AI helpers… useful tool or serious security issue?

The ads for Grammarly are slowing but surely gnawing away at my soul with their frequency… I’ve seen numerous people mention some fancy ‘AI plugin’ for VS Code that helps you with your coding and now Speechify, which helps you by reading your documents and emails using AI so you can get more done.

Great, some useful applications of technology that can clearly help you out. But in my mind, these apps and similar raise nothing but security concerns for me.

This is the scenario… you work for a law firm and whilst carrying out your everyday tasks you let a third party outside the organisation see every word you type in emails and documents so they can give you grammar pointers and then you have another third party from outside the organisation read your incoming emails and documents to you. If I found an employee sharing what could be privileged information with third parties in such a manner they’d be out the door faster than a fast thing for gross misconduct on the grounds that they have breached client confidentiality. The same could be applied to someone in a healthcare setting or a software setting, where there could be intellectual property implications as well.

I think it’s safe to say that no one in the right mind would engage in the practices I’ve outlined above, if they did I would question their ability to function as responsible adults in the modern world where in many jobs confidentiality is a pre-requisite.

So lets consider Grammarly, the grammar and spelling aid.

When looking at grammar it is necessary to a consider text at the sentence level at the very minimum, possibly along with the previous sentence. So everything you type is going to be whisked over the internet to the Grammarly AI for analysis.

Please note, I’m not accusing Grammarly of doing anything nefarious, but it’s not hard to imagine a scenario where a bad actor has attacked the service and gained the ability to intercept everything sent for analysis. Clearly there is a session between the client and the service so it wouldn’t be too hard to piece together the documents being worked on.

Then on the other end of document exchange is Speechify. Synthesizing speech isn’t easy, especially if you want it to sound good, so I can only assume there is an exchange of data… what to read in return for the audio, or at the very least a sequence of phonetic instructions to drive a speech synth on the client.

Again, I’m not claiming Speechify are doing anything nefarious but I have to ask… how are these things gaining traction? I would not want some app seeing everything I type or everything I read, it just blows my mind that we’ve reached a point where people can be so blasé with their documents and emails, sharing them with who knows who.

I get that they provide useful services, but is the benefit they offer worth the risk of sharing things with a third party, things you wouldn’t share with some guy (or gal) you bumped into on the street?

I know there are alternative solutions to both of the services I’ve mentioned above, so it’s not beyond the realms of possibility that somewhere there is a bad actor. Nor is it beyond the realms of possibility that a service gets bought up by some corporation intent on snooping.

If you need help with grammar, practice, learn about it. I know it’s a tricky subject, my grammar is far from perfect. If you want to expand your lexicon to better express yourself, buy a dictionary and thesaurus. And if you want to improve how your writing is received by others learn to take a step back and read it, putting yourself in the position of the recipient. Don’t further degrade your privacy by sharing your documents with faceless services that live in the cloud. As for the reading… I can see this being more useful for people who struggle with reading but for the majority of people I would suggest you just read more to improve your reading speeding… whatever it is, if it’s work related, you should perhaps be focusing on it rather than trying to listen to it whilst doing something else.

And that brings us to the end of that little musing 🙂