When AI Knows All Your Dirty Secrets

The aftermath of the February 10, 2026, tragic mass shooting at Tumbler Ridge High School in Canada that left 9 people dead taught the world a lot more about OpenAI’s ChatGPT and what it knows about its users. The incident sparked outrage and ignited global debates on AI monitoring and whether the company should have alerted authorities. 

Beyond the fact that 9 people would still be alive today had the company acted on the information ChatGPT flagged, it also revealed that AI systems monitor user inputs, classify risks, and have the ability to identify potentially dangerous intent. 

Ultimately, it shattered any assumption that AI is just a neutral tool. 

This was followed by the next logical question: If AI systems can detect warning signs, do they have a responsibility to act beyond their platform? Of course all this collided with users' expectations of privacy, proving beyond any reasonable doubt that AI is not a confidant or a private outlet because conversations can be monitored and flagged. The only element missing was that the information was not acted on externally by OpenAI or law enforcement. 

The Not-So-Secret Confidante 

Social engineering and typical human error remain the most dominant entry points in cyberattacks today. This is because human error continues to be one of our most significant vulnerabilities.

Humans are hardwired for trust, not constant suspicion. Without writing a list of various traits covering what we already know about our human condition, one characteristic stands out in particular: our tendency to overshare.

Even with cybersecurity training that informs employees about the risks of social engineering attacks, humans remain inherently predictable. We are influenced by cognitive biases such as urgency, fear, curiosity, and authority. We also experience decision fatigue, particularly when making choices under pressure, and tend to default to trust, especially in workplace environments. 

However, ChatGPT does not pass judgment on its users. Consequently, users unwittingly have elevated it as their de facto armchair psychiatrist, nutritionist, psychologist, social behavior expert, relationship coach, love guru, and summarizer, among other things.  

This makes things interesting. Given the human-like qualities AI exhibits in its conversational mechanics, I wonder how many people let their guard down, willingly divulging long-winded or complicated company emails, financial information such as timesheets or sensitive invoices, or highly personal conversations to it ad nauseam for it to summarize or explanation, never thinking about where that information is being stored or what would happen if a threat actor gained access to those conversations. 

I haven’t even touched on what has happened when users shared their ChatGPT conversations and, either through public links or indexing, it became accessible to others, sometimes even containing criminal confessions.

• Over 4,500 publicly shared ChatGPT conversations were indexed by Google
• After OpenAI removed 50,000 links from Google’s index, over 110,000 ChatGPT and some Grok conversations remained archived in the Wayback Machine.

These unintentionally exposed conversations contain admissions of regulatory violations, fraud schemes, academic misconduct, and planning cyberattacks. 

In one case, which didn’t involve Google indexing but a lawful search of a suspect's phone, police discovered a 19-year-old student who allegedly confessed to vandalizing 17 vehicles in a ChatGPT conversation. 

All this brings us back to the core of this article: AI models like ChatGPT are not neutral or private tools. If you’ve shared business practices with AI, which you wouldn’t have shared over social media, then you have exposed protected company data to a third party. 

Due to the overwhelming value private conversations can contain, especially when message history is archived by default, even cybercriminals have found these to be ripe for the taking. To drive this point home, the cybersecurity and threat intelligence company Group-IB reported there is solid evidence that tens of thousands to hundreds of thousands of accounts linked to ChatGPT have been found in Infostealer logs. 

The Era of Anti-Terrorism and Tragedy Prevention 

On 24 February, Canada’s Federal AI Minister Evan Solomon summoned OpenAI officials to Ottawa for an urgent meeting to question the company’s escalation protocols and demanded more concrete safety measures after it was understood that OpenAI could have prevented the shooting. Merely banning the shooter's ChatGPT account certainly wasn’t a viable preventative measure.  

The outcome of the meeting revealed that Canadian officials were disappointed because OpenAI did not present new safety measures at the time, despite the company affirming it was now cooperating with law enforcement, adding that it would return with more concrete proposals. 

This is where privacy finds itself in a unique predicament: the next logical step in prevention is to establish escalation protocols that either trigger a law enforcement response through AI or route the incident through a human triage system, in which an OpenAI employee is tasked with reporting it directly to authorities.

This requires AI to move beyond merely detecting dangerous behavior and toward determining what should be done with that information. This also means that users shouldn’t have any realistic expectation of privacy when using these platforms. If the Tumbler Ridge high school shooting taught us one thing, it is that detection alone is insufficient, and the demand to prevent future tragedies will inevitably shape new policies to achieve this goal.

What happens when OpenAI faces pressure from governments and lawmakers to expand these preventative protocols to include indicators for terrorism, child abuse, and other criminal confessions? Considering that the next major school shooting or terrorist plot could be conceived in conversations with ChatGPT or Grok, these protocols could very well mean the difference between saving lives and losing them.

This does not answer the question of what will happen to the many false positives that will inevitably arise, since AI cannot fully comprehend nuance in private conversations. A person may not have any intent to commit a crime or acts of violence but may simply be venting in what they believe is a safe space for emotional release. Yet even this could result in a Minority Report scenario, where individuals are flagged, reported, or even investigated based on perceived intent rather than actual wrongdoing.

Most people will find it difficult to identify a gray area where privacy can exist when faced with a real-life example of an attack of this magnitude that could have been prevented. If you need AI and privacy, run a local Large Language Model (LLM).