The recent disclosure by the White House of voluntary safety and societal commitments signed by seven AI companies highlighted a significant omission: the lack of any mention regarding the handling of data collected by these AI systems for training purposes. This raises concerns about potential harm caused by sophisticated generative AI systems, especially regarding the utilization and safeguarding of sensitive information. The companies developing these systems have provided little transparency on the origin and usage of the massive amounts of data required. The recent viral tweet accusing Google of scraping Google Docs for AI training data further adds fuel to these concerns. While the accuracy of the tweet remains uncertain, it underscores the need for clarification on data practices. Tech companies have not previously engaged in the kind of broad data aggregation that generative AI involves, leading to increased risks of privacy breaches and professional obsolescence. The legal implications surrounding data ownership and utilization are still being debated, with ongoing lawsuits, regulatory investigations, and potential legislative action. As an individual, it may be challenging to address the data already collected, used, and potentially monetized by these companies. Scenarios arise where public information is scraped and incorporated into products without explicit user consent, taking advantage of the absence of comprehensive privacy regulations. The lack of transparency from generative AI companies regarding data sources compounds these concerns.

Government agencies, such as Italy's ban on ChatGPT due to privacy issues and the Federal Trade Commission's investigation of OpenAI, are beginning to scrutinize these practices. However, progress in enacting effective data privacy legislation remains uncertain, despite growing interest and calls for action from lawmakers. The absence of a federal consumer online privacy law in the US leaves many individuals with limited rights in protecting their data. Consequently, legal action and court proceedings may play a vital role in determining privacy rights concerning generative AI. Measures like opt-out options and data deletion tools for specific jurisdictions are required from companies to address privacy concerns. However, existing policies fall short in ensuring comprehensive data protection. Despite recent changes in OpenAI's policy, issues regarding data handling and potential defamation cases persist. Unfortunately, there is no straightforward solution for individuals to address these concerns, as current privacy issues arise from a historical absence of robust privacy laws. While limiting the amount of data shared online can help, it cannot fully address the data already collected and used. Resolving these concerns requires comprehensive privacy legislation, proactive transparency measures, opt-out options, compensation mechanisms, and responsible data sourcing practices.