Is ChatGPT safe to use? A plain-English answer, with the four real risks named
ChatGPT is safe for everyday use — writing emails, drafting thank-you notes, looking up recipes — as long as you never paste in your Social Security number, bank credentials, medical records, or anything you would not write on a postcard. The model can be wrong, so check facts before acting on them.
The question gets asked two ways. The first version is the one I hear from people in their seventies who heard about ChatGPT from a grandchild and are not sure whether the thing is going to steal their identity. The second version is the one I hear from people in their fifties who are about to set this up for their mother and want to know what they are signing her up for. Both questions deserve a straight answer rather than a marketing one. So here is the straight answer, and then the four risks that are real, and then the short list of things you should never type into the box.
The honest one-paragraph answer
ChatGPT is roughly as safe as sending an email through Gmail or asking a question on Google. The same company-runs-a-server-somewhere model applies. It is safer than the average phone call from an unknown number and considerably safer than clicking a link in a text message that says your package is being held. The risks that exist are real but specific, and they fall into four buckets rather than one general fog. None of the four is "the AI will become sentient." All four have a sensible response that does not require you to abandon the tool.
The four real risks
1. Data privacy — what happens to what you type. Every message you send to ChatGPT gets stored on OpenAI's servers. By default, on a free or personal account, those messages can also be used to help train future versions of the model. This is not the same as "shared with other users" and it is not the same as "sold to advertisers" — it means the words you typed may become part of an enormous pile of words that teaches the next version what people ask about. The practical risk is small for ordinary questions and meaningful for sensitive ones. You can switch the training-data setting off entirely. OpenAI documents the toggle in its Data Controls FAQ: inside ChatGPT, click your profile, then Settings, then Data Controls, then turn off "Improve the model for everyone." Once it is off, new conversations are not used for training. That single switch resolves about ninety percent of what people are actually worried about when they say "data privacy."
2. Financial scams that use AI against you. The risk here is almost never that ChatGPT itself takes your money. The risk is that other people are using AI tools — not necessarily ChatGPT, often cheaper purpose-built ones — to make scam calls more convincing. The Federal Trade Commission issued a consumer alert in March 2023 about a specific version of this: scammers clone a short clip of a grandchild's voice from a public social-media post, then call a grandparent in a panicked tone asking for bail money. The AARP has been tracking the same trend and calls it the hardest scam to detect because the voice on the phone really does sound like your grandson. The defense is mechanical, not technical: when a family member calls in distress and asks for money, hang up and call them back at the number you already have. That one habit defeats nearly every voice-clone scam currently in circulation. Notice that this risk has very little to do with whether you use ChatGPT. It is a thing happening to people who have never opened the website.
3. Misinformation — the model is sometimes confidently wrong. ChatGPT generates fluent, plausible-sounding sentences. It does not have a small librarian inside it checking each sentence against a reference book. When it does not know an answer, it sometimes invents one in the same calm tone it uses for things it does know. Researchers call this hallucination. The Stanford Law team, working with Stanford's RegLab, published a January 2024 study finding that leading models invented or misstated legal facts in roughly seven of every ten queries about specific court cases. Legal questions are an unusually hard test, but the general lesson holds across other categories: ChatGPT is excellent for drafting and rephrasing, mediocre for facts that have to be exactly right, and unreliable for anything dated, numerical, or jurisdiction-specific. A concrete example: ask ChatGPT for your senator's current office phone number and there is a real chance it will give you a real-looking number that belongs to nobody. Ask it to help you draft a polite letter to that same senator, and it will do a clean job. The first task requires a fact that has to be exactly right; the second is a writing task with the facts already in your head. The defense is simple — treat the answers as a smart draft to verify, not as a citation. For a doctor's-visit prep list, that is fine. For "what year did my insurance policy renew," look at your insurance policy instead.
4. Identity and impersonation — including voice cloning. This is the risk that gets the loudest press coverage and the one that gets the most exaggerated. The reality: AI voice-cloning tools exist, they are cheap, and they work from a clip as short as thirty seconds. The realistic scenario for an older adult is not that someone clones your voice — it is the same family-emergency call described above, where someone clones a grandchild's voice and uses it against you. Defense, again, is the callback rule, plus one optional addition some families adopt: a simple spoken code word agreed in advance, so that a real grandchild can prove their identity over the phone in the rare case they actually need help. The FTC has, since its 2023 alert, launched a separate Voice Cloning Challenge to encourage detection tools. The technology will keep getting better at imitation, and the only defense that scales is the callback rule. Write it on a card. Tape it to the desk.
The five things to never paste in
These five are the entire list. If you avoid pasting these into ChatGPT, you have handled the vast majority of the practical risk.
- Your Social Security number, or anyone else's. Not in a question. Not in a sample form. Not even as "let's say my SSN is 123-45-6789, write me a letter." Use the placeholder
[SSN]instead. ChatGPT will understand. - Bank account numbers, credit card numbers, and the CVV on the back. Same rule. Use a placeholder.
- Passwords or login credentials of any kind. Including the password you are about to use for the new ChatGPT account itself. There is no scenario in which ChatGPT needs to know your password to help you with anything.
- Detailed medical records — test results, prescriptions, full diagnoses with your name attached. It is fine to ask "what is metoprolol and what is it for." It is not fine to paste in the full lab report with your name and date of birth at the top. If you want to simplify a medical letter, retype the relevant paragraph and remove the identifying header before you paste.
- Anything that identifies a minor in your family — a grandchild's full name, school, address, daily schedule. This is the one most people forget. Helping a grandchild with homework is fine. Pasting in their full name, the name of their school, and the time their bus arrives is not.
Notice what is not on this list. Your first name. The general topic of your medication. The fact that you have a doctor's appointment Tuesday. The contents of a thank-you note you are writing to a neighbor. The recipe you are trying to halve. None of that is sensitive in any meaningful sense.
What I notice about the people who actually use ChatGPT a year after they signed up, versus the people who quit in the first week, is that the year-later people internalized two small habits early: they keep the five-item list somewhere they can see it, and they treat the answers as a draft rather than a verdict. The rest is muscle memory. If you'd like those reminders printed and sent — the kind of card that ends up taped to a desk — that's the one-page plan I send free. If you'd rather skip ahead to the full setup binder with the longer reference inside, it's $19. And if you haven't actually signed up yet and want the numbered walkthrough first, I wrote that piece before this one.
— Shawn Ivie Founder, Plain English Company