The OPSEC Podcast
AI assistants have been positioned as productivity tools. Structurally, they are the most sophisticated data collection interfaces ever built — ones that convince users to voluntarily disclose their most sensitive information in the form of natural language conversation. This episode covers what ChatGPT, Gemini, and Copilot actually do with your data, the corporate exposure epidemic (77% of employees are transmitting sensitive data to AI tools), how AI has supercharged the data broker industry through psychographic inference, and the government access problem that no privacy setting can fully solve. Key Stats - 4% of AI prompts and 20% of file uploads contain sensitive information (Harmonic Security, 2025) - 3 million sensitive records exposed per organization by GenAI tools in H1 2025 - 77% of enterprise employees leak sensitive data via AI tools - 67% of AI tool interactions happen on personal accounts IT cannot monitor - 802,000 files at risk per organization in Microsoft 365 environments (Copilot access surface) - 16% of business-critical Microsoft 365 data is overshared - Psychographic AI inference: 70%+ accuracy predicting political, religious, psychological traits from behavioral data - OpenAI privacy audit score: 48/100 (Grade D), 2026 Settings to Change Right Now: - ChatGPT: Settings → Data Controls → disable "Improve the model for everyone" - ChatGPT: Settings → Personalization → Manage Memory → audit and delete stored facts - ChatGPT: Use Temporary Chat for sensitive queries - Gemini: myaccount.google.com → Data & Privacy → Gemini Apps Activity → turn off - Copilot: Microsoft account privacy dashboard → review AI data settings Key Takeaways - AI interfaces are designed with conversational warmth specifically because it increases disclosure — that design is a data collection strategy - Deletion does not guarantee destruction: the May 2025 federal court order proved ChatGPT "deleted" conversations can be preserved under legal hold - Default on every major AI platform is collection; opt-out requires navigating settings most users don't know exist - The corporate exposure problem is structural — 67% of AI usage happens on personal accounts IT cannot see - AI psychographic inference manufactures sensitive personal data from behavioral signals — no explicit disclosure required - Privacy-respecting alternatives exist: Confer and Lumo for cloud AI, Ollama for local maximum-security work - Three-tier framework: Confer or Lumo → Ollama for sensitive work → commercial platforms only when the trade-off is consciously accepted Every prompt you type into ChatGPT, Gemini, or Copilot is a data transmission you didn't think of as one. The lawyer who pasted in the brief. The HR director who described the investigation. The founder who uploaded the cap table. None of them made a mistake by their own understanding — but they all made one. Stop treating AI interfaces as private spaces. They are not. Use the tools that were actually built to be — and make that decision before the conversation you can't afford to have retained. Your privacy and your security is your responsibility. ---------------------------------------- Hosted on Acast. See acast.com/privacy [https://acast.com/privacy] for more information.
22 episoder
Kommentarer
0Vær den første til at kommentere
Tilmeld dig nu og bliv en del af The OPSEC Podcast-fællesskabet!