Avoid placing trust in any responses from chatbots, especially when it comes to sharing personal information. Recent research from the Mozilla Foundation highlights serious security and privacy issues in 11 romance and companion chatbots. These apps, collectively downloaded over 100 million times on Android devices, pose significant risks as they collect extensive user data, utilize trackers sending information to Google, Facebook, and companies in Russia and China, allow weak passwords, and lack transparency regarding ownership and the underlying AI models.
The emergence of large language models like ChatGPT has led to a surge in chatbot development, raising concerns about privacy neglect. The study exposes potential misuse of chat messages by hackers and underscores the need for heightened awareness. Many romantic chatbots, often labeled as “AI girlfriends” or “AI boyfriends,” share common features, including AI-generated images with sexualized content and provocative messages. The Mozilla researchers scrutinized various chatbots, revealing a range of issues across apps offering companionship, intimacy, or role-playing scenarios.
Jen Caltrider, project lead for Mozilla’s Privacy Not Included team, notes several concerns with these apps. Many fail to provide clear information about data sharing practices, location, or creators. Some permit the use of weak passwords, while others lack transparency regarding their AI models. Legal documentation for these apps is often vague, contributing to a lack of trust in these companies.
One example, Romantic AI, promises not to sell user data, but the analysis reveals it sent out 24,354 ad trackers within one minute of use. The study highlights the commonality of such practices across multiple companies, many of which did not respond to requests for comment.
Caltrider emphasizes the ambiguity surrounding ownership and operation of these companies, with some being small and nameless. Mozilla also points out weak security practices in password creation for some apps, highlighting the risk of unauthorized access to user accounts and chat data.
In conclusion, users are urged to exercise caution and be skeptical of the privacy and security practices of romance and companion chatbots, as their widespread use may inadvertently compromise personal information and expose users to potential risks.