[lxgr]

The NYT is, in my view, exploiting a systematic weakness of the US legal system here, i.e. extremely wide reaching discovery laws with almost no regard for the privacy of parties not involved to a given dispute, or aspects of their lives not relevant to the dispute at hand.

Of course it's out of self-serving interests, but I find it hard to disagree with OpenAI on this one.

[JumpCrisscross]

> with almost no regard for the privacy of parties not involved to a given dispute

Third-party privacy and relevance is a constant point of contestion in discovery. Exhibit A: this article.

[Timwi]

Hm, this article is absolutely about a court order that exhibits “[...] almost no regard for the privacy of parties not involved to a given dispute”, so I don't get your point. If your point is that OpenAI are contesting it, then that doesn't refute the original point that the legal system allows NYT to issue such a court order in the first place that needs contesting. Ideally the privacy of uninvolved parties would be protected by the legal system, not by OpenAI.

[JumpCrisscross]

> this article is absolutely about a court order that exhibits “[...] almost no regard for the privacy of parties not involved to a given dispute”

How? It’s compelling OpenAI retain data they have the contractual right and technical ability to retain. Nothing is being made public, other than the order itself. Nothing is even being transferred to the plaintiff’s legal team. (At some point it will be made available. But both sides will fight over what they have access to, with the court mediating. That’s a lot of regard for third parties’ privacy.)

[phendrenad2]

Right, and let's hope that nothing is transferred. Although the door is probably already too far open for that. The NYT shouldn't have access to user data. My personal data isn't a pawn in their lawsuit. I didn't sign up for that.

I do want to take this opportunity to encourage people to demand compensation from the NYT, if they do somehow get user data. After all, it's YOUR data. If someone uses it without you expressly agreeing to that use in a EULA, they are effectively engaging in piracy of your intellectual property, and you should be able to get damages. And if a judge approved it? Sue the judge, too. Hell, that's what the world has come to isn't it? The legal system is a big war between corporations and we, the people, are just carried on the wind.

(I am not a lawyer, but whatever the equivalent of a "lawyer" is in the court of public opinion, I think I'm slowly becoming one out of necessity)

[Timwi]

> It’s compelling OpenAI retain data they have the contractual right and technical ability to retain.

You were so close. It’s compelling OpenAI to retain data they also have the right and technical ability to delete. It removes OpenAI’s ability to protect privacy if they wanted to.

[JumpCrisscross]

> It removes OpenAI’s ability to protect privacy if they wanted to

It does not in any capacity prevent OpenAI from transferring everyone, globally, to zero data retention. This entire story is OpenAI trying to deflect the cost of its own decisions to the judiciary. Which is particularly shameful given the partisan attacks our courts are currently facing.

[thinkingtoilet]

The privacy onus is entirely on the company. If Open AI is concerned about user privacy then don't collect that data. End of story.

[acheron]

…the whole point of this story is that the court is forcing them to collect the data.

[thinkingtoilet]

You're telling me you don't think Open AI is already collecting chat logs?

[dghlsakjg]

Yes.

In the API that is an explicit option, as well as in the paid consumer product as well. The amount of business that they stand to lose by maliciously flouting that part of their contract is in the billions.

[const_cast]

I can't remember the last time a tech company has collected less data than they admit.

If you read the privacy policies you agree to, they have access to everything and outright admit it will be logged. That API option is merely a request, and absolutely need not be respected.

I can't believe we're still doing this rigamarole. If the product is not specifically designed, engineered, and open-sourced to be as privacy protecting as possible and it's not literally running on a computer you own, you have zero expectation of privacy. Once this has been proven 1 million times we don't need to prove it anymore, we can just assume and that's a very reasonable assumption.

[thinkingtoilet]

You can trust Sam Altman. I do not.

[Workaccount2]

"I'm wrong so here is a conspiracy so I can be right again".

Large companies lose far more by lying than they would gain from it.

[taormina]

No no, they are being forced to KEEP the data they collected. They didn't have to keep it to begin with.

[pj_mukh]

Isn't the only way to do that is for ChatGPT to run locally on a machine? The moment your chat hits their server they are legally required to store it?

[phendrenad2]

So if Microsoft gets a judge to compel Hacker News to give up your IP address, you'd be okay with that. Because it's 100% HN's fault for collecting the data in the first place? Are you a real person, er, toilet?

[Arainach]

What right to privacy? There is no right to have your interactions with a company (1) remain private, nor should there be. Even if there was you agree to let OpenAI do essentially whatever they want with your data - including hand it over to the courts in response to a subpoena.

(1) With limited well scoped exclusions for lawyers, medical records, erc.

[ChadNauseam]

Given how many important interactions people have with companies in our modern age, saying "There is no right to have your interactions with a company remain private" is essentially equivalent to saying "there is no right to privacy at all". When I talk to my friends over facetime or imessage, that interaction is being mediated by Apple, as well as by my internet service provider and (I assume) many other parties.

[wvenable]

> "There is no right to have your interactions with a company remain private" is essentially equivalent to saying "there is no right to privacy at all".

Legally that is a correct statement.

If you want that changed, it will require legislation.

[HDThoreaun]

Really not so simple. Roe v Wade was decided based on the implied right to privacy. Sure its been overturned but if liberals get back on the court it will be un-overturned

[wvenable]

Roe v Wade refers to the constitutional right to privacy under the Due Process Clause of the 14th Amendment. This is part of individual rights against the state and has nothing to do with private companies. There is no general constitutional right that guarantees privacy in interactions with private companies.

[maketheman]

Given the current balance of the court, I'd say it's about even odds we end the entire century without ever having had a liberal court the entire time. Best reasonable case we're a solid couple of decades from it, and even that's not got great odds.

We'd have a better chance if anyone with power were talking about court reform to make the Supreme Court justices e.g. drawn by lot for each session from the district courts, but approximately nobody is. It'd be damn good and long overdue reform, but oh well.

And the thing is, we've already had a fairly conservative court for decades. I'm pretty likely to die, even if of old age, never having seen an actually-liberal court in the US my entire life. Like, WTF. Frankly, no wonder so much of our situation is fucked up, backwards, and authoritarianism-friendly. And (sigh) any serious attempts to fix that are basically on hold for many decades more, assuming rule of law survives that long anyway.

[EDIT] My point, in short, is that "we still have [thing], we just have to wait for a liberal court that'll support it" is functionally indistinguishable from not having [thing].

[fallingknife]

A liberal court will probably start drawing exceptions to 1A out of thin air like "misinformation" and "hate speech." I'd rather stick with what we have.

[nativeit]

That’s presumably why legislation is needed?

[Analemma_]

> essentially equivalent to saying "there is no right to privacy at all".

As others have said, in the United States this is, legally, completely correct: there is no right to privacy in American law. Lots of people think the Fourth Amendment is a general right to privacy, and they are wrong: the Fourth Amendment is specifically about government search and seizure, and courts have been largely consistent about saying it does not extend beyond that to e.g. relationships with private parties.

If you want a right to privacy, you will need to advocate for laws to be changed; the ones as they exist now do not give it to you.

[tiahura]

No that is incorrect. See eg griswold, lawrence etc.

[Terr_]

That's a fallacy of equivocation, you're introducing a different meaning/flavor of the same word.

As it stands today, a court case (A) affirming the right to use contraception is not equivalent to a court case (B) stating that a phone-company/ISP/site may not sell their records of your activity.

[tiahura]

Your response hinges on a fallacy of equivocation, but ironically, it commits one as well.

You conflate the absence of a statutory or regulatory regime governing private data transactions with the broader constitutional right to privacy. While it’s true that the Fourth Amendment limits only state action, U.S. constitutional law, via cases like Griswold v. Connecticut and Lawrence v. Texas, and clearly recognizes a substantive right to privacy, grounded in the Due Process Clause and other constitutional penumbras. This is not a semantic variant; it is a distinct and judicially enforceable right.

Moreover, beyond constitutional law, the common law explicitly protects privacy through torts such as intrusion upon seclusion, public disclosure of private facts, false light, and appropriation of likeness. These apply to private actors and are recognized in nearly every U.S. jurisdiction.

Thus, while the Constitution may not prohibit a website from selling your data, it does affirm a right to privacy in other, fundamental contexts. To deny that entirely is legally incorrect.

[whilenot-dev]

Privacy in that example would be if no party except you and your friends can access the contents of this interaction. I wouldn't want neither Apple nor my ISP to have that access.

A company like OpenAI that offers a SaaS is no such friend, and in such power dynamics (individual VS company) it's probably in your best interest to have everything public if necessary.

[lxgr]

You're always free to keep records of your ChatGPT conversations on your end.

Why tangle the data of people with very different preferences than yours up in that?

[bobmcnamara]

> "there is no right to privacy at all"

First time?

[fc417fc802]

> There is no right to have your interactions with a company (1) remain private, nor should there be.

Why should two entities not be able to have a confidential interaction if that is what they both want? Certainly a court order could supersede such a right just as it could most others provided sufficient evidence. However I would expect such things to be both highly justified and narrowly targeted.

This specific case isn't so much about a right to privacy as it is a more general freedom to enter into contracts with others and expect those to be honored.

[nativeit]

Hey man, wanna buy some coke? How about trade secrets? State secrets?

[bionhoward]

It’s also a matter of competition…there are other AI services available today with various privacy policies ranging from no training by default, ability to opt out of training, ability to turn off data retention, or e2e encryption. A lot of workloads (cough, working on private git repos) logically require private AI to make sense

[levocardia]

But there's a very big difference between "no company is legally required to keep your data private" and "a company that explicitly and publically wants to protect your privacy is being legally coerced into not keeping your data private"

[nativeit]

No room here for the company’s purely self-interested motivations?

[1shooner]

>(1) With limited well scoped exclusions for lawyers, medical records, erc.

Is this referring to some actual legal precedent, or just your personal opinion?

[lxgr]

That may be your or your jurisdiction's view, but such privacy rights definitely exist in many countries.

You might have heard of the GDPR, but even before that, several countries had "privacy by default" laws on the books.

[phendrenad2]

It's funny that you're making explicit what people are implicitly claiming in these comments, but you're downvoted because people don't want to admit it.

[davedx]

Hello. I live in the EU. Have you heard of GDPR?

[Imustaskforhelp]

But if both the parties agree, then there should be The freedom to stay private.

Your comment is dystopian given how the interaction is basically like how some people treat ai as their "friend" imagine no matter what encrypted messaging app or smth they use, the govt still snoops

[fastball]

Dealer-Client privilege.