Microsoft calls AI privacy complaint 'doomsday hyperbole'

Plaintiffs seek termination of permissionless and unpaid AI data harvesting

In early February, Microsoft accused the plaintiffs suing the software maker and its partner OpenAI over alleged AI privacy violations of evoking "doomsday hyperbole about AI as a threat to civilization."

A variation on that phrase, which appeared in the Windows giant's motion to dismiss [PDF] the privacy lawsuit, surfaced in early March in a similar court filing [PDF] supporting a motion to dismiss an AI copyright claim brought by The New York Times.

In the copyright case, Redmond's legal team referred to the news organization's enumeration of AI harms as "doomsday futurology."

Through their attorneys, the thirteen plaintiffs in the September 2023 privacy claim [PDF], T. et al v. OpenAI LP et al (3:23-cv-04557-VC), last week submitted responses opposing the motions to dismiss filed by both OpenAI and Microsoft.

An event akin to doomsday could await OpenAI and Microsoft if the plaintiffs prevail: they seek relief including an injunction that would force the defendants to let people remove their data from AI models.

The crux of the complaint is that OpenAI and Microsoft allegedly trained their models on data scraped from the web without first securing adequate consent, and now continue to harvest personal information through API integrations with their products.

The privacy complaint, overseen by Morgan and Morgan Complex Litigation Group and Clarkson Law Firm, accuses the defendant companies of failing to filter personal information out of their training models and "putting millions at risk of having that information disclosed on prompt or otherwise to strangers around the world." It cites, among other sources, a Register article to support its claims.

The legal filing goes on to insist that the developers' API-based data harvesting includes "user locations and image-related data obtained through Snapchat, user financial information through Stripe, musical tastes and preferences through Spotify, user patterns and private conversation analysis through Slack and Microsoft Teams, and even private health information obtained through the management of patient portals such as MyChart."

Microsoft, in its motion to dismiss, argues "Plaintiffs do not plead any facts plausibly showing they have been affected by any of the supposed 'scraping,' 'intercepting,' and 'eavesdropping' they allege. Nowhere do they say what of their private information Microsoft ever improperly collected or used; nor do they identify any harm they individually suffered from anything that Microsoft allegedly did."

The software giant contends that the plaintiffs have not stated a valid claim.

OpenAI likewise argues the plaintiffs have not sufficiently elaborated what personal information was allegedly stolen. The AI biz also maintains that people who use its products have agreed to the terms of use. "Further, Plaintiffs' novel theory that companies cannot use publicly available online information, or information provided by their own users, to train and improve their products is legally baseless, and none of the 11 asserted claims provide a remedy for such conduct," OpenAI's motion to dismiss [PDF] reads.

The plaintiffs, in their efforts to convince the judge to allow their claim to proceed, argue that the way these companies have handled AI is simply wrong.

The motion opposing OpenAI's argument declares:

"OpenAI gave no notice to the world that, for years, it was secretly harvesting from the internet everything ever created and shared online, anywhere, by hundreds of millions of Americans."

"That, for a decade plus, every consumer's use of the internet thus operated as a gratuitous donation to OpenAI: of our insights, talents, artwork, personally identifiable information, copyrighted works, photographs of our families and children, and all other expressions of our personhood – for products that stand to concentrate the country's wealth in even fewer corporate behemoths, displace jobs at scale, and risk the future of mission-critical industries like art, music, and journalism, while creating dangerous new industries like the high-speed spawning of child pornography. It is no wonder the public is outraged by the largest-ever theft of data – to which no one consented."

And the plaintiffs' argument challenging Microsoft's motion covers similar ground.

"Microsoft’s motion essentially points to its strategic business partner OpenAI's motion to dismiss and says 'we agree.' That is hardly surprising. But its motion fails for the same reasons as its partner-in-theft. Plaintiffs' allegations exceed applicable pleading standards, stating legal claims supported factually by hundreds of sources. The only way the complaint could be more specific factually would be if Microsoft and OpenAI would once and for all open the 'black box' of training data – that they won't let anyone see."

The lawsuit alleges violations of the Electronic Communications Privacy Act, the Comprehensive Computer Data Access And Fraud Act, the California Invasion of Privacy Act, and various California and Illinois competition and privacy laws.

Ryan Clarkson, managing partner of Clarkson Law Firm, told The Register in an email, "Practically, OpenAI's legal position would forever change the internet, in that the only way not to surrender all of our personal information, family photographs, copyrighted works, art, and more would be to cease using the internet altogether."

"Fortunately the law compels a different result: choice and compensation for the millions of Americans who never consented to the mass theft of their personal information without which OpenAI's $100 billion dollar business would be worth zero."

Judge Vince Chhabria's decision on the motions to dismiss – whenever it happens – will determine whether the privacy claim can continue. ®

More about


Send us news

Other stories you might like