Understanding Users' Security and Privacy Concerns and Attitudes Towards Conversational AI Platforms
Mutahar Ali, Arjun Arunasalam, Habiba Farrukh
TL;DR
This study tackles the problem of understanding how users perceive security and privacy in conversational AI by analyzing roughly $2.5$M Reddit posts from r/ChatGPT. It combines keyword screening, a RoBERTa-based S&P classifier, qualitative coding, and a GPT-4o-driven multi-class taxonomy to identify six data-lifecycle themes and four user attitude types, then applies an interrupted time series analysis to track shifts in concerns around major industry events. The work reveals pervasive worries about data collection, usage, retention, and security, with notable emphasis on training practices, third-party sharing, and regulatory compliance (GDPR/HIPAA), and shows that concerns evolve in response to platform updates, acquisitions, and incidents. The findings yield concrete recommendations for users, platforms, enterprises, and policymakers to enhance transparency, data controls, and trust, contributing to safer and more trustworthy deployment of CAI technologies.
Abstract
The widespread adoption of conversational AI platforms has introduced new security and privacy risks. While these risks and their mitigation strategies have been extensively researched from a technical perspective, users' perceptions of these platforms' security and privacy remain largely unexplored. In this paper, we conduct a large-scale analysis of over 2.5M user posts from the r/ChatGPT Reddit community to understand users' security and privacy concerns and attitudes toward conversational AI platforms. Our qualitative analysis reveals that users are concerned about each stage of the data lifecycle (i.e., collection, usage, and retention). They seek mitigations for security vulnerabilities, compliance with privacy regulations, and greater transparency and control in data handling. We also find that users exhibit varied behaviors and preferences when interacting with these platforms. Some users proactively safeguard their data and adjust privacy settings, while others prioritize convenience over privacy risks, dismissing privacy concerns in favor of benefits, or feel resigned to inevitable data sharing. Through qualitative content and regression analysis, we discover that users' concerns evolve over time with the evolving AI landscape and are influenced by technological developments and major events. Based on our findings, we provide recommendations for users, platforms, enterprises, and policymakers to enhance transparency, improve data controls, and increase user trust and adoption.