Imagine being asked to upload your actual work documents from previous jobs to help train artificial intelligence. That’s exactly what OpenAI is reportedly asking contractors to do, according to a WIRED report obtained by TechCrunch. The AI giant, working with training data company Handshake AI, is requesting third-party contractors to describe tasks they’ve performed at other jobs and upload examples of “real, on-the-job work” they’ve actually done. These examples can include concrete outputs like Word documents, PDFs, PowerPoint presentations, Excel files, images, and repositories.
The Data Collection Strategy
This approach represents a significant shift in how AI companies are gathering training data. Rather than relying solely on publicly available information or synthetic data generation, OpenAI appears to be seeking authentic workplace scenarios to evaluate its next-generation AI models. The company reportedly instructs contractors to delete proprietary and personally identifiable information before uploading, pointing them to a ChatGPT “Superstar Scrubbing” tool for this purpose.
However, intellectual property lawyer Evan Brown told WIRED that any AI lab taking this approach is “putting itself at great risk” with an approach that requires “a lot of trust in its contractors to decide what is and isn’t confidential.” An OpenAI spokesperson declined to comment on the report, leaving questions about data security and intellectual property protection unanswered.
Broader Industry Context
This data collection effort comes at a time when AI companies are facing increasing scrutiny over their practices. Just this week, Malaysia and Indonesia became the first countries to block access to Elon Musk’s AI chatbot Grok on his X platform due to its ability to generate sexually explicit deepfakes. The tool has been used to edit images of real people into revealing outfits, with concerns about non-consensual content involving women and children.
Indonesian communications and digital affairs minister Meutya Hafid stated: “Using Grok to produce sexually explicit content is a violation of human rights, dignity and online safety.” The UK is also considering action against Grok for violating online safety laws, with Technology Secretary Liz Kendall supporting blocking X for online safety violations.
The Regulatory Landscape Intensifies
Meanwhile, a separate incident highlights the risks of AI implementation in professional settings. The EU Cybersecurity Agency (ENISA) recently admitted that two of its reports contained numerous hallucinated sources that researchers believe were generated by AI. In one report, 26 of 492 footnotes were found to be false, with links containing LLM-typical errors.
Christian Dietrich, a professor at Westf�lische Hochschule who investigated the reports, criticized the agency: “Mich st�rt ma�geblich, dass eine �ffentliche Beh�rde, die in meinen Augen die sehr wichtige Aufgabe hat, verl�ssliche, nachvollziehbare Berichte herauszugeben, das in diesem Fall nicht getan hat. Man h�tte nur einmal draufklicken m�ssen.” (“What bothers me significantly is that a public authority, which in my eyes has the very important task of issuing reliable, traceable reports, has not done so in this case. You would only have had to click once.”)
Data Transfer Realities
The tension between AI development and data protection is further complicated by global business realities. According to a Bitkom study, 62% of German companies transfer personal data to countries outside the European Union. The USA is the most important destination country for data transfers, with 61% of companies sending data there, followed by the UK (43%), India (24%), Japan (13%), and China (12%).
Susanne Dehmel, a member of Bitkom’s management board, emphasized: “Internationale Datentransfers sind unverzichtbar f�r eine globale Wirtschaft.” (“International data transfers are indispensable for a global economy.”) The study found that 75% of companies expect higher costs if they had to refrain from processing personal data outside the EU, while 71% fear competitive disadvantages against competitors from non-EU countries.
The Business Implications
This creates a complex landscape for AI companies like OpenAI. On one hand, they need high-quality, real-world data to improve their models and compete in the rapidly evolving AI market. On the other hand, they face increasing regulatory pressure and public scrutiny over data privacy and ethical concerns.
The situation is particularly challenging because different regions have different approaches to AI regulation. While the EU is developing comprehensive AI regulations, countries like Malaysia and Indonesia are taking more targeted actions against specific AI applications they deem harmful. Meanwhile, businesses continue to operate in a global environment that requires international data transfers.
Looking Forward
As AI continues to transform workplaces, the tension between innovation and regulation will likely intensify. Companies developing AI tools will need to navigate increasingly complex legal landscapes while maintaining public trust. The OpenAI contractor situation, combined with the Grok bans and ENISA incident, suggests that 2026 may be a pivotal year for establishing clearer guidelines around AI development and deployment.
What remains clear is that the race for better AI models cannot come at the expense of data privacy, intellectual property rights, or ethical considerations. As businesses increasingly rely on AI tools, they’ll need to carefully consider not just what these tools can do, but how they were developed and what risks they might pose to their operations and reputation.