Activity: what happens to my data?

When you are using any kind of online tool, it is pretty important to know what happens to your information and how it might get saved, used or sold. Most of us don't read the terms and conditions for familiar types of activities like shopping with a trusted brand, or browsing webpages, or using online banking or the office software our employer provides us with. Or even this Canvas area, for that matter. We are quite trusting, or else we don't care, or it seems too complicated to follow up. But it is always worth having a look. And with GenAI, we may have an additional concern: is the information we share with the tool going into training the next generation of tools? What would happen if you uploaded a draft funding proposal or academic article - could your ideas somehow be distributed to other users? 

The European Union is covered by quite strict laws about data protection (the GDPR) and software companies operating in the EU must comply. AI products are also covered by these laws. However, you might be using a tool which is physically located outside the EU. 

This short activity is designed to encourage you to find out what is promised so that you can include the information in your decision-making in relation to GenAI tools. 

This also a great activity to do with groups of students as part of your discussions about GenAI

Aim: To find out what data is collected when you use a chosen GAI tool and what happens to it

Objective: To encourage reflection on data privacy in relation to GAI tools

Activity:

      1. Identify a GAI chat tool from this list or any other tool you have seen. 
      2. Go to the website for the tool and/or the company which manufactures it. Look for a page called ‘terms of use’ or ‘terms and conditions’. Read down the page. You may need to choose the terms of use which apply to your geographical location, since laws vary. Sometimes there is a separate ‘Privacy Policy’. This is what you should be looking for. Here is a short screencast to show how I found the chatGPT policy

      3. Look at the policy and review it.
      4. Is it understandable?
        • If not, try doing an online search for Company X Privacy Policy and see if any journalists or other technology writers have commented on it. Think about whether you should use a tool where the policy is not understandable. 
      5. Once you are clear about the policy, ask yourself if you are happy with the conditions. How long is your data stored? What can it be used for? Are you able to request deletion of your data? If you delete your account, is the data deleted? 

Of course, these are questions you can and should ask about any software.