Your AI chat isn't safe

ChatGPT users are facing unexpected privacy risks as shared conversations with the AI tool have started appearing in Google search results. The issue stems from ChatGPT’s “shared link” feature, which allows users to generate public URLs for individual conversations. While the feature was originally intended for collaboration, those shared URLs are now being indexed by search engines, exposing sensitive user content to the open internet.

Your AI chat isn’t safe: How conversations became public

The sharing process includes an option to make the link “discoverable,” which automatically makes it visible to Google’s web crawlers. However, even without this option selected, links shared on social media or websites can still be picked up by search engines. Many users, unaware of these implications, have shared conversations containing private or personally identifiable information.

Cybernews reports that a simple Google search using ChatGPT’s unique shared link format can reveal thousands of conversations. These include everything from resume drafts with full names, emails, and phone numbers, to emotional discussions, personal stories, and even controversial or illegal content.

Users on Reddit have expressed shock at the kind of data being discovered. One post detailed a conversation with full legal identity information. Others shared findings such as encoded messages suggesting illicit activity, and private conversations from influencers and sex workers that included names and contact details.

Cybernews researchers warn that these indexed conversations can be used maliciously, including for harassment, doxxing, or public shaming. “Many cases involve personally identifiable data,” the research team noted. “If conversations contain controversial content, it could be weaponized.”

Following the exposure, OpenAI's Chief Information Security Officer, Dane Stuckey, announced on X (formerly Twitter) that the company would remove the shared link feature from the ChatGPT app. Calling it a “short-lived experiment,” Stuckey acknowledged that the feature created too many opportunities for accidental oversharing. He confirmed that OpenAI is actively working with search engines to remove the indexed content.

The Cybernews team called the removal “an extreme but necessary step,” adding that OpenAI’s effort to remove indexed content was a positive move toward mitigating the issue.

Making ChatGPT conversations private

ChatGPT shared links publish a static, read-only version of a conversation on OpenAI’s website. Deleting a chat from the user’s account does not delete the shared URL, users must explicitly delete the shared link for the page to be taken offline.

Even after deletion, search engines may still display cached versions of the page temporarily. Clicking on such links will result in an error once the page has been removed, but the result may remain visible in Google’s index for some time.

To check or remove previously shared conversations, users can navigate to ChatGPT settings > Data Controls > Shared Links and delete individual links or all shared content at once.

Cybernews researchers also pointed out that while modifying a site’s robots.txt file typically limits search engine indexing, web crawlers, especially those used by LLM providers, increasingly ignore such rules. This trend may have influenced OpenAI’s decision to retire the feature entirely.

The situation highlights the risks of public data sharing in AI platforms and the ease with which private content can become publicly accessible. It also serves as a reminder that tools designed for collaboration can become vectors for unintended exposure if not carefully controlled. The fallout from this incident continues to unfold as users, researchers, and OpenAI grapple with the implications.