CoinMarketCap
Legal Bases for AI
Both the Privacy Notice and Terms of Use have dedicated sections explicitly mentioning 'AI Services' and 'generative AI features', indicating clear disclosure.
Interaction with Our AI Services
The Service may contain generative AI features ("AI Features" or "AI")
Processing user input and feedback to deliver AI services.
we collect your content included in your input or feedback. This information enables us to process your requests and deliver the AI Services you choose to use.
Real-time processing of voice input to create text transcription for AI services.
your voice is processed in real time to create a text transcription that allows the AI Services to respond.
Providing generative AI features that produce outputs based on user inputs.
The Service may contain generative AI features ("AI Features" or "AI") and by using these AI Features, you understand and agree that your use is subject to the applicable Terms, disclaimers, and information about AI Features which may be made available to you on the Platform from time to time.
Monitoring, modifying, or removing AI-generated content.
CMC reserves the right, in its absolute discretion, to monitor, modify or remove any AI generated or related content in the Service
The AI features involve content processing and generation based on user inputs. The policy warns of risks like inaccurate or inappropriate outputs and places responsibility on the user to verify them. While there's no explicit mention of automated decision-making or profiling with significant legal effects, the generative nature and potential for errors suggest a medium impact.
The policy states that user inputs 'may be retained and used by the AI' and warns users not to include personal data they don't want retained or used, implying that if personal data is included, it will be used by the AI, which includes for training purposes.
When using AI Features, outputs are generated based on the information you input and your inputs may be retained and used by the AI. You are responsible for ensuring that your inputs do not contain any personal or sensitive data or any information that you do not want AI to retain or use
The Privacy Notice states that content, input, and feedback are collected for AI Services, and the Terms of Use clarify that these inputs 'may be retained and used by the AI,' which strongly implies use for training and improvement of the AI models.
When you use our Services involving the use of artificial intelligence (“AI Services”), we collect your content included in your input or feedback.
your inputs may be retained and used by the AI.
The policy does not explicitly state that public content (e.g., community-generated content from other users) is used for AI training. It only mentions user inputs and feedback directly to the AI services.
The policy explicitly states that user inputs for AI features are shared with third-party providers for the operation of these features, which includes their underlying AI models.
As part of the operation of the AI Features, your inputs would be shared with and processed by these third-party providers.
Despite a comprehensive privacy policy that covers user rights and supports major regulations, CoinMarketCap has a very low deterministic privacy score (0/70) and has experienced a recent data breach. This indicates significant gaps in actual privacy practices and security implementation, posing a high risk to user data.
Recommended Actions
Exercise extreme caution when sharing personal or sensitive information with CoinMarketCap.
Ensure you use a strong, unique password and enable two-factor authentication (2FA) for your account.
Regularly review your account's privacy settings and consider minimizing the data you provide.
Be aware of potential phishing attempts following the data breach and monitor your accounts for suspicious activity.