In June 2023, New York attorney Steven Schwartz filed a legal brief citing six cases against Avianca Airlines. The brief was detailed, confident, and almost entirely invented. Schwartz had asked ChatGPT to help research precedents, and the model fabricated case names, judges, courts, and holdings β none of which existed. When Avianca's lawyers searched the databases, they found nothing. Federal Judge P. Kevin Castel sanctioned Schwartz $5,000 and called the submission "an unprecedented circumstance." Schwartz later testified he had not known an AI could "just make things up."
This was not a fringe failure. It was a demonstration of a structural property of large language models: they generate plausible-sounding text, not verified fact. The lesson is simple and non-negotiable β AI output must always be treated as a draft to verify, not a source to cite.
Large language models predict the next token based on patterns in training data. They have no internal truth-checker, no live connection to databases of verified facts, and no mechanism that prevents them from completing a sentence with a plausible-sounding fabrication. Researchers call this behavior hallucination, but the term understates the problem: the model does not know it is hallucinating. It produces wrong information with the same confident fluency as correct information.
A 2023 Stanford study of AI legal tools found error rates ranging from 17% to 33% on basic legal questions β meaning roughly one in four answers contained a significant inaccuracy. Microsoft and Google have both issued public warnings that their own AI products can produce factually incorrect outputs. This is not a bug awaiting a patch; it is an inherent characteristic of the technology in its current form.
Confidence is not accuracy. An AI that states something with zero hedging may be entirely wrong. The absence of a disclaimer is not evidence of correctness.
Ethical AI citizenship begins with a practical habit: never use an AI-generated claim in a consequential context without independently verifying it. What counts as consequential? Any situation where an error could harm someone β health decisions, legal actions, financial choices, academic submissions, professional advice, or news you share with others.
Verification means checking against a primary source: an official database, a peer-reviewed publication, a government record, or a known authoritative outlet. It does not mean asking a second AI. Two language models trained on similar data can produce the same confident error simultaneously. Only a source external to AI β a library database, a court record, a medical journal β constitutes a genuine check.
IBM's own AI ethics guidelines published in 2023 explicitly include "explicability" β the requirement that AI outputs be traceable to sources β as a core principle. When a system cannot tell you where its answer came from, your verification burden increases, not decreases.
Some categories of AI output carry systematically elevated error risk. Specific numbers and statistics β dates, percentages, citations β are frequently fabricated because they are structurally common in training text but hard to verify from context alone. Named individuals are another red flag: AI systems have falsely attributed quotes, credentials, and even crimes to real people. In 2023, a defamation claim was filed against OpenAI after ChatGPT generated a false description of a legal scholar's arrest record. The scholar, Mark Walters, had never been accused of any crime.
Medical and legal advice is a third high-risk category, not only because errors can cause direct harm but because professional liability systems exist precisely to hold experts accountable β a standard AI cannot meet. The ethical response is not to avoid AI tools in these domains entirely, but to use them as a first-pass research assistant and then involve a qualified human professional for any decision with real stakes.
Before sharing or acting on AI output: (1) Is this a consequential claim? (2) Can I find it in a primary source? (3) Does the AI say where it came from? (4) Would I be comfortable if an expert examined my source chain? If any answer is "no," verify before proceeding.
Below is a simulated AI assistant. Your task is to probe it with questions about legal cases, statistics, or named facts β then discuss with it how you would verify its claims in the real world. Try to get it to produce something you'd want to double-check, then explore the verification strategy together.
In March 2023, Samsung Electronics employees at its semiconductor division discovered a bug and turned to ChatGPT for help debugging confidential source code. Within weeks, Samsung's internal security team confirmed that three separate employees had uploaded proprietary chip design schematics, internal meeting notes, and performance test data to OpenAI's servers. Samsung had no mechanism to retrieve or delete the information. The company promptly banned internal ChatGPT use β but the data was already gone.
Samsung's incident was not unique. It was just the first major corporation to publicize it. Cybersecurity firm Cyberhaven estimated in 2023 that workers were pasting sensitive company data into AI tools at the rate of tens of thousands of incidents per week across its client base alone. The lesson for individuals is identical: once information enters a commercial AI system, you have no reliable right to its deletion, no visibility into how it is stored, and no certainty it will not surface in future model outputs.
Commercial AI chatbots are generally governed by terms of service that allow the provider to use conversation data for model training, unless a user actively opts out β a setting most users never locate. OpenAI's privacy policy as of 2024 states that conversation content may be used to "improve our models." Google's Gemini terms contain similar language. Apple Intelligence, by contrast, processes most requests on-device and explicitly commits to not using Siri queries for training, illustrating that the privacy risk is a business choice, not a technical inevitability.
More immediately, AI provider servers can be subpoenaed. In theory, your conversation with a chatbot about a legal problem, a health condition, or a business plan is accessible to law enforcement with a court order β and to anyone who breaches the provider's security systems. In 2023, OpenAI disclosed a bug that had briefly exposed some users' chat histories to other users. Data breaches of AI providers are not hypothetical; they are a documented reality.
Never enter into an AI system anything you would not write on a postcard visible to your employer, your government, and the general public. This includes: names and contact details of third parties, medical symptoms tied to your identity, proprietary business information, financial account details, or anything shared with you in professional confidence.
Privacy in AI use is not only about protecting yourself. When you paste an email from a colleague into an AI to "fix the tone," you are submitting that colleague's words β potentially their personal disclosures, professional vulnerabilities, or confidential communications β to a third-party system without their consent. When you describe a friend's medical situation to get AI health advice, you are violating their medical privacy.
The EU's General Data Protection Regulation (GDPR) explicitly addresses this. Article 6 requires a lawful basis for processing personal data, and "I wanted AI help" is not one of the listed bases. In 2023, Italy's data protection authority, the Garante, temporarily banned ChatGPT entirely on grounds that it had no legal basis for processing Italian users' data. OpenAI responded by implementing age verification and clearer opt-out mechanisms β but only because a regulator forced the issue.
The ethical AI citizen asks, before submitting any information about another person: Has this person consented? Would they want this data in an AI training corpus? Could this information harm them if it appeared in a future AI output?
Protecting privacy when using AI tools requires a few consistent habits. First, anonymise before submitting: replace real names with placeholders, strip identifying details, and describe situations at a level of abstraction that removes personal identifiers. Second, review your provider's data retention settings: most major platforms now allow users to turn off conversation history or to request deletion. Third, use on-device or privacy-preserving tools for sensitive tasks β several AI tools process data locally and make explicit contractual commitments against training use. Fourth, treat professional data as categorically off-limits: even if your employer hasn't banned AI tools, submitting client data, patient records, or trade secrets may violate professional ethics codes, confidentiality agreements, or law.
Run a quick mental audit: Does this text contain a real name? A real address, phone, or email? Medical, financial, or legal details? Someone else's confidential communication? If yes β anonymise or rethink. The thirty seconds this takes is insurance against consequences that can last years.
Work with the AI assistant to develop your privacy hygiene skills. Present real-world scenarios involving personal data and explore together how to anonymise them, what the risks are, and what the GDPR-compliant approach would be.
On 25 January 2024, robocalls reached tens of thousands of New Hampshire voters carrying the voice of President Joe Biden urging them not to vote in the primary. The message was a deepfake β a synthetic audio clone created using publicly available AI voice tools. The audio was close enough to the real Biden that many recipients did not question it. New Hampshire's Attorney General opened a criminal investigation. The calls were traced to a political consultant, Steve Kramer, who had hired a vendor to produce them. The vendor used ElevenLabs, a voice synthesis platform, which subsequently banned the account.
This was not an isolated experiment. A 2024 survey by the AI Democracy Projects found that 85% of respondents could not reliably distinguish AI-generated audio from real recordings in a blind test. The technology had outpaced human perception β which is precisely why detection skills, critical habits, and institutional safeguards must compensate where the ear cannot.
AI-enabled manipulation operates across several distinct modes. Deepfake video involves replacing a person's face or body in existing footage, or generating entirely synthetic video of a person who may not exist. The 2023 Hong Kong deepfake fraud saw a finance worker transfer $25 million after a video call featuring what appeared to be his company's CFO β a fully synthetic AI-generated avatar that had mimicked the CFO's appearance and voice in real time.
Voice cloning can replicate an individual's vocal signature from as little as three seconds of sample audio. AI phone scammers have used cloned voices of adult children to convince elderly parents they have been in accidents and need immediate wire transfers. The FBI issued warnings about this tactic in 2023 and 2024, documenting multi-million-dollar losses.
Synthetic text and personas involve AI-generated social media accounts, reviews, comments, and news articles designed to look like independent human expression. In the 2024 US election cycle, Meta and X both removed networks of AI-generated accounts publishing coordinated political content, with Meta attributing some clusters to operators in Iran and Russia.
No single check is reliable. Use a cluster approach: (1) Does the image or video contain unnatural lighting, edge blurring, or inconsistent shadows? (2) Does audio have metallic undertones, unnatural breathing, or robotic vowel shaping? (3) Does the account have no coherent history before a specific date? (4) Does the content trigger a strong emotional response while providing no verifiable source? Multiple "yes" answers should trigger verification, not belief.
A consistent property of AI-generated manipulation is its targeting of emotional states. The fake Biden robocall told voters they were helping by staying home. Deepfake scam calls tell targets their family member is in immediate danger. AI-generated political content is engineered to produce outrage, fear, or tribal solidarity β all states that suppress critical evaluation.
Researchers at MIT's Media Lab have documented what they call the "emotional bypass" effect: content that triggers high emotional arousal is significantly less likely to be fact-checked before sharing. This is not a character flaw. It is a documented feature of human cognitive architecture β and the engineers of manipulation platforms are aware of it and design for it. The ethical AI citizen's counter-strategy is a deliberate pause: notice the emotion, then apply the verification habit before acting or sharing.
Recognising manipulative AI content creates an obligation. Sharing content you suspect is synthetic β even to mock or debunk it β amplifies it. Research consistently shows that exposure to a claim, even in a correction, increases its perceived plausibility (the "illusory truth" effect). The ethical response to suspected deepfakes or synthetic disinformation is: do not share it, report it to the platform, and if it relates to electoral integrity or fraud, report it to relevant authorities (in the US, the FBI's IC3; in the UK, Action Fraud; in the EU, national police cybercrime units).
Platforms have formal reporting pathways for synthetic media. Meta, YouTube, TikTok, and X all have content categories specifically for AI-generated or manipulated media. Using these pathways is not optional activism β it is the mechanism by which platforms build the datasets they use to detect and remove such content at scale.
Before sharing any content involving a public figure, a dramatic claim, or emotional urgency: (1) Notice the emotion it produces. (2) Ask: does this come from a verifiable source? (3) Search the claim on a fact-checking service (Snopes, FactCheck.org, PolitiFact, AFP Fact Check). (4) If you cannot verify it in two minutes, do not share it. Withholding unverified viral content is always the correct action.
Work with the AI assistant to sharpen your detection skills. Describe scenarios involving viral content, suspicious audio or video, or emotionally charged political claims β and explore together the detection frameworks, reporting pathways, and reasoning strategies that apply.
In 2019, workers at Google organised what became known as the Google Walkout β a protest by over 20,000 employees across 50 offices worldwide, initially over sexual harassment policies but quickly expanding to include demands about AI ethics, specifically Google's Project Maven contract supplying AI image-recognition software to the US military for drone targeting. The employees wrote an open letter, walked out, and continued internal advocacy. By 2019, Google had declined to renew the Maven contract. By 2023, former Googler Meredith Whittaker β one of the walkout organisers β was president of the Signal Foundation, building privacy-preserving infrastructure used by millions.
The Maven case is not an isolated story of insider activism. It demonstrated that collective voice β from users, workers, and citizens β can change outcomes at the largest technology organisations in the world. The question for every AI user is: how do I make my voice count?
Individual choices are the first level. Every time you choose a privacy-respecting AI tool over a data-hungry alternative, you send a market signal. Every time you report manipulative content rather than scroll past it, you contribute to enforcement datasets. Every time you request your data be deleted under GDPR or CCPA rights, you exercise a legal mechanism that costs companies compliance resources. These individual acts are not symbolic gestures β they are inputs into the systems that govern AI development.
Collective demands are the second level. Consumer organisations, civil society groups, academic researchers, and professional bodies have shaped AI policy in documented ways. The Campaign for AI Safety, a coalition including AI researchers and civil society advocates, directly influenced the UK AI Safety Institute's formation in 2023. The AI Now Institute at NYU, founded by Kate Crawford and Meredith Whittaker, produced research that was cited in multiple regulatory proposals across the EU and US. You do not need to be a researcher β joining, donating to, or amplifying organisations doing this work multiplies their influence.
Democratic participation is the third and most powerful level. AI regulation is being written now β in Brussels, Washington, London, and Geneva. The EU AI Act, passed in 2024 after three years of public consultation and lobbying, contains provisions that directly affect what AI companies must disclose, what systems are prohibited, and how citizens can seek redress. The consultation process included public submissions β and civil society comments shaped specific provisions. Writing to elected representatives, submitting comments on proposed regulations, and voting for candidates with coherent AI policy positions are all mechanisms with documented effect.
Ethical AI citizenship includes using formal feedback mechanisms, not just informal frustration. Most major AI providers have published ethics feedback channels β Anthropic's Acceptable Use Policy includes a reporting form; OpenAI has a vulnerability and safety reporting programme; Google has an AI Principles feedback mechanism. Using these is more effective than venting on social media because it enters records that internal ethics teams can cite in internal policy debates.
Under the EU AI Act's high-risk AI provisions, individuals who are subject to decisions made by regulated AI systems have the right to explanation and the right to contest those decisions. The UK's Equality Act and the US Equal Credit Opportunity Act both create legal pathways for challenging AI decisions in areas like hiring, credit, and housing. These rights exist but go largely unused because people do not know about them. An informed citizen who exercises these rights creates case law and enforcement precedent that protects others.
The gap between those who understand AI systems and those who do not is itself an ethical issue β it concentrates vulnerability in already-marginalised communities. Ethical AI citizenship extends to sharing knowledge. Explaining AI hallucination to a grandparent who gets medical advice from chatbots, discussing deepfake detection with a teenager who consumes political content on TikTok, helping a small business owner understand what data their AI tools are collecting β these acts have direct protective effect on people around you.
The Partnership on AI, a multi-stakeholder organisation including major tech companies and civil society groups, has documented that AI literacy programmes in schools and community settings measurably reduce susceptibility to AI-generated disinformation and increase reporting rates of manipulative content. Knowledge transmission is not charity β it is the infrastructure of collective resilience.
Review the privacy settings on any AI tool you use. Opt out of training where available. Report one piece of suspicious content. Look up your local representative's position on AI regulation.
Join or support an AI policy organisation. Share AI literacy with one person in your community. Submit a public comment on a proposed AI regulation. Exercise your data rights under GDPR or CCPA.
Ethical AI citizenship is not passive. It is not sufficient to simply avoid harm in your own use. The systems being built today will affect billions of people who have no voice in their design. Every citizen who understands these systems, demands accountability, shares knowledge, and participates in governance is part of the mechanism by which AI is made more ethical. This course has given you the framework. What you do with it is the question that matters now.
Work with the AI assistant to develop a concrete, personal plan for ethical AI citizenship. Discuss how you would exercise your data rights, what organisations you might support, how you'd approach spreading AI literacy in your community, and how you'd engage with AI policy processes.