130 comments

[ 2.7 ms ] story [ 90.7 ms ] thread
> As a result, they have started suspending accounts that engage in this behavior. It's important to note that the "right to forget" no longer applies to your answers, as per StackOverflow's Terms and Conditions, which grant them special permission to retain all answers.

SO can actually do this?

I was surprised by this partnership to be honest, but I don’t blame contributors picking a side on this. SO is merely a provider of infrastructure, but the way that OpenAI wants to monetise people only benefits them and SO directly.

I'm a minor SO contributor, about one answer per week. I answer questions in order to spread the knowledge. From my viewpoint it's a deal where two companies try to make a profit by helping me spread knowledge — what is there not to like?
Nothing wrong with what you are saying but this is being showed down people’s throats without an option to opt-out, that is why I am asking can SO even do that.

Not everyone agrees with OpenAI, etc. This is about giving people an option as opposed to be being told “no” and thats the end of it.

Oh well, when I joined the terms included "anyone can download a complete SQL dump of the site" and of course anyone includes all the people I don't like. I knew that, you knew that, we all knew that.
Must be fun working at StackOverflow with a gun held to your head now that OAI ate your lunch.
I'm sure people will remember that when next minded to answer a question on SO.
(comment deleted)
This is where GDPR and friends should come in. If they won't do it the friendly way, they should do it the hard way.

Lawyers are a little more expensive than handling a click, especially at scale.

Not sure why this is getting downvoted. This is exactly what GDPR was made for. Good thing I have only like 2 answers on SO, lol.
GDPR allows you to get your personal identifiable information removed, not content.

And GDPR is an eu thing not a usa thing.

It's annoying that people treat GDPR like a magic word that lets them do whatever they want. It only covers personal data -- as in, your name, address, phone number, email, any other identifiable information, etc.
Does GDPR apply to non-personal data that you've generated?
Stylometric analysis can be used to link texts you write to your identity, even if written anonymously. These are grounds to claim the texts you write are inherently personal. See https://en.m.wikipedia.org/wiki/Stylometry
Content you have voluntarily published under the terms of a platform, which presumably grants StakOverflow all commercial rights, won't fall under GDPR. You can request your personal information to be deleted, not the content you produced under contract and which you no longer own.
There are legislations where you always retain the moral rights to anything you produce (those cannot be waived) and the authors here could argue that this partnership is negatively affecting their moral rights.

I don't think it's been tried before but that sounds like a possible legal path to taking down the content

If you open source your work you can't just pull the content then sue someone using the content you gave them a license to use due to moral rights.
No, in those legislations you absolutely can, the moral rights supersede the license (not that I'm necessarily happy with that)

In the case of open source software, it could be some use which reflects badly on yourself.

Here in this scenario, the angle could be that using it for training in AI could affect the integrity of the content produced

Not sure how GDPR applies to content you wrote using another service. GDPR does not apply to the content you wrote on Facebook, it only applies to your personal information Facebook is collecting while you write said content.
GDPR does (fortunately) not grant the right to dictatorially sabotage a tree of content at the hand of one user, if exercising this right is in conflict with other peoples interest.

In the case of StackOverflow post are a contribution to the collective knowledge base rather than personal data. If your posts do not contain personally identifiable information, StackOverflow can easily argue that the content does not fall under GDPR’s scope for deletion based solely on personal data grounds.

(comment deleted)
It’s sad to see the death pangs of one of the most useful resources of my career.
Stackoverflow is and will be fine, what are you basing this panic on?
Many many people use Copilot / ChatGPT in place of stack overflow for all the obvious reasons.
Yes and that either works perfectly and Stackoverflow is not needed, or it doesn’t work and we keep using Stackoverflow. In reality it is of course a mix of the two. My point is, we’re not just going to sit around and twiddle our thumbs if there is a dramatic drop in the accessibility of Q&A. We’ll do something! Just like when Stackoverflow was created.
Stack Overflow has been less useful for several years before OpenAI.

I find for web technologies it's less useful because the technologies keep change, and what was a good answer in 2010 is not now. To answer questions I find it more useful to consult a primary source, such as the documentation on a some software's website, or a forum dedicated to that software.

On SO I often get no replies, or unhelpful and often toxic comments along the lines of "Technology X is bad, use Y instead".

Or I often get people who answer the question as if they show applying for a job at Google. No, I just need help with some software to process a few thousand rows and send a summary once a month by email. I'm not trying to process petabytes of data with a response time of <1ms.

Stack Overflow does not let you delete questions that have accepted answers and many upvotes because it would remove knowledge from the community.

So instead I changed my highest-rated answers to a protest message.

Within an hour mods had changed the questions back and suspended my account for 7 days.

How about repeatedly changing just a few characters, corrupting the post over a period of time? (Entrepreneurs: you can have "SO post gradual corruption as a service" for free, you're welcome)

So you propose intentional answer rot?
Let's call it "composting"
1. What about all the humans reading your answers? I get you're on a crusade against AI, but it kinda sucks that you're potentially sabotaging student/junior programmers in the process.

2. This seems easily detectable, by checking edit volumes of a given user and/or post. Even 1 edit per month is probably going to be suspect compared to how infrequently posts actually get edited.

No crusade, just offering constructive suggestions to the OP.

Detectable, maybe -- month one, a few homonyms which could be spelling corrections: been -> bean etc, month two, (near-) synonyms: bean -> lentil ... throw in a few UFT8 homglyphs to add noise. Unlikely that that sort of corruption would be obvious to a machine, then manual checking is needed, and do they have the manpower for that?

It's also a programming website, so that kind of thing would probably be even better targeted at code examples and keywords (e.g. change a function name to something subtly inappropriate). That would have the added value of helping to make the derivative AI suggest errors, making it even less useful.

Also one could also use a "masking" edit. Make the defacing change then another more innocuous one.

> throw in a few [UTF8] homglyphs to add noise

That seems like it could be defeated by a pretty straightforward normalization task. Either just a straight mapping or a mapping that's applied contextually (e.g. replace an omicron with an o, but only when the adjacent characters are ASCII).

> 1. What about all the humans reading your answers? I get you're on a crusade against AI, but it kinda sucks that you're potentially sabotaging student/junior programmers in the process.

What about them? Nothing's perfect. One rather effective of was of undermining any kind of effective protest, is to pepper it with demands for perfection that can only be satisfied though inaction.

And I think there's a subtle contradiction in your objection: by doing something like this you're also sabotaging the thing that is slated to replace many of those those "student/junior programmers." So are you really doing them harm?

Preventing people from deleting all their answers has long been the policy; this is nothing new.

And before anyone brings it up: GDPR does not mean "every single bit of information I ever wrote can be deleted whenever I want". Not on HN, and certainly not on Stack Overflow where you agreed to have everything under the CC license. It's painful how badly some people understand the GDPR.

According to OSNews' quote of the source, it's not even a permanent ban (as the title on HN implies), but a 7-day ban.

https://www.osnews.com/story/139601/stack-overflow-signs-dea...

You need to try very very hard to get a permanent ban on Stack Overflow. And even most "permanent" bans are only for 10 years. There are some exceptions, but it's rare and only after persistent serious long-term abuse and all the shorter bans didn't work.
> Not on HN

From the privacy policy:

> you represent and warrant that you own all right, title and interest in and to such User Content, including, without limitation, all copyrights and rights of publicity contained therein

So I'm pressing X for doubt, but someone with legal knowledge may enlighten me otherwise.

Public comments are not personal data, either in the "common sense" meaning or as defined by the GDPR. Maybe purely legally you can revoke permission for HN to publish your comments, I'm not sure about that, but that's a completely different copyright thing unrelated to GDPR.
I was a bit shortsighted on the "I ever wrote can be deleted whenever I want" and relation to that, but yes that makes sense.
That means that you own whatever you're putting in a comment - you are not pasting in copyrighted content in violation of fair use exceptions.

For example, pasting in the text of a paywalled article.

It doesn't mean "you retain ownership of the content."

You're right of course. It makes me wonder though about the legitimacy of keeping someone's name next to an answer, and in principle allowing the answer to be edited and updated, but preventing some kinds of edits.

One might reasonably claim that SO is doing something equivalent to saying "this person thinks the answer as written is true and implicitly endorses the products involved". YMMV, but publishing something like this, especially with the knowledge that the person would like the post removed, could be considered defamatory.

> It makes me wonder though about the legitimacy of keeping someone's name next to an answer

You can delete your account; that's not a problem. I know because I did that myself in spite of having quite high reputation (for the politics site, due to rampant antisemitism there).

After that it will just show as "user12312".

> and certainly not on Stack Overflow where you agreed to have everything under the CC license

Does OpenAI comply with the CC-BY-SA 4.0 license terms? AFAIK (I don't use their products, so don't know much), they don't actually include 'derived from original by ...' and 'licensed CC-BY-SA 4.0' in their works, and StackOverflow has no rights to relicense the content to a different license.

I don't know; I think the exact legal status of copyright and training is still unclear at this moment. OpenAI claims it's all "fair use"; others disagree. Thus far it's untested in court AFAIK, although there's some procedures on-going.

I'm not defending Stack Overflow and/or OpenAI here; I also pretty much stopped all my contributions for various reasons. I'm just saying it's fine for them to have reasonable protections against sour grape deletions, and that GDPR has nothing to say about this.

Title is a little misleading. Regardless of one's opinion on StackOverflow's partnership with OpenAI, editing existing questions & answers to replace them with protest messages fully fits their rules' definition of defacing.

Editing the answers through SO's tools is not the right way to protest (since it's trivial for them to suspend you because you're clearly violating their rules); the GDPR is. Making a GDPR deletion request is quite easy.

I don’t think questions and answers that were willingly published count as GDPR data. SO probably retains rights to them.
And not even just SO. They were licensed to you, me and everyone else under Creative Commons, the OP can't just revoke the license.
User content is explicitly licensed under CC-BY-SA. Claiming GDPR on it is just as silly as claiming GDPR because someone forked your GPL project in a way you didn't like.
It's still a good protest if you're not covered by GDPR. As long as you don't care about the account that is - I suspect you're going to be banned after a few times. But there's only so many people able to review changes/flags. Enough people could totally DoS the review system and force some changes.
Its very easy.

No one is editing their posts constantly and with high change.

Take your backups (you have anyway), diff the content, allow only minor changes and a max edit limit of x, restore the content if those criteria are not met.

Sure it costs a week or a month to add this feature to the platform but data will not be lost.

Nonetheless, SO is not the only ones having an archive of SO

It's not that easy. Major changes / rewrites for quality are not that rare. Minor changes could also break the system by injecting false information. And even if you could automate this, it still takes time / effort continuously, because people who really care will adapt.

Any protest like that will affect SO's ability to do other things they care about.

Maybe not legally speaking, but the users are the ones who put the time into the answers. To the users, emotionally, it's their own content they are "defacing", and they're doing it specifically because the content they worked hard on is now being greedily monetized in the 'AI rush'.

Protest is rarely pretty, often not legal. That's the point...

Unfortunately in this case it's going to be pretty useless. It's not hard for Esso to detect changes that decrease the utility of an answer and replace it with the one from their archive.
I've understood that companies are allowed to retain data that they need for legal reasons even if you do a GDPR delete request – and by posting on Stack Overflow you've granted them a perpetual, unrevokable license to your posts under the condition that they attribute the work to you. Sounds legally complicated to say the least.
> It's just a reminder that anything you post on any of these platforms can and will be used for profit.

Let's be honest, your answers on StackOverflow was never _not_ used for profit.

Yeah I’m unsure what they thought the situation with Stack Overflow was…
Here's a cached copy of the linked post on a server with more capacity: https://mastodon.social/@ben@m.benui.ca
This seems to just 404 for me?

Edit: https://hachyderm.io/@ben@m.benui.ca/112396508798014598 has it cached for me.

Yeah it worked for me the first time and doesn't work now, not sure how to fix that.
I tried another server and Hachyderm still has it available. Idk why it disappeared off Mastodon Social.
Makes this statement a bit akward, no?

> Here's a cached copy of the linked post on a server with more capacity

I'm not sure what happened, the original link worked for me at first but then it started redirecting to the site that was overwhelmed rather than serving the cached content.
(comment deleted)
It's nice to see all that effort by the many being monetized by the few so that the many can be off loaded making more money for the few.

Well played, well played.

Strange game: https://www.youtube.com/watch?v=uOoXwxqeVzg

>It's nice to see all that effort by the many being monetized by the few

That's how the internet worked since web 2.0. Generative AI training is just another way it's being monetized.

The many should think about who they give content to. To some extent that’s on them.

I doubt they had any reasonable expectation that Stack Overflow was a charity.

Also my answer about centering a Div… really isn’t worth much.

Who is harmed by this deal between Stackoverflow and OpenAI? What’s the problem with OpenAI profiting of the content on Stackoverflow? I profit of it, everyone does. The whole point is to share knowledge for anyone to profit off.

There is absolutely no real issue unless one starts arguing about slippery slopes where Stackoverflow monetizes its platform and the website becomes unusable due to AI spam etc. I find these fears quite unrealistic.

Let's say you spend days or weeks making a piece of art for a friend for their birthday.

2, 3 years later it's no longer hanging their bedroom, and you ask, and they tell you they sold it for $50k.

You'd be a bit annoyed on multiple fronts....

>2, 3 years later it's no longer hanging their bedroom, and you ask, and they tell you they sold it for $50k.

The analogy fails because in this case, the painting is still on their bedroom, just like how the guy's stackoverflow answer is still on stackoverflow. Moreover, when you contribute to stackoverflow, you agree that your work is licensed under a creative commons license. So it's the equivalent of giving your friend a painting, telling them "oh btw you can do whatever you want with it, as long as you attribute back to me", and then get mad that they digitized it and put it on their blog. Finally, let's be real here. This isn't a painting worth $50k. No one's comment is worth anywhere near that.

It's hilarious how many of the same talking points from discussions on piracy from a decade ago has been reused in discussions about LLM training data (eg. "piracy = theft" -> "LLM training = theft")

Stackoverflow isn’t your friend. It’s more like you donated it to a thrift shop and they resold it for $10.
When I posted my answers on SO, I did it under CC-BY-SA license, as did all other contributors. Which means that a derived work of those answers - which a model trained on them surely is by any reasonable interpretation - has to abide by those terms. Meaning that it needs to attribute all the questions on which it was trained (i.e. at least part of the training set must be public), and the weights themselves need to be distributed under the same license.

So long as OpenAI abides by these terms, I don't have any problem with them using my answers for training. Do you think they will?

SO has always been a for profit company.
That's why you must stop contributing your content to other people's projects and start working on your own projects instead.

Do not submit answers to StackOverflow, write articles for your own blog/personal web-site instead.

Because OpenAI does not crawl the web?
This is just ignorant;

Surprise your content is publicly available and used by a company for profit \o/

Srsly... your QA was used in GPT before this agreement already now SO profits from it which makes it in theory better because now SO (the platform you liked before this) is able to continue investing into it and making money / profit which motivates them to keep investing and inovating.

Why tf is this a bad thing?

> public

Have you never heard of copyright or licenses? Or what is your point?

Yes of course. Did you ever read the service agreement with SO?

SO is not GitHub. GitHub has high motivation to protect your (c) for you, SO has not. Never has.

I don't understand this new point at all. Both SO and GitHub want people to keep putting their content in there, because it's the entire value proposition of their sites. Both SO and GitHub have specific licenses for content. Where do you see this difference?

GitHub already sells Copilot, trained on copyrighted user data. Where do you observe this "motivation"?

What did you expect from a centralized platform? They will monetize all of your content without thinking twice
...as opposed to non-centralized platforms that certainly won't be scraped by AI companies?
> ...as opposed to non-centralized platforms that certainly won't be scraped by AI companies?

You could avoid the scraping by requiring login or maybe having some continuously generated AI noise requiring social context filter out that a scraper wouldn't have (e.g. a bot in a chatroom that spews garbage that everyone knows to put in their killfile).

>You could avoid the scraping by requiring login

This is easily bypassed by having some sort of pattern matching sign-up script (because realistically, everyone is going to be using an off-the-shelf solution like wordpresss which you can detect and write scripts for) and paying a captcha solving farm to solve any captchas for you. Practically speaking though, having a signup wall is going to be killer for getting visits. It's already hard enough as it is to get started as an independent writer/blogger with no sign up wall. If you're going to force people to log in as well all that will do is ensure your posts are read by no one.

>or maybe having some continuously generated AI noise requiring social context filter out that a scraper wouldn't have (e.g. a bot in a chatroom that spews garbage that everyone knows to put in their killfile).

Similar problem to the above. Why would someone want to join your community when the first thing they see is that it has a spam problem that's seemingly unaddressed?

>> You could avoid the scraping by requiring login

> This is easily bypassed by having some sort of pattern matching sign-up script

I would imagine it's not that easy. At a minimum you could have captchas, and if those stop working you could always add some other friction (like a nominal payment for an account, a la Metafilter).

> Similar problem to the above. Why would someone want to join your community when the first thing they see is that it has a spam problem that's seemingly unaddressed?

Because they understand the reason, and there emerges some common understanding that's something you need to do to discourage scraping?

>Because they understand the reason, and there emerges some common understanding that's something you need to do to discourage scraping?

The only way I can see this working out is in some sort of author's forum, where everyone there are personally affected by LLM training and therefore they're willing to put up with the barriers. The same can't said be true for the average reader, or even most readers. They're far less to care about their artistic/literary livelihoods being killed by AI, and as we seen with how popular Amazon and Uber is despite their treatment of their delivery "partners", even if they're sympathetic to you that's no guarantee that they'll support you at their inconvenience. The overwhelming majority of readers is going to hit your signup/pay-wall and bounce, which means all you're doing is kneecapping your reach in exchange for a bit of smugness against AI companies.

> a bit of smugness against AI companies

Huh? I don't think "smug" is an appropriate word to use there. One isn't smug for not wanting to get exploited.

If anything's smug, it's this sense that AI companies should get whatever they want and everyone just and there's nothing anyone can do about it.

Regarding this title:

The user didn't delete answers, they updated them to say something unrelated to the question. I understand the protest, but there's a difference between deleting and what's essentially defacing.

Moreover, they still have that data juding from OPs screenshot with the diff view, lol. I don't think it would be very hard for AI to figure out that it's a garbage answer and just pull the version before edits.

This problem is not a technical one; the companies already have the data.

No, but the social problem is that StackOverflow's entire reason to exist is to provide correct answers common questions. So of course they will intervene if somebody starts ripping answers off the human facing user interface as well. The net will interpret damage as damage and route around it.
How is an AI supposed to work that out? Given the talk about how these models have a tendency to confabulate, this would seem problematic. Idk though, maybe this is now a thing?
Not prompt engineer, but can't you ask it to answer yes or no to "Are these two comments vaguely about the same thing"? I'm not sure where the confabulation can happen, aside from misclassification which can be solved by getting a human and/or more LLMs to review the decision.
Interesting, did not know these things could be used to make assessments, judgments, categorizations, etc. Had been under the impression they just riff out text based on suggestions.
>Interesting, did not know these things could be used to make assessments, judgments, categorizations, etc.

Yep. For instance in this paper[1] they asked an LLM a bunch of political questions to figure out what its political alignment is.

[1] "Discovering Language Model Behaviors with Model-Written Evaluations" https://www-cdn.anthropic.com/e4f69aacd8c0905030172bc6eb480c...

The diff is there, so the original answer exists and it seems like they prepared for this so they can easily refrain it with the original answer, or this is all idle speculation and they took it into account already. Being at a company that uses ai, data scientists know the problems and probably have discussed it at some length and covered these cases
You can't delete posts under many conditions on SO.
More individuals are increasingly recognizing that we are currently in a medieval era of the Internet. The content and creations we share online today are essentially not entirely our own. Many are eagerly awaiting a transformative moment akin to the French Revolution to rectify this situation.
I personally hope that nothing changes in this regard. I think it’s great if everyone can use the content that was voluntarily posted online for the whole world to see.
Speaking as someone with 100k rep on SO, I don't mind them using my answers to train the model. What I object to is when the resulting model is not then itself posted online for the whole world to see. If OpenAI actually shared the weights for GPT-4, I would consider it an ethical trade.
>More individuals are increasingly recognizing that we are currently in a medieval era of the Internet. The content and creations we share online today are essentially not entirely our own.

currently? Even in the geocities days, companies can presumably crawl/scrape your site to train their LLMs. The only way of preventing that is by paywalling your site, which I doubt many hobbyist bloggers are going to do.

(comment deleted)
So I totally get that people are upset, but it’s probably a good idea to remember that SO was on the path towards going out of business.

If they didn’t change something they would simply cease to exist. Does anyone have a better idea?

They're entitled to their business model. They're not entitled to that business model being successful.
web2.0 was about user generated content.

i would say this is the so-far elusive web3.0

Why would OpenAI even need to partner with SO? Scraping is free.

Just shows how much money OpenAI has to spend when they could have got it for free.

Technically, search engines scraping content are doing illegal reproduction of copyrighted works, it's just tolerated by the copyright owners (but not all of them tolerate that; news websites for example).
It's not even clear it's illegal; generally, the legality is in the use, not the copying of the data.

... But the easiest way to shortcut all of those thorny open questions is to go through the front door with a big sack of cash and an explicit agreement on how the data will be harvested and what it will be used for.

Since the content is licensed under CC-BY-SA, the solution is to wait until OpenAI eat the content, and ask them to attribute the copyright to you when they create derivative work (e.g. OpenAI models).

Seems fair, and provides back the credit to the person who prepared the answer.

>and ask them to attribute the copyright to you when they create derivative work

Whether LLM training counts as "copying" has yet to be settled in court. Absent that, it's unclear whether attribution is even required. For instance, facts aren't copyrightable, so you can theoretically incorporate facts from other works into your work without attribution.

How are you going to "ask them"?
Any content you post on Stack Overflow is licensed (by you) as CC BY-SA [1]. Which is fantastic! Your answer can be freely (with attribution) used elsewhere. Admittedly, the main use has historically been clone websites that just add adverts with no value. But the principle is there.

But if anyone has a license to use your content... Then certainly Stack Overflow do! If they want to post an old version of your question/answer that hasn't been overwritten with a message about some cause you care about, important as it may be to you, then they're free to do that. This is not news.

[1] https://stackoverflow.com/help/licensing

Not just CC-SA, but CC-BY-SA, this is a big difference, they need to attribute the work to you.
They're free to do that with the VERY TINY requirement of attribution. And they won't even do that. I take this as the giant "F YOU" that it is.
Not sure exactly what this protest is for, questions and answers both published publicly and anyone can see them without an account and benefit from it.

Alright, if they use it to train some AI - what is the big deal? As I understand the original posts are still accessable. Essentially users will be paying for faster search and better precision since you can do the same without payed AI.

No more answering questions on StackOverflow, then -- easy peasy.
Would there be all this Sturm und Drang if the LLM models generated from stack overflow (and other) content were considered a social good and available at no cost? Or perhaps the turmoil comes from the fact that somebody else is making profits with no oversight, and it's not really about the LLM mechanism and toolchain itself.
I think it varies from person to person. Speaking for myself, I agree with the way you put it. If it matters, I'm in the top 0.15% of SO contributors, although most of that has been in its early years. But other people might be opposed to AI on principle, or consider it a threat to their job etc.