A failure of artificial intelligence chatbots is exposing users' personal phones to strangers seeking company services. The most recent case was reported by Daniel Abraham, a software engineer who began receiving WhatsApp messages from people wanting to contact PayBox customer service because Gemini, Google's generative model, associated his number with that payment application.
The paradox for those affected is that even after requesting data removal, the problem may persist. Abraham submitted an official deletion request, but assures that the harassment continues daily, with contacts from people writing to his personal mobile despite PayBox not offering customer service via WhatsApp.
Gemini linked a personal mobile to PayBox service
Abraham explained that at first he thought those messages were not real. "I thought it was a spam message," he said, before raising an added risk if the error goes beyond a simple contact confusion.
"What would happen if they ask for money instead of solving a problem?" - Daniel Abraham, software engineer
The case is not isolated. Meira Gilbert, a researcher at the University of Washington, found that Gemini also displayed her colleague Yael Eiger's personal phone when someone searched for her contact information.
In that case, the number had only been previously published for a technology workshop. The difference between a specific context and an open response to any query is precisely what Eiger denounced.
"Leaving your information for a specific audience and Gemini making it accessible to anyone are two totally different things" - Yael Eiger, researcher
Requests to delete AI data grew by 400% in seven months
The volume of complaints has also increased. Rob Shavell, co-founder and CEO of DeleteMe, stated that requests to remove personal data from AI tools grew by 400% in the last seven months.
Google and OpenAI already have portals and forms to request the deletion or correction of personal data in their chatbots' responses. These channels, however, do not guarantee immediate removal of the information.
Jennifer King, a privacy specialist at Stanford University's Institute for Human-Centered AI, indicated that current legislation usually applies mainly to the information that users directly provide to companies. She also recommended minimizing the exposure of personal data on the internet.
For now, the exact mechanism that causes these systems to expose phones or other personal data remains unknown. Detected cases point to the use of personally identifiable information in the datasets with which large language models are trained.