the default
- invest more in open and offline models
- educate people
- accept that some of those companies in their current shape don't deserve our trust
Edit: This is a better take: https://news.ycombinator.com/reply?id=38643792&goto=item%3Fi...
That's what I meant by an AI trust crisis.