Hundreds of thousands of conversations with Elon Musk’s AI chatbot Grok have become publicly accessible on Google and other search engines without users’ explicit knowledge. The chatbot’s “share” button creates unique links to share chats, but these links are automatically indexed by search engines, making sensitive dialogues searchable by anyone online.

Over 370,000 Grok conversations, including personal, medical, and even dangerous requests, such as how to make drugs and bombs, have been exposed. Experts warn that once leaked online, these chats are virtually permanent, sparking urgent calls for better privacy safeguards from AI companies.

Grok Conversations Made Public Without User Consent

Grok’s interface allows users to share transcripts via a unique URL when they hit the “share” button. However, these URLs are automatically turned into publicly available web pages without sufficient user warning. Search engines like Google, Bing, and DuckDuckGo have indexed more than 370,000 such pages, exposing conversations ranging from routine tasks, like requesting meal plans or secure passwords, to alarming and explicit content.

For example, some users asked for instructions on synthesising fentanyl, constructing explosives, or even plotting an assassination attempt on Elon Musk. Many users shared personal data including passwords and confidential medical queries, unaware that this sensitive information was now searchable worldwide.

xAI, the company behind Grok, declined to comment when approached by journalists. In contrast, OpenAI quickly addressed a similar situation with ChatGPT by removing a public sharing feature after strong backlash. Elon Musk had previously mocked OpenAI’s approach, declaring “Grok ftw” on social media, yet Grok’s lack of clear notifications or privacy safeguards has resulted in arguably a more extensive exposure of user data.

The Growing Privacy Risks of AI Chatbots

As AI chatbots become an everyday tool for personal, professional, and emotional support, the risks of exposing highly sensitive data multiply. Users often treat AI conversations as confidential but may unintentionally share details that become permanent public records if sharing features are mismanaged. Experts caution that “once leaked online, these conversations will stay there forever,” highlighting the need for built-in security measures that prevent automatic public indexing without explicit consent.

This incident shines a light on the broader challenges tech companies face balancing innovation and user privacy. While viral sharing features drive engagement, they must be developed with transparent communication and prioritisation of data protection to avert privacy disasters. Users, too, must exercise caution before sharing sensitive information with AI platforms.

The Logical Indian’s Perspective

The Logical Indian stresses that technological advancement must go hand-in-hand with the highest standards of privacy and ethics. As AI reshapes human interaction, companies bear a responsibility to embed strong privacy protections and ensure users are fully informed of data use risks. Equally, users need greater awareness about the permanence and reach of online content, even when interacting with AI.

We advocate for open dialogue, accountability, and proactive privacy frameworks that empower users while fostering trust in AI technologies.