detective conan sure had a hard time cracking the case!
“The personal information we collect from you may be stored on a server located outside of the country where you live. We store the information we collect in secure servers located in the People’s Republic of China,” the privacy policy reads.
Oh the horror! Let’s look at what our glorious spawns-of-techbro heroism has for us in store:
spoiler
OpenAI processes your Personal Data for the purposes described in this Privacy Policy on servers located in various jurisdictions, including processing and storing your Personal Data in our facilities and servers in the United States. While data protection law varies by country, we apply the protections described in this policy to your Personal Data regardless of where it is processed, and only transfer that data pursuant to legally valid transfer mechanisms.
spoiler
When you access our website or Services, your personal data may be transferred to our servers in the US, or to other countries outside the European Economic Area (“EEA”) and the UK. This may be a direct provision of your personal data to us, or a transfer that we or a third party make.
So not only is your data “possibly” stored in one country, now there’s a possibility of it being stored in many different countries. Where’s the outcry for that?
Ok, so maybe your data being under the jurisdiction of another country is sus, right?
In another section about how DeepSeek shares user data, the company states that it may share user information to “comply with applicable law, legal process, or government requests.”
OH MY GOD SOUND THE ALARM!
ChatGPT:
spoiler
We may use Personal Data for the following purposes: […] To comply with legal obligations and to protect the rights, privacy, safety, or property of our users, OpenAI, or third parties.
Claude:
spoiler
Pursuant to regulatory or legal requirements, safety, rights of others, and to enforce our rights or our terms. We may disclose personal data to governmental regulatory authorities as required by law, including for legal, tax or accounting purposes, in response to their requests for such information or to assist in investigations. We may also disclose personal data to third parties in connection with claims, disputes or litigation, when otherwise permitted or required by law, or if we determine its disclosure is necessary to protect the health and safety of you or any other person, to protect against fraud or credit risk, to enforce our legal rights or the legal rights of others, to enforce contractual commitments that you have made, or as otherwise permitted or required by applicable law.
So not only can your data be subject to the authorities, but it’s also handed out to 3rd parties (mind you, DeepSeek does the exact same, so why is it any surprise?).
Not only does DeepSeek collect “text or audio input, prompt, uploaded files, feedback, chat history, or other content that [the user] provide[s] to our model and Services,” …
🤦… You get the idea now, bother yourself with the privacy policies of the respective contemporaries and CTRL + F to “User Content” or “User Input”… Same fucking shit.
Companies with AI models like Google, Meta, and OpenAI collect similar troves of information, but their privacy policies do not mention collecting keystrokes.
Yes, collecting keystrokes is probably the oddest thing here. To compare data farming giants with a decade and a half’s worth of data collection to a startup in terms of data collection is so astronomically dumb.
I could go on but I’m bored now. Do your own research.
off-topic here as well, why stop at privacy policies? EULAs can get wilder, best such example of which is Apple: