OpenAI · GPT-4o System Card (PDF)

Operator-Mediated Safety Customization

Medium severity
Share 𝕏 Share in Share 🔒 PDF

What it is

When you use GPT-4o through a third-party app or service, that company can change how the AI behaves — including relaxing some of OpenAI's default safety settings — within limits set by OpenAI.

Consumer impact (what this means for users)

The safety features and content restrictions you experience when using GPT-4o through any app other than ChatGPT may be different from OpenAI's defaults — operators can weaken or adjust protections, and users typically have no visibility into what changes have been made.

Cross-platform context

See how other platforms handle Operator-Mediated Safety Customization and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

This means the safety protections you experience from GPT-4o depend heavily on which app you use, not just on OpenAI's policies — and you may not know what customizations the operator has made.

View original clause language
OpenAI provides the model to operators through the API, and operators can then deploy the model to users... Operators can expand or restrict the model's default behaviors, i.e., how it behaves out of the box, to the extent that they are permitted to do so by OpenAI's policies... Operators can grant users the ability to expand or change the model's behaviors in ways that go up to but don't exceed their own operator permissions.

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: This provision implicates the EU AI Act's provider-deployer accountability framework (Articles 25-28, which allocate obligations between AI system providers and deployers), GDPR Article 26 (joint controller arrangements where operators process personal data through the API), and FTC Act Section 5 (where operator customizations result in deceptive consumer experiences). The EU AI Office and national data protection authorities have enforcement jurisdiction. (2)

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    FTC authority covers deceptive practices where operator customizations of GPT-4o result in consumer experiences that differ materially from OpenAI's disclosed defaults without adequate consumer notice.
    File a complaint →
  • State AG
    State Attorneys General can enforce consumer protection statutes where operator-level safety customizations result in harmful or deceptive consumer experiences.
    File a complaint →

Provision details

Document information
Document
GPT-4o System Card (PDF)
Entity
OpenAI
Document last updated
March 5, 2026
Tracking information
First tracked
March 10, 2026
Last verified
April 27, 2026
Record ID
CA-P-003144
Document ID
CA-D-00008
Evidence Provenance
Source URL
https://openai.com/index/gpt-4o-system-card
Wayback Machine
View archived versions →
SHA-256
7c23ef53467eea199596abe78511d57ffee1e94b50ef10ac0f7d81df278b5059
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: OpenAI | Document: GPT-4o System Card (PDF) | Record: CA-P-003144
Captured: 2026-03-10 03:40:55 UTC | SHA-256: 7c23ef53467eea19…
URL: https://conductatlas.com/platform/openai/gpt-4o-system-card-pdf/operator-mediated-safety-customization/
Accessed: May 2, 2026
Classification
Severity
Medium
Categories
Unknown

Other provisions in this document