Google and AI Chatbots: When Privacy is Laid Bare

AI Chatbots and the Disclosure of Phone Numbers

Users have recently expressed concern over the disclosure of their personal contact information by Google's AI, a problem for which there is no simple solution. A Reddit user shared their experience, explaining that they were receiving numerous calls from people seeking various professionals, such as a lawyer or a product designer. These calls were the result of misdirection by Google's generative AI.

In March, a software developer based in Israel was contacted via WhatsApp after Google's Gemini chatbot provided incorrect customer service instructions that included his personal phone number. In April, a PhD student at the University of Washington managed to obtain a colleague's personal phone number while interacting with Gemini. These incidents raise significant concerns regarding personal data protection.

AI and privacy experts have long warned about the risks that generative AI poses to the privacy of personal data. These recent incidents illustrate a new threat: the exposure of real phone numbers by AI. Although the Reddit user did not respond to requests for comments, and their story could not be independently verified, these cases raise legitimate concerns.

Experts believe that these privacy breaches likely result from the use of personally identifiable information in AI training datasets, although the exact mechanism remains unclear. The outcome is nonetheless troubling for those affected, especially since it seems difficult to find an effective solution.

A Significant Increase in Privacy Requests

It is challenging to measure how often phone numbers are exposed by AI chatbots, but experts believe this occurs far more frequently than is publicly reported. DeleteMe, a company specializing in the removal of personal data online, has noted a 400% increase in requests related to generative AI over the past seven months. These requests specifically concern tools like ChatGPT, Claude, Gemini, and others.

According to Rob Shavell, co-founder and CEO of DeleteMe, 55% of concerns related to generative AI mention ChatGPT, 20% concern Gemini, 15% Claude, and 10% other tools. Customer complaints generally fall into two categories: exact personal information provided by a chatbot or plausible but incorrect contact data generated by the AI.

This is what happened to Daniel Abraham, a 28-year-old software engineer in Israel. In March, he received a strange WhatsApp message from a stranger asking for help with a PayBox account. The stranger explained that they had obtained Abraham's number through instructions from Gemini, even though Abraham does not work for PayBox and the company does not use WhatsApp for customer service.

Abraham then tested Gemini, which generated another incorrect number for PayBox. This number actually belonged to a credit card company that partners with PayBox.

The Safeguards of AIs in Question

Current language models incorporate safeguards to limit certain outputs, including preventing the disclosure of personal data. However, these measures are not always effective, as discovered by two PhD students at the University of Washington.

Meira Gilbert, one of the PhD students, experimented with Gemini and requested contact information for her friend and collaborator Yael Eiger. To her surprise, Gemini revealed Eiger's personal phone number, even though Eiger had shared her number online for an event the previous year.

A Problem Without an Obvious Solution

There is no simple solution to address the issue of personal data disclosure by AIs. Consumers cannot easily verify whether their information is included in training datasets or request its removal.

Jennifer King, a privacy expert at Stanford University, emphasizes that individuals should be able to request the deletion of their personal data. However, this option is often limited to data provided directly to companies, such as during interactions with a chatbot.