Conversations with ChatGPT feel private, but it’s important to understand the main privacy implication: you may not be the only one who can access these messages.
This guide explores ChatGPT’s privacy measures and limitations by answering key questions:
- Who can see my ChatGPT conversations?
- Under what circumstances can others access my ChatGPT’s messages?
- How can I enhance privacy when conversing with the AI chatbot?
Can People See Your ChatGPT History?
Your ChatGPT conversations aren’t as private as you may think. Depending on the circumstances, several parties could have access to your conversations, including:
- OpenAI employees
- Account administrators
- People who received your link
- Individuals who have access to your device
- Participants in a group chat
- Government authorities
1. OpenAI Employees
According to OpenAI (the company behind ChatGPT), a limited number of its authorized team members can access user content. Per the privacy policy, OpenAI employees could go through your ChatGPT conversations under the following scenarios:
- Investigating abuse or a security incident
- Offering support for your account-related issues or concerns
- Handling legal matters
- Improving model performance (on an opt-in basis)
OpenAI claims to document all access to user content. Additionally, all authorized personnel must undergo special training before being granted access to your conversations.
2. Account Administrators
Besides individual plans, ChatGPT offers packages for companies and educational institutions, such as:
- ChatGPT Enterprise
- ChatGPT Edu
- ChatGPT Business
- ChatGPT for Teachers
These plans differ from individual ones in terms of ownership, control, and security compliance. Account administrators have more freedom to customize their settings related to areas such as:
- Data retention
- Access control
- Model training
Account administrators for ChatGPT Edu and ChatGPT Enterprise plans can also access audit logs of conversations and GPTs through the Enterprise Compliance API. The output can be connected to the following tools:
- eDiscovery: Help identify and collect electronic information that can be leveraged as evidence in legal cases
- Data loss prevention (DLP): Detect and prevent data breaches and unauthorized access to and use of sensitive information
- Security information and event management (SIEM): Provide real-time analysis of security alerts generated by network hardware or apps
Account Administrators for ChatGPT Business and ChatGPT for Teachers plans can manage workspaces and access, but they can’t access your conversations.
3. People Who Received Your Link
ChatGPT offers a Shared Links feature that enables you to share your chatbot conversations with coworkers, friends, or collaborators instead of taking screenshots. To better understand the privacy implications of sharing links to ChatGPT conversations, keep the following rules in mind:
Rule | Explanation |
Anyone with access to the link can see the shared conversation | If you send a link to one person, and they share it with five others, everyone who receives the link will be able to see your ChatGPT conversation. |
Your entire conversation is visible | Every message you exchanged with ChatGPT within the thread, up to the point when you created the link, will be visible via the link. |
You can delete the conversation to make the link unusable | Once you delete the conversation, the shared link will no longer work. Note that the people you have previously shared the link with may have imported the conversation into their chat history, so they may be able to access the conversation even after you’ve deleted it. |
4. Individuals Who Have Access to Your Device
If you’ve logged into your ChatGPT account from a computer at work or school or a work phone you share with others, and forget to log out, other people with access to these devices will see your conversations when they open the chatbot. Theoretically, these people could see your entire ChatGPT history if you weren’t consistently deleting past conversations.
Even if you’ve logged out, some browsers might automatically save your login credentials, allowing others to quickly access your account and browse your ChatGPT history.
5. Participants in a Group Chat
One of ChatGPT’s most recent features is group chats. It allows users to collaborate with each other and the chatbot within a single conversation, simplifying communication and collaboration.
You can invite up to 20 people to a ChatGPT group conversation by sharing a link. Anyone who has been invited to a conversation can also share the link to bring others in, so you don’t have absolute control over the group despite initiating the chat. Likewise, group chat participants can remove others from the chat (with the exception of the group creator).
Every participant can see the messages in the chat, so be mindful of what you send to the group, especially if there are people you don’t know well or at all. However, other users can only see the chat they’re a part of, not your private conversations with ChatGPT.
6. Government Authorities
OpenAI may share your personal information and interactions with its services, including ChatGPT, with government authorities and other third parties if it:
- Is required to do so to comply with a legal obligation
- Needs to defend and protect its rights or property
- Determines that there was a violation of its terms, policies, or the law
- Needs to protect the safety, integrity, and security of its products and services
- Wishes to detect or prevent fraud or other illegal activities
- Needs to protect itself against legal liability
Another scenario in which ChatGPT may reach out to law enforcement is if it identifies a user planning to harm others. In such cases, OpenAI refers the conversations to specialized pipelines of human reviewers. If they determine the conversation indicates a threat, they will reach out to law enforcement.
This practice sparked discussion on online forums. Some users praise OpenAI for the policy, saying it prevents real-world violence. Others see it as a sign of limited privacy in ChatGPT conversations, raising concerns about how confidential their interactions with the AI chatbot are.
Bonus: Read our reviews exploring the security and privacy of other popular apps:
5 Ways To Enhance Your Privacy While Using ChatGPT
The privacy of ChatGPT conversations isn’t guaranteed, but you can still take steps to protect it. Here’s practical advice for using ChatGPT efficiently while avoiding potential privacy risks:
- Use ChatGPT without logging in
- Disable model training
- Avoid sharing confidential or personal information
- Use temporary chats
- Avoid signing in with Google
1. Use ChatGPT Without Logging In
You can use ChatGPT without creating an account or logging in. This is an excellent option for those who want to leverage the chatbot and ensure their personal or account information isn’t tied to the platform.
There are no limitations in terms of what you can ask or how you can interact with ChatGPT, but you should consider a few drawbacks of not logging in:
- You won’t be able to save your conversations and return to them in the future.
- You won’t have access to advanced GPTs.
- You won’t get personalized recommendations.
2. Disable Model Training
ChatGPT uses your data to train models and improve their performance and accuracy. In other words, everything you say can be used to shape the AI system, which represents a major concern for privacy-conscious individuals.
OpenAI allows you to opt out of model training and thus protect your data, and here’s how:
- Open ChatGPT and go to your profile
- Choose Settings
- Go to Data controls and switch the toggle button next to Improve the model for everyone
3. Avoid Sharing Confidential or Personal Information
Even if you follow privacy best practices and use ChatGPT with caution, you should still remember that it’s an AI tool with no human-grade reasoning or understanding and that your interactions could be accessed under specific circumstances.
To further protect yourself and prevent compromise, never share confidential or personal data with the chatbot, such as your personally identifiable information or classified work data. You should also avoid uploading documents, financial statements, bills, photos, or anything that could compromise your privacy.
4. Use Temporary Chats
Temporary chats are a ChatGPT feature that allows you to interact with the chatbot while:
- Keeping the conversation out of your chat history and ChatGPT’s memory
- Ensuring your data isn’t used for training
This feature can come in handy for more sensitive or personal conversations you don’t want in your history.
5. Avoid Signing In With Google
If you sign up with Google or another third party, you risk some of your information being shared between ChatGPT and that platform. Plus, if someone gains access to your Google account, they could potentially log into your ChatGPT and see the entire chat history.
The most privacy-friendly way is to sign in using your email address and a strong password. A valuable alternative is Apple’s Sign in with Apple option, because it lets you hide your email address for more privacy.
Mitigate Network-Level Threats To Enhance Privacy
While much of the discussion around ChatGPT and similar platforms focuses on privacy and security, many users overlook other, broader factors that can affect them. One often-overlooked concern is the choice of a mobile carrier.
For most mobile carriers, including AT&T, Verizon, and Mint Mobile, all the communication that travels through their network is prone to risks like interception and data breaches. It's crucial to choose a carrier that minimizes the risk of such external threats and keeps your data secure. A privacy-first carrier such as Cape achieves this through minimal data collection, an independent mobile core, and a host of advanced features.
Cape Makes Security the Standard: Here’s How
Cape is America’s privacy-first mobile carrier, providing premium, unlimited, and nationwide call, text, and data. Unlike other providers, our service is built from the ground up with privacy and security at its core.
Mainstream carriers track you and store your data, often without your consent. Cape takes a different path—we collect the absolute minimum amount of information to provide you with service.
Any information we do collect is retained for the minimum amount of time possible. Most carriers store call data records (CDRs) for years, sometimes indefinitely. Cape stores yours for just 24 hours, and we have a commitment to never sell your data.
Cape service includes security features that no other carrier offers:
- Minimal Data Collection: During onboarding, we don’t ask for your name, Social Security number, or address. We only collect what’s necessary to provide you with service, and we retain it for the minimum amount of time possible.
- Identifier Rotation: Every SIM card has an International Mobile Subscriber ID (IMSI), a unique identifier which your device uses to register with cellular networks. Most carriers assign a fixed IMSI that stays the same for the life of your account, making it easy for your carrier, advertisers, and bad actors to identify and track your device over time. Cape breaks that pattern by allowing subscribers to automatically rotate their IMSI every 24 hours, so you appear as a different subscriber every day, making it much more difficult for anyone to follow or track your movements.
- Secondary Numbers: Your phone number is a target for data brokers and scammers. Retailers, websites, apps—everyone is routinely asking you to share your number with them, which exposes you to a variety of risks. Many turn to VoIP numbers to use as secondary lines, which can be helpful, but cost extra, don’t work with 2FA, and aren’t encrypted. Cape provides subscribers with two free additional SMS/MMS lines that are middle-to-end encrypted. With Secondary Numbers, you can reserve your primary number for communicating with your close friends and family, and use Secondary Numbers for anything from shopping and signing up for discounts, to receiving secure OTPs.
- Disappearing Call Logs: Call and text records reveal intimate patterns, including your closest contacts, timing, and behavioral rhythms, and most carriers risk your privacy by storing the data long term. That’s why Cape automatically deletes these records after just 24 hours. We’re built to forget.
- Last Mile Encrypted Texting: SMS messages are unencrypted, yet many of us still use it to receive One-Time Passwords (OTPs) for our most sensitive accounts, leaving them vulnerable to a variety of threats. Cape allows subscribers to encrypt and route all SMS/MMS messages through the Cape app. When enabled, SMS/MMS messages sent to Cape subscribers will be middle-to-end encrypted and decrypted securely within the Cape app. This protects any messages that may be intercepted from being read. This feature is only available on iPhone; Android coming soon.
- SIM Swap Protection: A SIM swap happens when an attacker convinces your carrier to transfer your number to their device, allowing them to receive your calls and texts, trigger password resets, and gain access to your accounts. Cape protects against SIM swaps by removing humans entirely from the loop. During sign-up, you receive a 24-word phrase that generates a private key tied to your number. This phrase is the only way to move your number to a new device or carrier. No one, not even Cape, can transfer your number without your phrase, giving you full control over your number.
- Network Lock: Traditional cellular networks were designed for interoperability, not security. Outdated and legacy network protocols like SS7 have vulnerabilities that allow attackers to hack in and track your location, intercept your calls and texts, and steal sensitive information. Cape’s Network Lock uses a proprietary signaling proxy to verify that your device’s physical location matches the network it’s trying to attach to. If anything looks suspicious, like a mismatched location, we block the connection.
- Encrypted Voicemail: Voicemails can reveal more than you think, from personal messages to authentication codes, yet most voicemail systems are outdated and unencrypted. Cape encrypts your voicemails so that only you can access them.
- Secure Global Roaming: While you’re traveling abroad, your phone connects to local telecom providers to provide you with connectivity. But not all networks are secure, and not all governments treat privacy the same. Cape routes your traffic through our U.S.-based mobile core. Our Secure Global Roaming gives you the convenience of international data roaming without exposing your identity or communications. You get up to 15GB per month of international roaming included in your plan.
These features are made possible because we’re a “Heavy” Mobile Virtual Network Operator (MVNO).
Other MVNOs (such as Mint Mobile, Cricket, etc.) simply ride on top of the mobile core, SIMs, and physical infrastructure of their underlying MNO partner. At Cape, we actually own our own mobile core and provision our own SIMs. This gives us control over how accounts are authenticated, what data we do and don’t collect, how long we retain it for, as well as the ability to build proprietary features like Identifier Rotation. No other carrier on the market has this capability.
Reclaim Your Privacy: Switch to Cape Today
Ready to ditch traditional telcos and switch to a privacy-first mobile carrier? Visit cape.co/get-cape to sign up.
Try Cape completely risk-free for just $30 for your first month. No contracts, no personal or credit card info needed, no hidden fees or taxes, and no strings attached.
Thanks to our partnership with Proton, you can also take your privacy a step further and get Proton Unlimited or Proton VPN Plus for only $1 for the first six months.
