Overview

Since the public release of Open AI's ChatGPT, Google's Bard, and other similar systems, some Members of Congress have expressed interest in the risks associated with "generative artificial intelligence (AI)." Although exact definitions vary, generative AI is a type of AI that can generate new content—such as text, images, and videos—through learning patterns from preexisting data. It is a broad term that may include various technologies and techniques from AI and machine learning (ML).¹

Generative AI models have received significant attention and scrutiny because of their potential harms, such as risks involving privacy, misinformation, copyright, and nonconsensual sexual imagery. This report focuses on privacy issues and relevant policy considerations for Congress. Some policymakers and stakeholders have raised privacy concerns about how individual data may be used to develop and deploy generative models. These concerns are not new or unique to generative AI, but the scale, scope, and capacity of such technologies may present new privacy challenges for Congress.

What Is Generative AI?

Generative AI can generate new content—such as text, images, and videos—through learning patterns from data.³ There are many types of generative AI models (see Figure 1), which can produce content based on different inputs or "prompts." For example, some models can produce images from text prompts (e.g., Midjourney, Stable Diffusion, DALL-E), while others create videos (e.g., Gen2 or Meta's Make-A-Video).

Some scholars and policymakers have recently coined the term "general-purpose AI (GPAI) models" to describe applications like ChatGPT that can complete various functions.⁴ These GPAI models may have a wide range of down-stream applications compared to single-purpose models designed for a specific task. Many general-purpose AI applications are built on top of large language models (LLMs) that can recognize, predict, translate, summarize, and generate language.⁵ LLMs are a subset of generative AI and are characterized as "large" partly because of the massive amount of data necessary for training them to learn the rules of language.

Figure 1. Examples of Generative AI Models

Source: Stable Diffusion and ChatGPT, via CRS. The image was generated by Stable Diffusion, and the text response was generated by ChatGPT.

How Do Generative AI Models Use Data?

Data are essential to train and fine-tune AI models. Generative AI models require especially large datasets for training and fine tuning.

Generative AI models, particularly LLMs, require massive amounts of data. For example, OpenAI's ChatGPT was built on an LLM that trained, in part, on over 45 terabytes of text data obtained (or "scraped") from the internet. The LLM was also trained on entries from Wikipedia and corpora of digitized books.⁷ Open AI's GPT-3 models were trained on approximately 300 billion "tokens" (or pieces of words) scraped from the web and had over 175 billion parameters, which are variables that influence properties of the training and resulting model.⁸

Critics contend that such models rely on privacy-invasive methods for mass data collection, typically without the consent or compensation of the original user, creator, or owner.⁹ Additionally, some models may be trained on sensitive data and reveal personal information to users. In a company blog post, Google AI researchers noted, "Because these datasets can be large (hundreds of gigabytes) and pull from a range of sources, they can sometimes contain sensitive data, including personally identifiable information (PII)—names, phone numbers, addresses, etc., even if trained on public data."¹⁰ Academic and industry research has found that some existing LLMs may reveal sensitive data or personal information from their training datasets.¹¹

Some models are used for commercial purposes or embedded in other downstream applications. For example, companies may purchase subscription versions of ChatGPT to embed in their various services or products. Khan Academy, Duolingo, Snapchat, and other companies have partnered with OpenAI to deploy ChatGPT in their services.¹² However, individuals may not know their data were used to train models that are monetized and deployed across such applications.

Some countries have taken action against AI developers for improper use of personal information. For example, the Italian Data Protection Authority issued a temporary ban preventing OpenAI from using Italian users' data.¹³ After agreeing to certain changes—such as allowing users to submit removal requests for personal data under the European Union's (EU's) General Data Protection Regulation (GDPR)—OpenAI restored access to its service for users in Italy.¹⁴

Where Do the Data Come From?

Many AI developers do not disclose the exact details of their training datasets. For generative AI, most training data are scraped from publicly available web pages before being repackaged and sold or, in some cases, made freely available to AI developers.

Some AI developers rely on popular large datasets such as Colossal Clean Crawled Corpus (C4) and Common Crawl, which are amassed through web crawling (i.e., software that systematically browses public internet sites and collects information from each available web page). Similarly, AI image generators are commonly trained on a dataset called LAION, which contains billions of images scraped from internet sites and their text descriptions.¹⁵ Some companies might also use proprietary datasets for training.

Generative AI datasets can include information posted on publicly available internet sites, including PII and sensitive and copyrighted content. They may also include publicly available content that is erroneous, pornographic, or potentially harmful. Since data may be scraped without the creator's consent, some artists, content creators, and others have begun to use new tools such as "HaveIBeenTrained" to identify and report their own content in such databases. In a 2023 investigation, The Washington Post and Allen Institute for AI analyzed the websites scraped for the C4 dataset, which is used by AI developers including Google, Facebook, and OpenAI.¹⁶ The investigation found that the C4 dataset included websites with copyrighted content as well as potentially sensitive information, such as state voter registration records.

These forms of data collection may also raise questions about copyright ownership and fair use. For a discussion of copyright issues and generative AI, see CRS Legal Sidebar LSB10922, Generative Artificial Intelligence and Copyright Law, by Christopher T. Zirpoli.

What Happens to Data Shared with Generative AI Models?

Some critics have also raised concerns that user data shared with a generative AI application—such as a chatbot—may be misused or abused without the user's knowledge. For example, a user may reveal sensitive health information while conversing with a health care chatbot without realizing their information could be stored and used to retrain the models or for other commercial purposes. Many existing chatbots have terms of service that allow the company to reuse user data to "develop and improve their services."

These concerns may be particularly pertinent for generative models used in interactions or services that commonly result in the disclosure of sensitive information, such as advising, therapy health care, legal, or financial services. In response, some critics have argued that chatbots and other generative AI models should require affirmative consent from users or provide clear disclosure of how user data are collected, used, and stored.

Policy Considerations for Congress

Existing Data Privacy and Related Laws

The United States does not currently have a comprehensive data privacy law. Congress has enacted a number of laws that create data requirements for certain industries and subcategories of data, but these statutory protections are not comprehensive. For example, the Gramm-Leach-Bliley Act (P.L. 106-102) regulates financial institutions' use of nonpublic personal information, while the Health Insurance Portability and Accountability Act (HIPAA; P.L. 104-191) requires covered entities to protect certain health information. Under current U.S. law, generative AI may implicate certain privacy laws depending on the context, developer, type of data, and purpose of the model. For example, if a company offers a chatbot in a video game or other online service directed at children, the company could be required to meet certain requirements under the Children's Online Privacy Protection Act (COPPA; P.L. 105-277).

Additionally, certain state laws on privacy, biometrics, and AI may have implications for generative AI applications. In many cases, the collection of personal information typically implicates certain state privacy laws that provide individuals a "right to know" what a business collects about them, how their data are used and shared, the "right to access and delete" their data, or the "right to opt out" of data transfers and sales.¹⁷ However, some of these laws include exemptions for the collection of public data, which may raise questions about how and whether they apply to generative AI tools that use information scraped from the internet.

In the absence of a comprehensive federal data privacy law, some individuals and groups have turned to other legal frameworks (e.g., copyright, defamation, right of publicity) to address potential privacy violations from generative AI and other AI tools. For example, some companies have faced class action lawsuits for possible violations of right of publicity state laws, which protect against unauthorized use of an individual's likeness for commercial purposes.¹⁸

Congress may consider enacting comprehensive federal privacy legislation that specifically addresses generative AI tools and related concerns. In doing so, Congress may consider and evaluate similar state and international efforts. For example, the EU's proposed AI Act includes various articles on data regulation, disclosures, and documentation, among other requirements. The EU AI Act recently added a category for general purpose AI systems and foundation models, another term used for AI models that train on large amounts of data and can be adapted for various tasks.¹⁹

Proposed Privacy Legislation

Some Members of Congress have proposed various comprehensive or targeted privacy bills with requirements that could impact generative AI applications. These are three common mechanisms included in various privacy bills:

• Notice and disclosure requirements. Currently, most generative AI applications do not provide notice or acquire consent from individuals to collect and use their data for training purposes. Congress may consider requiring companies developing or deploying generative AI systems to (1) acquire consent from individuals before collecting or using their data or (2) notify individuals that their data will be collected and used for certain purposes, such as training models. Some scholars dispute the efficacy of notice and consent requirements.²⁰
• Opt-out requirements. Congress may consider requiring companies to provide users an option to opt out of data collection. Of note, opt-out systems may not necessarily protect data that are publicly scraped from the web, and such systems may be cumbersome for individuals to exercise.
• Deletion and minimization requirements. Congress may also consider requiring companies to provide mechanisms for users to delete their data from existing datasets or require maximum retention periods for personal data. Currently, most leading chatbots and other AI models do not provide options for users to delete their personal information.

In considering such proposals, Congress may also wish to consider practical challenges users may face exercising specific privacy rights as well as potential challenges for companies in complying with certain types of legal requirements and user requests.

Existing Agency Authorities

Various federal agencies may enforce laws relevant to AI and data privacy. The Federal Trade Commission (FTC) has been active in addressing data privacy issues and has taken various actions involving AI. The FTC has applied its broad authorities over "unfair or deceptive acts or practices in commerce" to cases related to data privacy and data security. In recent months, the commission reaffirmed that its authorities also apply to new AI tools.²¹ FTC Chair Lina Khan stated, "there is no AI exemption to the laws on the books, and the FTC will vigorously enforce the law to combat unfair or deceptive practices or unfair methods of competition."²²

The data collection practices of AI companies may also raise competition concerns. At the 2023 Annual Antitrust Enforcers Summit, Chair Khan stated, "As you have machine learning that depends on huge amounts of data and also depends on huge amounts of storage, we need to be very vigilant to make sure that this is not just another site for the big companies becoming bigger and really squelching rivals."²³ The development of AI models may also require significant computational and financial resources, which may preclude new competitors and entrench incumbents.²⁴

In evaluating existing agency authorities, Congress may consider updating or providing additional specific authorities to federal agencies to address AI and related privacy issues. Additionally, Congress could consider what resources federal agencies may require to conduct additional oversight of AI and privacy issues.

Regulation of Data Scraping

There are currently no federal laws that ban the scraping of publicly available data from the internet. The Computer Fraud and Abuse Act (CFAA; 18 U.S.C. §1030) imposes liability when a person "intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains ... information from any protected computer."²⁵ Some court cases have held that this prohibition does not apply to public websites—meaning that scraping publicly accessible data from the internet does not violate the CFAA.²⁶

Scraping publicly available information from the internet has privacy implications beyond generative AI models. The facial recognition company Clearview AI has scraped over 20 billion images from the web, including social-media profile photos, which have been used for software and databases provided to law enforcement and other entities.²⁷ Some technology companies have also scraped publicly available data to amass large data repositories. Web scraping may raise competition concerns since larger companies may block competitors from scraping data.

Many researchers, journalists, and civil society groups, among others, rely on scraping to conduct research that may be in the public interest. If Congress were to consider broad legislation to limit or provide guardrails for scraping information from the internet, it might consider implications for a range of activities that it may find beneficial.

Research and Development for Alternative Technical Approaches

Congress may wish to consider providing funds to federal agencies for intramural and extramural research to examine the development of alternative AI models or related technologies that may preserve individual privacy, such as privacy-enhancing technologies.²⁸ There are benefits and trade-offs to some AI models under development that may have privacy implications. For example, smaller models that use less data or avoid transmitting and analyzing data in the cloud may minimize some privacy concerns but may amplify other issues, such as bias, by training on smaller datasets and potentially limiting the representativeness of data being used to train models.²⁹ Congress may consider directing agencies to conduct and fund research to support privacy-by-design³⁰ for AI and ML applications in order to both foster greater privacy for individuals and support the development of AI technologies and the global competitiveness of U.S. AI companies.