OpenAI API: Will the data I send with API requests remain private?

题意：OpenAI API：我通过API请求发送的数据会保持私密性吗？

问题背景：

I have created a Q&A bot using the OpenAI Embeddings API endpoint, Pinecone as a vector database, and OpenAI as an LLM. I am using Langchain and the gpt-3.5-turbo model. I am using my own dataset (PDF) files against which the question will be answered.

我已经使用OpenAI的嵌入（Embeddings）API端点、Pinecone作为向量数据库以及OpenAI作为大型语言模型（LLM）创建了一个问答机器人。我采用了Langchain和gpt-3.5-turbo模型，并使用了我自己的数据集（PDF文件）来回答提问。

The solution is working properly. As of now, I have added test PDF files, but I want to use my private PDF files. Does my data remain private in this architecture?

这个解决方案目前运行正常。到目前为止，我已经添加了测试用的PDF文件，但我想使用我自己的私有PDF文件。在这种架构中，我的数据能保持私密性吗？

Does OpenAI index my data in public space, or will it remain private to me?

OpenAI 是否会在公共空间中索引我的数据，或者这些数据将保持对我个人私密？

问题解决：

The answer is not simple.        答案并不简单。

As of today, OpenAI doesn't train models on inputs and outputs through API, as stated in the official OpenAI documentation:

截至今天，根据OpenAI的官方文档所述，OpenAI不会通过API在输入和输出上训练模型：

But, technically speaking, once you make a request to the OpenAI API, you send data to the outside world. This is a big concern for many companies or even individuals. OpenAI tries hard to minimize these concerns with commitments, as stated on the official OpenAI website:

但是，从技术上讲，一旦你向OpenAI API发出请求，你就将数据发送到了外部世界。这对于许多公司甚至个人来说都是一个很大的担忧。OpenAI努力通过承诺来减少这些担忧，正如OpenAI官方网站所述：

Ownership: You own and control your data          所有权：您拥有并控制您的数据

• We do not train on your data from ChatGPT Enterprise or our API Platform

我们不会使用来自ChatGPT Enterprise或我们的API平台的数据进行训练

• You own your inputs and outputs (where allowed by law)

（在法律允许的范围内）您拥有您的输入和输出数据

• You control how long your data is retained (ChatGPT Enterprise)

您控制您的数据保留多久（ChatGPT Enterprise）

Control: You decide who has access                控制权：您决定谁有权访问

• Enterprise-level authentication through SAML SSO

通过SAML单点登录（SSO）进行企业级身份验证

• Fine-grained control over access and available features

对访问权限和可用功能进行精细控制

• Custom models are yours alone to use, they are not shared with anyone else

自定义模型仅供您个人使用，不会与任何人共享

Security: Comprehensive compliance        安全性：全面合规性

• We’ve been audited for SOC 2 compliance

我们已经接受了SOC 2合规性审计

• Data encryption at rest (AES-256) and in transit (TLS 1.2+)

静态数据（AES-256）和传输中数据（TLS 1.2+）的加密保护

• Visit our Trust Portal to understand more about our security measures

访问我们的信任门户（Trust Portal），以了解更多关于我们的安全措施的信息

It's up to you to decide whether these commitments are enough for you to be comfortable making requests with (possibly) sensitive data to the OpenAI API. If yes, use the OpenAI API. Otherwise, run your local LLM.

由您来决定这些承诺是否足以让您放心地向OpenAI API发送（可能）敏感数据的请求。如果是的话，请使用OpenAI API。否则，请在您的本地运行大型语言模型（LLM）。

PS：我对官方 信誓旦旦 的数据保密性措施持怀疑态度。