That’s exactly what’s happening with Chipotle’s Peppers, a “concierge bot” launched in summer 2020 on Facebook Messenger, through which customers can place orders. Unlike many of the recently launched corporate customer support chatbots powered by ChatGPT, Pepper uses an automated conversation algorithm called Amelia, built by software company IPSowt. Paper began gaining attention online in March when curious developers discovered it would do much more than take burrito orders: It could answer complex coding questions, and even write new Python code.
Things got worse when a developer named Maksim Soltan, who goes by the GitHub handle @gonzih, reverse-engineered the backend protocol powering Pepper’s chat function to create a new, production-ready LLM that doesn’t require an API key: “Free guesswork via fast food,” as Soltan puts it. described it.
Inspired by Soltan, a Brooklyn-based “creative technologist” named Rob Dezendorf hardcoded Pepper’s API in OpenCode, a popular open-source AI coding platform, “slapped on Chipotle’s brand colors,” as he wrote on his project’s GitHub page, and introduced it to the world. ChipotleAI Max.
If the cases of developers using Pepper to write code from Chipotle’s website were like tailgaters who tried to follow a game taking place inside a sports arena from foldable chairs set up in the parking lot, Soltan and Deszendorf were like fans who hacked the city’s cable network, plugged it directly into their TV and watched the game from the comfort of their home. “It was fueled by seeing those other memes go viral,” Deszendorf told Gizmodo, “and then I thought, why don’t we take it to the extreme and put it straight into your [coding] Program?”
count for people
Dezendorf included a disclaimer on ChipotleAI Max’s GitHub page: “Not affiliated with Chipotle. They’ll probably sue us. Worth it.”
Although Chipotle has not yet sued Dezendorf, the company immediately took action and modified its product so that its API could not be stolen again. But that’s before word about ChipotleAI managed to spread online: As of Thursday afternoon, it has a respectable 824 stars on GitHub, along with dozens of “forks” — basically copies of the code that can be used for similar projects.
According to Dezendorf, the short-lived project struck a chord with a coding community that is frustrated with paying for mainstream AI coding tools. (For example, Cloud Code’s subscription tier starts at $20/month and becomes increasingly expensive with heavy usage.) “It started as a joke, but I really think there’s a funny truth to it,” he says. “There’s so much demand for compute, and people want so much AI power at their fingertips, but it’s completely inaccessible… I think that’s why people are going crazy about it.”
A federal crime?
there was something Estimate It was reported online earlier this week that ChipotleAI Max may be in violation of the federal Computer Fraud and Abuse Act of 1986 (CFAA), which prohibits unauthorized access to protected computer systems. However, the legal experts I interviewed for this story found this highly unlikely, since Pepper and other corporate AI customer support bots are available to the public for free.
“It’s separate from the topic for which the company wants to use it, but… there’s no hacking involved, no password-guessing, no nefarious activity that one would typically associate with [criminal] Computer hacking is going on,” says Joseph DeMarco, a lawyer specializing in digital privacy and cybercrime. “It’s somewhat akin to getting lots of free samples at the Costco cheese spread display.”
Chipotle could potentially take legal action against Dezendorf for violating this terms of usewhich states that the user “Do not make changes or modifications to the Services offered by the Company, “except as may be reasonably necessary to use the Services for their intended purpose.”
Clearly, ChipotleAI is outside the scope of the “intended purpose” paper, which could hypothetically give Chipotle a legal leg to stand on. According to Yafit Lev-Aritz, an associate professor of law at Baruch College, “The creation of a proxy that turns the chatbot into a third-party coding tool is not a modification made to facilitate customer support of any kind… That said, it is difficult to quantify damages in TOS-based claims when the service is publicly available, and Chipotle’s costs are not meaningfully affected by the activity.”
“It’s definitely not legal”
However, things get a little murkier around Dezendorf’s promotion of the ChipotleAI Max. On the project’s GitHub page, he characterizes it as more of a prank than anything else. (He told me he was hoping Chipotle might be amused by the whole thing, and approach him about starting a potential marketing collaboration; they didn’t.) But he also apparently calls on other developers to pull similar stunts on other corporate AI chatbots. Under the section titled “How to Contribute” on that page, he provides a step-by-step guide for reverse-engineering the APIs of customer support chatbots hosted by major corporations like Lowe’s, Home Depot, Sephora, and Expedia.
According to Lev-Eritz, “explicit framing as a replication template” is where the real legal risk lies. “Deszendorf’s explicit invitation and subsequent documentation of the presentations establish intent,” she says, “which could help strengthen a CFAA-violation case.” “Each contributor who submits a new proxy becomes part of that scheme. It also multiplies the number of companies with the legal standing and financial incentive to sue, and all it takes is one sufficiently motivated in-house lawyer to actually decide to make an example of it.”
Dezendorf himself, when I asked him about the potential legal ramifications of pirating corporate chatbots for “free estimates,” was much more cautious than his apparent call to action on GitHub might have led one to believe. “It’s definitely not legal,” he said. “Don’t do as I do, don’t do as I say…but if you want So, it’s your choice.”
<a href