Tumblr and WordPress are reportedly set to strike deals to sell user data to artificial intelligence companies OpenAI and Midjourney. 404 Media reports that the platforms’ parent company, Automattic, is nearing completion of an agreement to provide data to help train the AI companies’ models.

It isn’t clear which data will be included, but the report suggests Automattic may have overreached initially. An alleged internal post from Tumblr product manager Cyle Gage suggests Automattic prepared to send private or partner-related data that wasn’t supposed to be included in the deal. The questionable content reportedly included private posts on public blog posts, deleted or suspended blogs, unanswered (therefore, not publicly posted) questions, private answers, posts marked explicit and content from premium partner blogs (like Apple’s former music site).

The internal post suggests Automattic’s engineers are preparing a list of post IDs that should have been excluded. It isn’t clear whether the data had already been sent to the AI companies.

Engadget emailed Automattic to ask for comment on the report. The company replied with a published statement, claiming, “We will share only public content that’s hosted on WordPress.com and Tumblr from sites that haven’t opted out.” The statement notes that legal regulations don’t currently require AI companies’ web crawlers to abide by users’ opt-out preferences.

The final line of Automattic’s statement appears to align with the reported deals. “We are also working directly with select AI companies as long as their plans align with what our community cares about: attribution, opt-outs, and control,” Automattic wrote. “Our partnerships will respect all opt-out settings. We also plan to take that a step further and regularly update any partners about people who newly opt out and ask that their content be removed from past sources and future training.”

Mike Coppola via Getty Images

The company reportedly plans to launch a new opt-out tool on Wednesday that claims to allow users to block third parties — including AI companies — from training on their data. 404 Media reviewed an alleged internal FAQ Automattic prepared for the tool, which includes the answer, “If you opt out from the start, we will block crawlers from accessing your content by adding your site on a disallowed list. If you change your mind later, we also plan to update any partners about people who newly opt-out and ask that their content be removed from past sources and future training.”

The phrasing, describing it as “asking” the AI companies to remove the data, may be relevant.

An alleged internal document from Automattic’s AI head, Andrew Spittle, replying to a staff question about data-removal assurances when using the tool, explains, “We will notify existing partners on a regular basis about anyone who’s opted out since the last time we provided a list. I want this to be an ongoing process where we regularly advocate for past content to be excluded based on current preferences. We will ask that content be deleted and removed from any future training runs. I believe partners will honor this based on our conversations with them to this point. I don’t think they gain much overall by retaining it.”

So, if a Tumblr or WordPress user requests to opt out of AI training, Automattic will allegedly “ask” and “advocate for” their removal. And the company’s AI boss “believes” the AI companies will find it in their best interest to comply “based on our conversations.” (How’s that for reassurance!)

AI data training deals have become a lucrative opportunity for websites treading water in today’s slippery online publishing landscape. (Tumblr’s staff was reportedly reduced to a skeleton crew in late 2023.) Last week, Google struck a deal with Reddit (ahead of the latter’s IPO) to train on the platform’s vast knowledge base of user-created content. Meanwhile, OpenAI rolled out a partnership program last year to collect datasets from third parties to help train its AI models.

Update, February 27, 2024, 3:56 PM ET: This story has been updated to add a published statement from WordPress and Tumblr parent company Automattic.

This article originally appeared on Engadget at https://www.engadget.com/tumblr-and-wordpress-posts-will-reportedly-be-used-for-openai-and-midjourney-training-204425798.html?src=rss

Tumblr and WordPress are reportedly set to strike deals to sell user data to artificial intelligence companies OpenAI and Midjourney. 404 Media reports that the platforms’ parent company, Automattic, is nearing completion of an agreement to provide data to help train the AI companies’ models.

It isn’t clear which data will be included, but the report suggests Automattic may have overreached initially. An alleged internal post from Tumblr product manager Cyle Gage suggests Automattic prepared to send private or partner-related data that wasn’t supposed to be included in the deal. The questionable content reportedly included private posts on public blog posts, deleted or suspended blogs, unanswered (therefore, not publicly posted) questions, private answers, posts marked explicit and content from premium partner blogs (like Apple’s former music site).

The internal post suggests Automattic’s engineers are preparing a list of post IDs that should have been excluded. It isn’t clear whether the data had already been sent to the AI companies.

Engadget emailed Automattic to ask for comment on the report. The company replied with a published statement, claiming, “We will share only public content that’s hosted on WordPress.com and Tumblr from sites that haven’t opted out.” The statement notes that legal regulations don’t currently require AI companies’ web crawlers to abide by users’ opt-out preferences.

The final line of Automattic’s statement appears to align with the reported deals. “We are also working directly with select AI companies as long as their plans align with what our community cares about: attribution, opt-outs, and control,” Automattic wrote. “Our partnerships will respect all opt-out settings. We also plan to take that a step further and regularly update any partners about people who newly opt out and ask that their content be removed from past sources and future training.”

Mike Coppola via Getty Images

The company reportedly plans to launch a new opt-out tool on Wednesday that claims to allow users to block third parties — including AI companies — from training on their data. 404 Media reviewed an alleged internal FAQ Automattic prepared for the tool, which includes the answer, “If you opt out from the start, we will block crawlers from accessing your content by adding your site on a disallowed list. If you change your mind later, we also plan to update any partners about people who newly opt-out and ask that their content be removed from past sources and future training.”

The phrasing, describing it as “asking” the AI companies to remove the data, may be relevant.

An alleged internal document from Automattic’s AI head, Andrew Spittle, replying to a staff question about data-removal assurances when using the tool, explains, “We will notify existing partners on a regular basis about anyone who’s opted out since the last time we provided a list. I want this to be an ongoing process where we regularly advocate for past content to be excluded based on current preferences. We will ask that content be deleted and removed from any future training runs. I believe partners will honor this based on our conversations with them to this point. I don’t think they gain much overall by retaining it.”

So, if a Tumblr or WordPress user requests to opt out of AI training, Automattic will allegedly “ask” and “advocate for” their removal. And the company’s AI boss “believes” the AI companies will find it in their best interest to comply “based on our conversations.” (How’s that for reassurance!)

AI data training deals have become a lucrative opportunity for websites treading water in today’s slippery online publishing landscape. (Tumblr’s staff was reportedly reduced to a skeleton crew in late 2023.) Last week, Google struck a deal with Reddit (ahead of the latter’s IPO) to train on the platform’s vast knowledge base of user-created content. Meanwhile, OpenAI rolled out a partnership program last year to collect datasets from third parties to help train its AI models.

Update, February 27, 2024, 3:56 PM ET: This story has been updated to add a published statement from WordPress and Tumblr parent company Automattic.

This article originally appeared on Engadget at https://www.engadget.com/tumblr-and-wordpress-posts-will-reportedly-be-used-for-openai-and-midjourney-training-204425798.html?src=rss

The Federal Trade Commission (FTC) concluded Elon Musk ordered Twitter (now X) employees to take actions that would have violated an FTC consent decree regarding consumers’ data privacy and security. The investigation arose from the late 2022 episode informally known as “The Twitter Files,” where Musk ordered staff to let outside writers access internal documents from the company’s systems. However, the FTC says Twitter security veterans “took appropriate measures to protect consumers’ private information,” likely sparing Musk’s company from government repercussions by ignoring his directive.

FTC Chair Lina Khan discussed the conclusions in a public letter sent Tuesday to House Judiciary Committee Chair Jim Jordan, as reported by The Washington Post. Jordan and his Republican colleagues have tried to turn the FTC’s investigation into a political wedge issue, framing the inquiry as a free speech violation — perhaps to shore up GOP support from Musk’s legion of rabid supporters. Jordan and his peers previously described the investigation as “attempts to harass, intimidate, and target an American business.”

Khan’s response to Jordan adopts a tone resembling that of a patient teacher explaining the nuance of a complicated situation to a child who insists on seeing simplistic absolutes. “FTC staff efforts to ensure Twitter was in compliance with the Order were appropriate and necessary, especially given Twitter’s history of privacy and security lapses and the fact that it had previously violated the 2011 FTC Order,” Khan wrote.

“When a firm has a history of repeat offenses, the FTC takes particular care to ensure compliance with its orders,” she continued.

In an emailed statement to Engadget, FTC Office of Public Affairs director Douglas Farrar wrote, “When we heard credible public reports of potential violations of protections for Twitter users’ data, we moved swiftly to investigate. The order remains in place and the FTC continues to deploy the order’s tools to protect Twitter users’ data and ensure the company remains in compliance.”

Tom Williams via Getty Images

The FTC’s investigation stemmed from allegations that Musk, newly minted as Twitter’s owner, ordered staff to give outside writers “full access to everything” in late 2022. Had staff obeyed Musk’s directive, the company likely would have violated a settlement with the FTC (originally from 2011 but updated in 2022) requiring the company to tightly restrict access to consumer data.

In November 2022, the FTC said publicly it was monitoring Twitter’s developments following Musk’s acquisition with “deep concern.” That followed the resignation of chief information security officer Lea Kissner and other members of the company’s data governance committee. They expressed concerns that Musk’s launch of a new account verification system didn’t give them adequate time to deploy security reviews required by the FTC.

Ultimately, Twitter security veterans ignored Musk’s “full access to everything” order. “Longtime information security employees at Twitter intervened and implemented safeguards to mitigate the risks,” Khan wrote in the letter. “The FTC’s investigation confirmed that staff was right to be concerned, given that Twitter’s new CEO had directed employees to take actions that would have violated the FTC’s Order.”

Slaven Vlasic via Getty Images

Rather than supplying outside writers with the “full access” Musk wanted them to have, Twitter employees accessed the systems and relayed select information to the group of outsiders. “Ultimately the third-party individuals did not receive direct access to Twitter’s systems, but instead worked with other company employees who accessed the systems on the individuals’ behalf,” Khan wrote.

The FTC says it will continue to monitor X’s adherence to the order. “When we heard credible public reports of potential violations of protections for Twitter users’ data, we moved swiftly to investigate,” FTC spokesman Douglas Farrar said in a statement to The Washington Post. “The order remains in place and the FTC continues to deploy the order’s tools to protect Twitter users’ data and ensure the company remains in compliance.”

Update, February 22, 2024, 1:23 PM ET: This story has been updated to add a statement from an FTC director.

This article originally appeared on Engadget at https://www.engadget.com/ftc-concludes-twitter-didnt-violate-data-security-rules-in-spite-of-musks-orders-191917132.html?src=rss