Amid privacy and cybersecurity concerns and recent bans in various countries, artificial intelligence (AI) company OpenAI has released a plan to address vulnerabilities.
On April 11, OpenAI, the company behind ChatGPT, announced the launch of the OpenAI "bug bounty program" to help identify and address vulnerabilities in its systems. According to the announcement, the program rewards security researchers for their contributions to securing OpenAI's technology and company. OpenAI invites the global community of security researchers, ethical hackers, and tech enthusiasts to offer bounties for eligible vulnerability information. The artificial intelligence company believes that expertise and vigilance will have a direct impact on keeping its systems secure and keeping users safe.
The plan follows a statement by Chief Cabinet Secretary Hirokazu Matsuno on Monday that Japan will consider incorporating artificial intelligence technology into government systems if privacy and cybersecurity concerns are resolved.
OpenAI suffered a data breach on March 20, when user data was exposed to another user due to a bug in the open-source library. In the announcement, OpenAI said it has partnered with bug bounty platform Bugcrowd to manage the submission and reward process, with the aim of ensuring a streamlined experience for all participants. Cash awards will be awarded based on the severity and impact of the reported issues. Rewards range from $200 for low-severity findings to $20,000 for exceptional findings.
Safe Harbor protection is provided for vulnerability research conducted according to specific guidelines listed by OpenAI. Researchers are expected to comply with all applicable laws.
If a third party takes legal action against a security researcher participating in the OpenAI bug bounty program, and the researcher complies with the program's rules, OpenAI will inform others that the researcher's behavior complies with the program's guidelines. This is because OpenAI's systems are connected to other third-party systems and services.
