From private chats to full legal identities revealed – internet users are finding ChatGPT conversations that inadvertently ended up on a simple Google search.

If you’ve ever shared a ChatGPT conversation using the “Share” button, there’s a chance it might now be floating around somewhere on Google, just a few keystrokes away from complete strangers.

A growing number of internet sleuths are discovering that ChatGPT’s shared links, which were originally designed for collaboration, are getting indexed by search engines.

ChatGPT’s shared links feature allow users to generate a unique URL for a ChatGPT conversation. The shared chat becomes accessible to anyone with the link. However, if you share the URL on social media, a website, or if someone else shares it, it can be noticed by Google crawlers. Also, if you tick the box “Make this chat discoverable” while generating a URL, it automatically becomes accessible to Google.

While OpenAI warns users not to include sensitive content in shared links, many didn’t seem to expect their private moments with an AI chatbot to end up being searchable on the internet.

Privacy nightmare: “WAY too many people getting freaky”

A simple Google site search using the unique shared link structure brings up thousands of indexed ChatGPT conversations. This is likely not the full count, as it takes time for Google to index conversations. Redditors have been actively sharing bizarre cases of private and even dangerous information that could be easily found by a Google search.

“I found some dude’s conversation about building a resume. It has his full legal name, phone number, email, location, and comprehensive work history,” wrote one Redditor.

“These convos are totally discoverable to anyone with the right search terms.”

​​“Found what looks like someone trying to encode a message to deliver a sketchy package to someone in the UK,” another Redditor wrote.

Users have stumbled across emotional outpourings, tales of trauma, and people asking ChatGPT about its feelings. Some conversations include email addresses, names of kids, and even home locations, as well as photos of the users and their voice messages.

“I found something similar… from a sex worker/influencer, where they doxxed their full name… I reached out on Twitter and said ‘hey your info is up there.’ They went berserk on me. Made me question my morality. But I did the right thing.”

“I’ve already found… WAY too many people getting freaky,” said another.

Cybernews has reached out to OpenAI for a comment, but response is yet to be received.

“Many cases discussed online involve exposure of personally identifiable data such as names and addresses,” commented the Cybernews research team.

“This information could be used to enable harassment or doxxing. If these conversations include controversial content, it could be weaponized for such harassment.”

researchers added.

OpenAI rushing to remove the feature

After this article was published, OpenAI’s CISO, Dane Stuckey, posted on X that the company is planning to remove the feature from the ChatGPT app starting tomorrow. “This was a short-lived experiment to help people discover useful conversations,” wrote Stuckey.

“Ultimately, we think this feature introduced too many opportunities for folks to accidentally share things they didn’t intend to, so we’re removing the option. We’re also working to remove indexed content from the relevant search engines.”

Stuckey said that the feature required users to opt in, first by picking a chat to share and then by clicking a checkbox before the chats were shared with search engines.

“Removing the share feature in the ChatGPT app may be an extreme way to deal with the problem. However, it’s great that OpenAI is working on removing shared content from search engine indexes, and hopefully, this will allow for faster removal of unintentionally shared content,” commented the Cybernews research team.

How to make your ChatGPT conversations private

When you create a shared link in ChatGPT, it publishes a static read-only version of the conversation to a public OpenAI-hosted page. This page can be indexed by search engines.

Deleting the chat in your ChatGPT account does not delete the shared URL page. The shared page remains live unless you explicitly delete the shared link. OpenAI explains on its help section that if you created a link that you no longer want to be public, you can delete the link or clear the conversation.

The conversation will no longer be accessible via the shared link, but if a user imported the conversation into their chat history, deleting your link will not remove the conversation from their chat history.

Even if you delete the shared link later via OpenAI, the Google search result may still show the page for a while. Clicking on the link would then result in a 404 error or “page not found” once the shared link is deleted.

If you are unsure if you shared any conversations in the past, you can go to ChatGPT settings, pick Data controls, then Shared Links, and remove individual conversations, or click on the three dots, and you will be presented with the option to delete all shared links.

“It is usually possible to mitigate this problem by modifying web crawler rules for your site, typically the “robots.txt” file, though, its been increasingly common to ignore these rules, especially by operators of LLMs, maybe thats why they chose to fix the problem by removing the feature entirely,” said the Cybernews research team.

Screenshot by Cybernews.

Article updated on August 1st, with the response from OpenAI and comment by the Cybernews research team.