Wrote an academic paper on privacy and consent in AI training data while finishing my degree: where the large datasets behind generative AI systems actually come from, and what it means that most of that content was scraped without the people who wrote it ever consenting to have it used that way.
The core tension I kept coming back to: a deontological view says using someone's data without consent violates their autonomy, full stop. A utilitarian view says if the resulting systems produce enough societal benefit (healthcare, safety, education), the violation might be justifiable. Neither framework resolves cleanly on its own, which is sort of the point, most real AI ethics questions live in that gap.
Drew on the research that's shaped this debate: Gebru et al.'s "Datasheets for Datasets," Bender et al.'s "On the Dangers of Stochastic Parrots," Zuboff's "The Age of Surveillance Capitalism," and Carlini et al.'s work showing that training data can sometimes be extracted back out of a model's outputs, which complicates any claim that "public data" is automatically fair game. GDPR's standard, informed and freely given consent, is a good bar on paper and almost never met in practice for how these datasets actually get built.
Still think the most useful framing from that paper: privacy isn't just about secrecy, it's about context. A comment someone wrote on a forum was produced inside a specific context, meant for specific readers. Stripped of that context and fed to a model as anonymous training signal, something real is lost even if the words themselves stay public. That's the question I don't think the field has actually answered yet.
İzmir Kâtip Çelebi Üniversitesi