OpenAI Adds a Security Portal

June 1, 2023

OpenAI has a new web page, which they call a Trust Portal for the OpenAI API. They are trying to assure everyone, especially EU citizens and lawyers everywhere, essentially that they will keep keep their mouths shut and not leak your private information.

Note images here are all by me, Losey, and Midjourney. As always, they attempt to convey the emotional, sensory metadata underlying this blog.

OpenAI goes on to say that this new web is “your gateway to understanding our unwavering commitment to data security, privacy, and compliance.” A great way for you to access OpenAI’s “comprehensive compliance documentation, find answers to frequently asked questions related to security and privacy, and explore our robust security practices.” Then, in even more PR type GTP predictable language, if that is even possible, OpenAI assures everyone that this new information resource is all “part of the company’s ongoing efforts to maintain transparency and build customer trust.”

Uh, huh, sure. I guess it is a start. So enough talk, show me. They say that they shush everyone good, but prove it. Turns out that is easier said than done. In fact, I am still waiting as this blog will explain.

OpenAI then goes on with the buzz words to say how terribly concerned the company is about maintaining the confidentiality of customer data. (Where is Sam Altman now? Still trying to keep the EU from shutting him down due to Europe’s litany of privacy concerns?) Open AI wants their customers to “feel confident” in their abilities. Yada yada – very predictable — obviously not written for lawyers and other privacy experts. Doubt the EU politicians will buy this puff stuff either. Then, without even a hint of irony, OpenAI discloses the names of some of their big corporate customers. Of course, no law firms are mentioned.

After all the marketing hype, Open AI finally shows links to many serious looking privacy papers, cybersecurity related documents and other hard facts. But the links are all dead. Again, without even a hint of irony or self-awareness, OpenAI makes it impossible to access any of these documents without first filling out an online disclosure form. Not only that, you must first click to agree to their self-serving agreements and lengthy disclaimer forms. Here is what it looks like.


So I did that. I gave up my personal information and clicked the links. There were not one, but four documents you are supposed to review and agree to. I opened one of them, the Terms of Service Agreement of Safebase (I don’t really know who or what that is). I do know the agreement is 6,009 words long. I did not read it, but I had my computer count the words. I also had my computer count the number of words in Open AI’s Privacy Policy – 2,382 words. Who has time to read all that? Ok, if you pay me, I will happily read all four of them. Otherwise, like everyone else, no.

So far, the actions required by the user in this webpage directly contradict the hype. This form and thousands of pages of click agreements are more like a roadblock, not a “gateway” to maintain transparency and build customer trust.” I signed anyway, but with a growing level of mistrust, not trust. But wait, it gets even worse.

OpenAI instantly rejected my first submission of a request for access to documents, which is the whole purpose of this Security Portal. The application I filled out was rejected automatically and instantly, because I provided them with my personal email account. That’s what it told me. Oh no, none of that. It made me submit my work email address. How did it even know that about me? That the address I submitted, a gmail account, was personal and not business? Like a good, compliant worker drone I changed my answers on their form and provided my work email address. And voila! This time the form request instantly went through. A message popped up saying my request for access had been received, but access was still not granted. Oh no. Instead, I was told I would be notified after my request for access had been considered.

In the meantime, none of the links are live. There is nothing more to see here. Move along. If I am ever granted access to the OpenAI’s Trust Portal, then maybe I’ll write a part two, maybe. Till then I have nothing more to say. Try it out and see for yourself. By the way, in case you are not sure, these last two images are in the style of Picasso.

%d bloggers like this: