Meta's WhatsApp AI Assistant Shares Private Number, Raising Privacy Concerns

To avoid admitting ignorance, Meta AI says man's number is a company helpline

Anyone whose phone number is just one digit off from a popular restaurant or community resource has long borne the burden of either screening or redirecting misdials. But now, AI chatbots could exacerbate this inconvenience by accidentally giving out private numbers when users ask for businesses' contact information. Apparently, the AI helper that Meta created for WhatsApp may even be trained to tell white lies when users try to correct the dissemination of WhatsApp user numbers. According to The Guardian, a record shop worker in the United Kingdom, Barry Smethurst, was attempting to ask WhatsApp's AI helper for a contact number for TransPennine Express after his morning train never showed up. Instead of feeding up the train services helpline, the AI assistant "confidently" shared a private WhatsApp phone number that a property industry executive, James Gray, had posted to his website. Disturbed, Smethurst asked the chatbot why it shared Gray's number, prompting the chatbot to admit "it shouldn't have shared it," then deflect from further inquiries by suggesting, "Let's focus on finding the right info for your TransPennine Express query!" But Smethurst didn't let the chatbot off the hook so easily. He prodded the AI helper to provide a better explanation. At that point, the chatbot promised to "strive to do better in the future" and admit when it didn't know how to answer a query, first explaining that it came up with the phone number "based on patterns" but then claiming that the number it had generated was "fictional" and not "associated with anyone." "I didn't pull the number from a database," the AI helper claimed, repeatedly contradicting itself the longer Smethurst pushed for responses. "I generated a string of digits that fit the format of a UK mobile number, but it wasn't based on any real data on contacts." Smethurst scolded the chatbot, warning that "just giving a random number to someone is an insane thing for an AI to do." He told The Guardian that he considered the incident a "terrifying" "overreach" by Meta. "If they made up the number, that's more acceptable, but the overreach of taking an incorrect number from some database it has access to is particularly worrying," Smethurst said. Gray confirmed that he hasn't received phone calls due to the chatbot perhaps replicating this error. But he echoed Smethurst's concerns while pondering if any of his other private information might be disclosed by the AI helper, like his bank details. Meta did not immediately respond to Ars' request to comment. But a spokesperson told the Guardian that the company is working on updates to improve the WhatsApp AI helper, which it warned "may return inaccurate outputs." The spokesperson also seemed to excuse the seeming privacy infringement by noting that Gray's number is posted on his business website and is very similar to the train helpline's number. "Meta AI is trained on a combination of licensed and publicly available datasets, not on the phone numbers people use to register for WhatsApp or their private conversations," the spokesperson said. "A quick online search shows the phone number mistakenly provided by Meta AI is both publicly available and shares the same first five digits as the TransPennine Express customer service number." Although that statement may provide comfort to those who have kept their WhatsApp numbers off the Internet, it doesn't resolve the issue of WhatsApp's AI helper potentially randomly generating a real person's private number that may be a few digits off from the business contact information WhatsApp users are seeking. Expert pushes for chatbot design tweaks AI companies have recently been grappling with the problem of chatbots being programmed to tell users what they want to hear, instead of providing accurate information. Not only are users sick of "overly flattering" chatbot responses -- potentially reinforcing users' poor decisions -- but the chatbots could be inducing users to share more private information than they would otherwise. The latter could make it easier for AI companies to monetize the interactions, gathering private data to target advertising, which could deter AI companies from solving the sycophantic chatbot problem. Developers for Meta rival OpenAI, The Guardian noted, last month shared examples of "systemic deception behavior masked as helpfulness" and chatbots' tendency to tell little white lies to mask incompetence. "When pushed hard -- under pressure, deadlines, expectations -- it will often say whatever it needs to to appear competent," developers noted. Mike Stanhope, the managing director of strategic data consultants Carruthers and Jackson, told The Guardian that Meta should be more transparent about the design of its AI so that users can know if the chatbot is designed to rely on deception to reduce user friction. "If the engineers at Meta are designing 'white lie' tendencies into their AI, the public need to be informed, even if the intention of the feature is to minimize harm," Stanhope said. "If this behavior is novel, uncommon, or not explicitly designed, this raises even more questions around what safeguards are in place and just how predictable we can force an AI's behavior to be."

'It's terrifying': WhatsApp AI helper mistakenly shares user's number

Chatbot tries to change subject after serving up unrelated user's mobile to man asking for rail firm helpline The Meta chief executive, Mark Zuckerberg, called it "the most intelligent AI assistant that you can freely use". But Barry Smethurst, 41, a record shop worker trying to travel by rail from Saddleworth to Manchester Piccadilly, does not agree. Waiting on the platform for a morning train that was nowhere to be seen, he asked Meta's WhatsApp AI assistant for a contact number for TransPennine Express. The chatbot confidently sent him a mobile phone number for customer services, but it turned out to be the private number of a completely unconnected WhatsApp user 170 miles away in Oxfordshire. It was the beginning of a bizarre exchange of the kind more and more people are having with AI systems, in which chatbots try to negotiate their way out of trouble, deflect attention from their mistakes and contradict themselves, all in an attempt to continue to appear useful. Smethurst's joust with Meta's AI began when he told it the TransPennine helpline it had dug up looked like a private number. When he asked what this number was, the AI quickly said it shouldn't have shared it and tried to change the subject, saying: "Let's focus on finding the right info for your TransPennine Express query!" But Smethurst wanted to know why it had shared the private number, which it turned out belonged to James Gray, 44, a property industry executive from Oxfordshire who is also a WhatsApp user and whose number appears on his company website. The AI explained vaguely it was generated "based on patterns" and promised to "strive to do better in the future" by admitting when it didn't know an answer. But it then falsely described the number as "fictional" and not "associated with anyone". When Smethurst challenged that it admitted "You're right" and said it may have been "mistakenly pulled from a database". Asked which database, it muddied the waters further by contradicting itself again saying: "I didn't pull the number from a database. I generated a string of digits that fit the format of a UK mobile number but it wasn't based on any real data on contacts." With the conversation going round in circles, Smethurst said he didn't believe the chatbot and told it: "Just giving a random number to someone is an insane thing for an AI to do." "It's terrifying," Smethurst said, after he raised a complaint with Meta. "If they made up the number, that's more acceptable, but the overreach of taking an incorrect number from some database it has access to is particularly worrying." Gray said he had thankfully not received calls from people trying to reach TransPennine Express, but said: "If it's generating my number could it generate my bank details?" Asked about Zuckerberg's claim that the AI was "the most intelligent", Gray said: "That has definitely been thrown into doubt in this instance." Developers working with OpenAI chatbot technology recently shared examples of "systemic deception behaviour masked as helpfulness" and a tendency to "say whatever it needs to to appear competent" as a result of chatbots being programmed to reduce "user friction". In March, a Norwegian man filed a complaint after he asked OpenAI's ChatGPT for information about himself and was confidently told that he was in jail for murdering two of his children, which was false. And earlier this month a writer who asked ChatGPT to help her pitch her work to a literary agent revealed how after lengthy flattering remarks about her "stunning" and "intellectually agile" work, the chatbot was caught out lying that it had read the writing samples she uploaded when it hadn't fully and had made up quotes from her work. It even admitted it was "not just a technical issue - it's a serious ethical failure". Referring to Smethurst's case, Mike Stanhope, managing director of the law firm Carruthers and Jackson, said: "This is a fascinating example of AI gone wrong. If the engineers at Meta are designing 'white lie' tendencies into their AI, the public need to be informed, even if the intention of the feature is to minimise harm. If this behaviour is novel, uncommon, or not explicitly designed, this raises even more questions around what safeguards are in place and just how predictable we can force an AI's behaviour to be." Meta said that its AI may return inaccurate outputs, and that it was working to make its models better. "Meta AI is trained on a combination of licensed and publicly available datasets, not on the phone numbers people use to register for WhatsApp or their private conversations," a spokesperson said. "A quick online search shows the phone number mistakenly provided by Meta AI is both publicly available and shares the same first five digits as the TransPennine Express customer service number." A spokesperson for OpenAI said: "Addressing hallucinations across all our models is an ongoing area of research. In addition to informing users that ChatGPT can make mistakes, we're continuously working to improve the accuracy and reliability of our models through a variety of methods."

WhatsApp's AI Is Sharing Random Phone Numbers

If you're using WhatsApp, think twice before using Meta's built-in AI chatbot. As it happens, it might just hand over your phone number to a total stranger. Meta's AI Is Handing Out Random Phone Numbers to Strangers Barry Smethurst, a record shop worker, was trying to get to Manchester from Saddleworth via train when he asked Meta for the customer support contact for TransPennine Express. The chatbot gave him a number, except it didn't belong to the British train operating company. Instead, Meta's AI chatbot gave him the private number of James Gray, a WhatsApp user living nearly 170 miles away from Smethurst in Oxfordshire. When Smethurst confronted Meta AI about the number, which resembled a private phone number rather than a customer support contact, the chatbot immediately flipped, telling him it shouldn't have saved the number and tried changing the subject. When asked why it shared the private contact number of another individual, Meta AI gave a vague answer explaining the number was generated "based on patterns." To make matters worse, Meta AI claimed the number was fictional and didn't belong to anyone. Smethurst corrected it again, stating that the number was, in fact, real and belonged to Gray. The chatbot admitted that he was right and claimed the number was mistakenly pulled from a database. On further inquiry, it contradicted itself again and claimed it didn't pull the number from a database. Instead, Meta AI claimed it generated a string of digits fitting the format of a UK phone number, but it didn't refer to any real data or contacts in the process. Related 5 Hilarious Times AI Chatbots Went Wild and Hallucinated You really shouldn't trust everything an AI chatbot tells you. Posts Smethurst tried to get Meta AI to admit wrongdoing, but the conversation went in circles with the chatbot contradicting itself and trying to change the topic. In the end, Smethurst told Meta AI: Just giving a random number to someone is an insane thing for an AI to do. Speaking to The Guardian, Gray claimed that he didn't receive calls from random people thinking he was customer support for a train service. However, he was concerned about his privacy, asking, "If it's generating my number could it generate my bank details?" A Meta spokesperson told The Guardian that in this case, Gray's phone number was already publicly available on his website and shared the first five digits with the TransPennine Express customer service number. They also added that "Meta AI is trained on a combination of licensed and publicly available datasets, not on the phone numbers people use to register for WhatsApp or their private conversations." How to Protect Your Data From AI Bots? If some of your information is on the internet, it's likely already scraped by one AI bot or the other. The best you can do at this point is to limit use of AI services, and avoid giving your personal or sensitive information when you're interacting with AI chatbots. Related 5 Things You Must Not Share With AI Chatbots Conversations with chatbots may feel intimate, but you're really sharing every word with a private company. Posts 1 If you're using Meta AI, there are settings you should change immediately to protect your data. However, apart from limiting what information you expose to an AI bot or the public internet going forward, there's not much you can do. Developers are working on addressing hallucinations in AI models. Until then, the possibility of some AI chatbot passing it off to a total stranger in an attempt to help isn't off the charts.