AI-powered chatbots (ChatGPT, Claude, etc.) require users to create an account using their email and phone number, thereby linking their personally identifiable information to their conversational data and usage patterns. As these chatbots are increasingly being used for tasks involving sensitive information, privacy concerns have been raised about how chatbot providers handle user data. To address these concerns, we present ProxyGPT, a privacy-enhancing system that enables anonymous queries in popular chatbot platforms. ProxyGPT leverages volunteer proxies to submit user queries on their behalf, thus providing network-level anonymity for chatbot users. The system is designed to support key security properties such as content integrity via TLS-backed data provenance, end-to-end encryption, and anonymous payment, while also ensuring usability and sustainability. We provide a thorough analysis of the privacy, security, and integrity of our system and identify various future research directions, particularly in the area of private chatbot query synthesis. Our human evaluation shows that ProxyGPT offers users a greater sense of privacy compared to traditional AI chatbots, especially in scenarios where users are hesitant to share their identity with chatbot providers. Although our proof-of-concept has higher latency than popular chatbots, our human interview participants consider this to be an acceptable trade-off for anonymity. To the best of our knowledge, ProxyGPT is the first comprehensive proxy-based solution for privacy-preserving AI chatbots. Our codebase is available at https://github.com/dzungvpham/proxygpt.

翻译：AI驱动的聊天机器人（如ChatGPT、Claude等）要求用户使用电子邮件和电话号码创建账户，从而将个人可识别信息与其对话数据和使用模式相关联。随着这些聊天机器人越来越多地用于涉及敏感信息的任务，关于聊天机器人提供商如何处理用户数据的隐私问题日益凸显。为解决这些问题，我们提出了ProxyGPT，一个增强隐私的系统，能够在主流聊天机器人平台中实现匿名查询。ProxyGPT利用志愿者代理代表用户提交查询，从而为聊天机器人用户提供网络层面的匿名性。该系统设计支持关键安全特性，包括通过TLS支持的数据溯源实现内容完整性、端到端加密以及匿名支付，同时确保可用性和可持续性。我们对系统的隐私性、安全性和完整性进行了全面分析，并指出了多个未来研究方向，特别是在私有聊天机器人查询合成领域。我们的人工评估表明，与传统AI聊天机器人相比，ProxyGPT为用户提供了更强的隐私感，尤其是在用户不愿向聊天机器人提供商透露身份的场景中。尽管我们的概念验证系统比主流聊天机器人具有更高的延迟，但参与人工访谈的用户认为这是为获取匿名性可接受的权衡。据我们所知，ProxyGPT是首个基于代理的、保护隐私的AI聊天机器人综合解决方案。我们的代码库已发布于https://github.com/dzungvpham/proxygpt。