Guide7 min read

Is It Safe to Upload a Photo of Your ID to AI?

No — it isn't safe: an ID gathers your name, date of birth and document number, a jackpot for identity theft. Here's what happens, and the fix to use.

By Pierre de ONYRI

No — uploading a photo of your ID to AI isn't safe. An identity document holds your most sensitive data. Name, date of birth, document number. Often an address and a face photo. That's a jackpot for identity theft. An image sent to a public AI is treated like any input. It is stored. It can be reviewed. It can be used for training. The gain — pulling out some text, filling a form — isn't worth the risk. The fix is simple: never upload an ID in the clear.

Why an ID photo is worth gold to a thief

Start with identity theft. The Federal Trade Commission (FTC) is the US consumer-protection agency. Its definition is simple. It's someone using your personal or financial information without your permission.

The FTC lists the data thieves misuse. Your name and address. Your credit card or bank account numbers. Your Social Security number. Your medical insurance account numbers. These are exactly the fields an ID document gathers.

With that data, a thief can do real damage. The FTC spells out the list:

  • Buy things on your credit cards.
  • Open new credit cards, or a phone, electricity or gas account in your name.
  • Steal your tax refund.
  • Get a job under your identity.
  • Obtain medical care in your name.
  • Pretend to be you if they are arrested.

That's why a photo of an ID is so prized. Passport, driving licence, national ID. Each gathers several of these details in a single image. Full name, date of birth, document number. Usually a face photo. Often an address too. One scanned document carries far more sensitive data than a plain text prompt.

What happens to your image once you send it

Many assume the image vanishes after use. It doesn't. The National Cyber Security Centre (NCSC) is the UK's cybersecurity agency. Its finding is blunt. A query sent to a public AI is visible to the company providing it. For ChatGPT, that's OpenAI.

The NCSC goes further. These queries are stored. They will almost certainly be used, at some point, to develop the service or the model. The provider, its partners or its contractors can read them. They may also fold them into future versions of the model. Your ID image enters this pipeline like any other data.

The NCSC also flags the leak risk. Stored queries can be hacked. They can leak. They can be made public by accident. And that can include information that identifies you.

OpenAI publishes its own rule. On consumer ChatGPT plans — Free, Plus, Pro — the content you provide can be used to train and improve the models. That includes uploaded images. Unless you turn model training off in settings. On business and enterprise plans, inputs are not used for training by default. An uploaded ID image is treated as content, just like any other input.

Two-part diagram: at top, a photo of an ID in the clear (amber) — face, name, date of birth, document number — travels to dark storage where it is reviewed and kept; at bottom, the same ID anonymized shows only tokens (cobalt) and a checkmark, with nothing usable.
After the FTC (identity theft), the NCSC (stored, readable queries) and the ICO (the face as biometric data).

Your face is sensitive data too

An ID carries more than text. It carries your face. And a face photo is biometric data. The Information Commissioner's Office (ICO) is the UK data-protection regulator. It treats AI, including biometric technologies, as a priority area.

The reason is clear. These technologies can pose a high risk to people's rights and freedoms. The ICO is firm: the personal data fuelling them must be used responsibly. A face photo on an identity document is biometric personal data. It falls under UK data protection law.

Let's be fair. Sometimes the tool won't keep the image for long. Some plans promise short retention, or no training. But you have no way to verify that at the moment you send it. And the upside stays small next to the risk. Pulling out a number or filling a field doesn't justify exposing a whole document.

You assumeThe reality
“The image is only used to read the text”It's stored and can be used to train the model
“Once I get the answer, the image is gone”The NCSC says stored queries can leak
“It's only a photo”It's biometric data, covered by the law
“A text prompt and an image carry the same risk”A scanned ID concentrates far more data than a prompt
A scanned ID isn't a harmless file — it's a bundle of sensitive data.

The fix: never send an ID in the clear

The rule fits in one line. Never upload an ID in the clear. If you must process a document's text, strip the sensitive fields first. This principle has a name: data minimisation. The less you send, the less you expose.

  1. 1Spot the sensitive fields: name, date of birth, document number, address.
  2. 2Redact or replace those fields before sending.
  3. 3Send the AI only what's strictly needed, never the whole document.
  4. 4Restore the real values on your side, locally.

Doing this by hand is slow and easy to get wrong. An automatic detector is faster and misses less. ONYRI's detectors cover identities and document numbers exactly.

That's what ONYRI Sanitize is for. The engine detects sensitive data and replaces it with reversible tokens. Detection and the mapping stay in your browser. Only anonymized text reaches the model. The AI finds only tokens — not your name, your date of birth or your document number. You keep the tool's benefit without exposing the document.

Frequently asked questions

Is it safe to upload a photo of your ID to AI?
No, it isn't safe. An ID gathers your name, date of birth, document number, often an address and a face photo. That's a jackpot for identity theft. An image sent to a public AI is stored, sometimes reviewed, sometimes used for training. It's better to redact the sensitive fields before you send it.
What can a thief do with a photo of my ID?
According to the FTC, the list is long. A thief can buy things on your cards. They can open new accounts in your name. They can steal your tax refund. They can get medical care or a job under your identity. They can even pretend to be you. An ID gathers exactly that data.
Does ChatGPT use the images I upload?
On consumer plans (Free, Plus, Pro), OpenAI says so. Content you provide, images included, may be used to train and improve the models. Unless you turn training off in settings. On business and enterprise plans, inputs are not used for training by default.

Sources & references

Keep your sensitive data in your browser

ONYRI Sanitize detects and masks your sensitive data before it reaches the AI, then restores the answer — from names to API keys.

Anonymize my prompt

Read next