Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Unless they move ChatGPT in house, privacy assurances are just words on a piece of paper. They would have to trust OpenAI, meaning they would have to trust Microsoft, with their internal data. Doubt they would do that instead of waiting for the hype to die down and download one of the many ChatGPT clones that'll be available within a year and run it in house.


> Unless they move ChatGPT in house, privacy assurances are just words on a piece of paper.

No, these are words that are enforced by law. As much as Microsoft might want to take a peak, it would be financially ruinous


Only if you get caught, and it's pretty hard to get caught when you peek at some logs in the servers located in the same room as you. Besides, leaks happen all the time and the fines aren't too bad either.


The real question is why would MS risk losing the business from Apple in such a context.

There are ways to set up incentives such that large corporations will follow the rules. There are myriad examples of this. But in most cases you can ask what is more profitable: Taking $1B+ a year from Apple for hosting an internal ChatGPT service from them, or maybe, if they're lucky, stealing trade secret that MS will never be able to compete against Apple with anyway?

This is all hypothetical; I just want to point out that these businesses are not just waiting to do evil things, they simply respond to incentives, like any business.


There could be some very juicy promotions in it for middle managers who secretly help themselves to a peek at that data and use it to make decisions

That's been a major problem at Amazon where they launch competitors to their biggest and most successful marketplace sellers' cash cows


I work in data privacy and grc. First, a random middle manager cannot simply peek at customer prod data, that’s seriously locked down. Second, attempting to do this would get you immediately terminated.


They are just words on paper. They're words on paper that you can sue over if the promises are broken, of course, but that doesn't at all eliminate the fact that you have to trust the entity you're dealing with.


But that's true of every vendor you work with, in just about any capacity. Even if you run your own on-prem infra, you're still trusting that your vendor-supplied hardware and software doesn't have any backdoors or other data leaks.

Businesses put a ton of trust in contracts—with hefty penalties for breaking them—all the time. Our entire economy is built on this.


> But that's true of every vendor you work with, in just about any capacity.

Yes, that was part of my point.

Contracts are a mechanism that are heavily relied upon, no question about it. But their role is really more about making the terms of a deal crystal clear. In terms of legal enforceability, that is certainly a very important thing, but it's not like contract are a panacea. As the old saying goes, a contract is only as good as your ability to enforce it is, and lots of contract violations go unpunished simply because the one who was violated can't afford to sue.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: