Privacy in the Age of AI: Strategies for Protecting Your Data


Artificial intelligence is no longer just the stuff of science fiction; generative AI tools are seeing massive adoption rates. Unsurprisingly, the marketing and advertising industry has embraced AI-driven tools with the most enthusiasm. According to the latest data from January 2023, 23% of marketers and ad professionals in the US use so-called AI to assist them in their daily work.

If you’re a marketing professional, you’ve probably spent a lot of time this year experimenting with these new tools, learning about use cases, reading guides on how to make perfect prompts, and figuring out productivity hacks. And that’s great.

But like all revolutionary inventions except, perhaps, for the wheel, AI-driven tools provide as many answers as they raise questions. The sheer scope of possibilities is hard to imagine. The same can be said of the risks, many of which we still need to address as countries, companies, or individuals.

There is indeed widespread confusion among policymakers about what to do with AI-generated content and how to establish healthy boundaries without stymying growth. Some companies have developed internal rules. Some industries are more directly concerned than others (think of the actors’ strike in Hollywood).

While regulations catch up with rapid progress, let’s look at the risks associated with AI today and how to safeguard your privacy online, both as a professional and a private individual.

AI-driven tools: a playground for creative people and hackers

On March 20, 2023, during a nine-hour window, the data of approximately 1.2 million ChatGPT subscribers was exposed. The data breach included an alarming number of data points: name, surname, email address, payment address, credit card type, credit card number (the last four digits only), and the credit card expiration date. Scary? It’s a foretaste of what’s to come. Let’s look at the two main AI-related privacy concerns.

Where does all of this data come from?

AI-driven marketing tools collect copious amounts of data to optimize output and train algorithms. This data is often personal and sensitive and can include information such as Social Security numbers and health records.

AI systems collect data for machine learning from various sources using a range of methods:

  • Web scraping: to extract information such as text, images, reviews, and prices from websites.
  • APIs (Application Programming Interfaces): offered by online platforms.
  • User inputs: data provided directly and voluntarily via surveys and forms.
  • Internet of Things (IoT): connected devices like your fitness watch or home assistant.
  • Social media APIs: allowing AI systems to access user-generated content, social media profiles, and interactions.
  • Data partnerships: where data providers share their data for machine learning purposes.

That’s a lot of data! On top of that, AI-driven tools also collect the prompts you use when generating content. Let’s take a closer look at the fine print.

The privacy policy of your favorite AI-driven tool

If you’ve ever used Midjourney to create visuals for a blog post or an ad campaign, information such as your username, IP address, text and image prompts, public chats, email address, and more has been collected. Midjourney also generously shares this information with “service providers, third-party vendors, consultants, and other business partners.”

Midjourney is an example here, but it’s no exception. Other popular tools, including Woodpecker for cold outreach emails or for social media content, are just as “generous.” Now, think of how many times you used financial figures or your name, the name of your company, or that of your clients when writing prompts.

AI best practices you can adopt right now

If you’re concerned about the privacy of your data and that of your clients, it’s best not to wait for legislators to draft and vote on privacy compliance measures. Create best practices for your team, even if you’re a one-person band. Here are our recommendations:

  • Read the privacy policy before you decide to use a tool or a subscription.
  • Ask your team to be transparent about the AI tools they are using and review them.
  • Make sure your team understands the privacy and security risks associated with AI tools.
  • Do not use names, including your company name, in your prompts. If you need a name, use a fake one instead. You can replace it later.
  • Avoid using any information that could harm you or your business when in the wrong hands: tax identification numbers, Social Security numbers, phone numbers, or financial information. Assume this information could be part of a data breach.
  • AI extensions often ask for extensive permissions. Read them carefully before accepting.

Once the damage is done, it can be undone (to some extent)

What if your personal information was part of a data breach, or you’ve been carelessly sharing it online? Don’t despair; it’s hard to keep anything private online, and this is bound to happen to most of us. There are several things you can do.

Let’s say you find your name and other data (e.g., age and address) when performing an online search. You can remove it or set it to private if it’s one of your social media profiles. When it’s a website you don’t own, you can contact the owner and kindly ask them to take it down. If that doesn’t work, you can ask the search engine to remove it from the results anyway. Google offers this option, but only if specific conditions are met.

Lastly, you’ll find that your data also lives in the vast repositories of people search sites. Fortunately, they are all legally obliged to offer a way to opt out, and you can usually do this in a couple of “easy” steps.

That said, if your personal information has been exposed in a data breach, chances are that it’s stored, shared, and sold without your knowledge in other places, too. To delete it from these obscure places, you can try an automated data removal service, which will contact data brokers for you and get your data off their extensive lists. An additional perk is that a good data removal tool will perform this clean-up regularly and periodically so that once deleted, your data doesn’t find its way back onto the data market.

Let’s celebrate but stay on guard

It goes without saying that AI-driven tools are the way of the future. We’re only getting started. Imperfect as they are for now, AI systems will gradually become better at processing data and “understanding” our needs. We’ll keep improving their algorithms and feeding them data to make this happen. Safeguarding our own data and using others’ data responsibly will become just as important. Given the current legislative limbo, this responsibility is all on our shoulders for now.


No posts to display