ChatGPT is full of sensitive private information and spits out verbatim text from CNN, Goodreads, WordPress blogs, fandom wikis, Terms of Service agreements, Stack Overflow source code, Wikipedia pages, news blogs, random internet comments, and much more.

  • KingRandomGuy@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    ·
    11 months ago

    Not sure what other people were claiming, but normally the point being made is that it’s not possible for a network to memorize a significant portion of its training data. It can definitely memorize significant portions of individual copyrighted works (like shown here), but the whole dataset is far too large compared to the model’s weights to be memorized.

    • ayaya@lemdro.id
      link
      fedilink
      English
      arrow-up
      14
      ·
      edit-2
      11 months ago

      And even then there is no “database” that contains portions of works. The network is only storing the weights between tokens. Basically groups of words and/or phrases and their likelyhood to appear next to each other. So if it is able to replicate anything verbatim it is just overfitted. Ironically the solution is to feed it even more works so it is less likely to be able to reproduce any single one.

      • Kbin_space_program@kbin.social
        link
        fedilink
        arrow-up
        5
        arrow-down
        2
        ·
        edit-2
        11 months ago

        That’s a bald faced lie.

        and it can produce copyrighted works.
        E.g. I can ask it what a Mindflayer is and it gives a verbatim description from copyrighted material.

        I can ask Dall-E “Angua Von Uberwald” and it gives a drawing of a blonde female werewolf. Oops, that’s a copyrighted character.

        • KingRandomGuy@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          ·
          11 months ago

          I think what they mean is that ML models generally don’t directly store their training data, but that they instead use it to form a compressed latent space. Some elements of the training data may be perfectly recoverable from the latent space, but most won’t be. It’s not very surprising as a result that you can get it to reproduce copyrighted material word for word.

        • ayaya@lemdro.id
          link
          fedilink
          English
          arrow-up
          6
          ·
          11 months ago

          I think you are confused, how does any of that make what I said a lie?

        • TimeSquirrel@kbin.social
          link
          fedilink
          arrow-up
          5
          ·
          11 months ago

          I can do that too. It doesn’t mean I directly copied it from the source material. I can draw a crude picture of Mickey Mouse without having a reference in front of me. What’s the difference there?