OpenAI Unveils A Long Overdue Bug Bounty With Rewards For ChatGPT Flaws

OpenAI, well known for its ChatGPT service, announced its Bug Bounty Program as a way for the company to recognize and reward the insights of those who report vulnerabilities, bugs, or security flaws in its AI technology. The company is offering security researchers, programmers, and ethical hackers anywhere from $200 for low-severity findings up to $20,000 for "exceptional discoveries."

The Bug Bounty Program went live yesterday following the announcement, and just days after ChatGPT was banned in Italy for a suspected breach of privacy rules. Italy's data protection agency has set an end-April deadline for OpenAI to meet its demands on data protection and privacy before its ChatGPT chatbot service can resume service in the country. It also follows an open letter signed by the likes of Elon Musk and Steve Wozniak, asking for a six-month pause on giant AI experiments.

While the program does encourage those participating to scour the functionality of ChatGPT, it says it does not include finding any incorrect or malicious content produced by OpenAI systems. "Issues related to the content of model prompts and responses are strictly out of scope, and will not be rewarded," according to a statement made by OpenAI on its Bugcrowd website. For those types of incidents, the company says they should be submitted via the company's model feedback page.

Bugcrowd is a leading bug bounty platform that will help OpenAI manage the submissions and reward process. Anyone who would like to view the policy and read more about the program can visit OpenAI's Bugcrowd webpage.

At the time of writing, 14 vulnerabilities have been rewarded, with validation taking place in about 3 hours and an average payout of $1,287.50. There are currently a total of 592 people who have joined the Bug Bounty Program, according to the website.