OpenAI Just Got Served a Subpoena. Should Website Owners Using ChatGPT APIs Be Concerned?

Openais Subpoena What Website Owners Need To Know
Jordan Sprogis

Writer: Jordan Sprogis

Jordan Sprogis

Jordan Sprogis, Contributing Expert

Jordan Sprogis is a creative writer and tech researcher who has been working on online content for the better part of a decade. She holds a bachelor's degree in professional writing from Western Connecticut State University and has devoted much of her career to crafting content for various web verticals, including CyberSpyder and The Echo. Since joining HostingAdvice, Jordan has combined her storytelling ability with her fascination for advancements in technology to pen over 500 articles geared toward industry pros and newcomers alike.

See Full Bio »
Close
Lillian Castro

Editor: Lillian Castro

Lillian Castro

Lillian Castro, Senior Editor

Lillian Castro brings more than 30 years of editing and journalism experience to our team. She has written and edited for major news organizations, including The Atlanta Journal-Constitution and the New York Times, and she previously served as an adjunct instructor at the University of Florida. Today, she edits HostingAdvice content for clarity, accuracy, and reader engagement.

See Full Bio »
Close
Cristian Lopez

Reviewer: Cristian Lopez

Cristian Lopez

Cristian Lopez, News Manager

Cristian Lopez uses his Business Marketing background from the University of Illinois at Chicago to create comfortable environments for customers, clients, and colleagues to share their thoughts and ideas openly. From interviewing tech leaders to conducting UX market research projects, Cristian knows the importance of storytelling — a key variable for innovation and inspiration. His goal at HostingAdvice is to wow readers on the ever-evolving nature of the tech industry and bring his audience the most reliable and exciting content on all things hosting.

See Full Bio »
Close
Posted:
Follow the HostingAdvice team for a daily dose of tech news, trending IT discussions, and interviews with the web's most innovative technologists.
Follow Us:
1k
1k

Key Takeaways

It turns out that embedding a chatbot which tells users anything they want to hear comes with more legal problems than some hosting providers may have realized.

Last week, a coalition of state attorneys general (AGs) opened a formal investigation into OpenAI. This comes just months after the group wrote a warning letter in December, citing dangers around the chatbot’s advertising practices, user data handling, minor usage, and sycophancy.

And more specifically, how the developers and providers who deploy these APIs on client sites could be held accountable for its outputs.

Here’s what the attorneys general warned about six months ago before the subpoena landed on June 12, and how the responsibility of this investigation could mean landing in providers’ laps.

#1: Developers Can Be On the Line

This bit may be the most important line in the entire warning letter as it could directly pertain to website owners, developers, and agencies:

“Even after release, the onus falls on the company to continue to monitor for and remediate harmful outputs that endanger consumers.” — p. 6

Some of the behaviors now under investigation didn’t look obvious until after they were added everywhere and began interacting with millions of people. One of the most obvious turnouts was sycophancy.

If sycophancy is a 100-dollar-word for you, it refers to ChatGPT’s tendency to not push back against harmful user statements. We’ve all seen it on the news — as of mid-2026, OpenAI is facing more than a dozen lawsuits, all alleging that ChatGPT contributed to suicides, psychotic delusions, stalking, and at least one murder-suicide.

Long story short: If an AI system is interacting with your users, the responsibility may fall on you to continuously monitor it. And truthfully, it should probably be addressed in your terms of use anyway as a bit of classic CYA.

#2: What You Market Matters

Could AI products like chatbots be treated the by the same consumer protection standards that already apply to other digital services? The AGs argue that their existing state laws may already apply:

“Our states have laws with civil and common law requirements: (1) to warn users of applicable risks, (2) to avoid marketing defective products, (3) to refrain from engaging in unfair, deceptive, or unconscionable acts and practices, and (4) to safeguard the privacy of children online.” — p. 5

If you built a client site that features an AI chatbot that is marketed as anything similar to safe, smart, or helpful, it could be considered as an implicit product claim. As in, if the model behaves in ways that contradict that, it could become your problem.

Again, this is a warning letter, so it doesn’t mean that every mistake a chatbot makes suddenly becomes a legal liability. But the important thing to note is that there are a lot of implications, one of which being that chatbots may soon apply under consumer protection laws.

#3: Pay Close Attention to Child Safety

The letter also warned AI companies that they were seeing reports of chatbots engaging children in inappropriate conversations — grooming, suicide ideation, drug use, parental secrecy, to name a few.

The coalition was concerned about it enough to demand more child-safety safeguards, specifically calling on AI developers to prevent these kinds of outputs from reaching minors:

“Allow independent third-party processes to enhance accountability, including: a. Subjecting models to independent third-party audits reviewable by state and federal regulators. b. Conducting regular, formal impact assessments on child safety that are shared with independent third-party auditors and state and federal regulators.” — p.7

You’re probably thinking, “Who would use my client’s eCommerce site to chat like this?” And fair enough — but the issue isn’t that every chatbot suddenly becomes a source of inappropriate conversations, it’s the mere fact that they can.

Should Website Owners Be Concerned?

Don’t worry just yet — website owners are not suddenly going to get subpoenaed for adding a ChatGPT API to their clients’ sites. But regulators may very well soon begin asking questions that providers haven’t had to deal with yet regarding their AI.

For example: Who’s responsible if a chatbot on a client site gives bad advice? What happens if a minor uses it? How much monitoring is considered enough?

These are the kinds of conversations a lot of website owners probably didn’t expect to be having when they pasted a chatbot into their site.

About the Author

Jordan Sprogis
Jordan Sprogis
Contributing Expert

Jordan Sprogis is a creative writer and tech researcher who has been working on online content for the better part of a decade. She holds a bachelor's degree in professional writing from Western Connecticut State University and has devoted much of her career to crafting content for various web verticals, including CyberSpyder and The Echo. Since joining HostingAdvice, Jordan has combined her storytelling ability with her fascination for advancements in technology to pen over 500 articles geared toward industry pros and newcomers alike.

View Jordan Sprogis's Full Profile »