Hiring Safely Upwork Fiverr Data Privacy

Published: December 5, 2025 • AI, Demand Letters
How to Hire on Upwork Without Donating Your Data to AI | Attorney Sergei Tokmakov

Contents

How to Hire on Upwork

Without Accidentally Donating Your Data to an AI Model

Most companies hiring on Upwork or Fiverr have no idea that their project briefs, messages, and deliverables might be training the platform’s AI—unless they proactively configure settings, vet freelancers, and structure contracts to protect confidential data. This guide shows you exactly how to hire safely, step by step.

Why This Matters: The Hidden Cost of “Just Hiring a Freelancer”

When you post a job on Upwork or Fiverr, you’re not just hiring a person—you’re entering a three-party relationship:

  • You (the client) – providing project briefs, budgets, strategy, and sometimes confidential client information
  • The freelancer – delivering work product, asking questions, uploading files
  • The platform – sitting in the middle, collecting messages, attachments, and usage data

Platforms increasingly use this data to:

  • Train AI models that suggest responses, draft proposals, and automate project tasks
  • Improve marketplace recommendations and search ranking
  • Power analytics, trend reports, and (in some cases) third-party developer tools

The risk: Your confidential project details, proprietary methods, client names, or strategic plans become inputs to algorithms you don’t control—potentially surfacing in AI-generated suggestions to competitors or being analyzed by platform partners.

The good news: With the right precautions, you can use platforms safely for most work. It just requires intentional configuration and clear boundaries.

Your 6-Step Data-Safe Hiring Process

1 Decide Your Company’s AI and Marketplace Policy

Before you post your next job, answer these questions at the company level:

  • What categories of work are allowed on public marketplaces? (e.g., blog writing, graphic design, general VA tasks)
  • What work must stay with vetted vendors or in-house? (e.g., anything involving client data, proprietary code, attorney-client privilege, HIPAA-covered information)
  • Which platforms are approved? (Upwork with AI opt-outs? Fiverr for non-sensitive creative? Ban PeoplePerHour due to “not confidential” messages?)
  • What’s the default AI training posture? (Opt out of all training by default? Case-by-case decisions?)

Action item: Draft a one-page “Marketplace & AI Policy” that hiring managers can reference. Include:

  • Approved platforms and use cases
  • Required AI settings for each platform
  • Prohibited data uploads (customer lists, production code, client names, etc.)
  • Communication channel rules (what goes through platform messages vs. encrypted email)

2 Configure Platform Settings (Upwork Walkthrough)

Upwork is the only major freelancer platform with granular AI controls. Here’s how to set them up:

Where to Find AI Preferences

  1. Log into Upwork
  2. Click your profile icon (top right) → Settings
  3. Navigate to Profile / My InfoAI Preferences

What You’ll See (Three Toggles)

Setting What It Controls Recommended for Sensitive Work
Communications Data Allows Upwork to train AI on your messages with freelancers (for your exclusive use: summaries, suggested responses, etc.) Toggle OFF – Messages often contain scopes, budgets, client names, strategy
Work Product Data Allows Upwork to train AI on deliverables, attachments, documents, code exchanged in contracts Toggle OFF – Work product may contain proprietary methods, client information, or trade secrets
Other Platform Data Allows Upwork to use your job posts, proposals, marketplace activity to improve overall platform (better matching, search, etc.) Your choice – Lower confidentiality risk. Toggle off for maximum privacy; leave on for better recommendations.

💡 Double Opt-In Requirement

For Communications Data and Work Product Data, Upwork only uses the data if both you and your freelancer have opted in.

Best practice: In your first message after hiring, ask: “Please confirm you’ve configured your Upwork AI Preferences to opt out of Communications Data and Work Product Data for this engagement.”

Other Platforms (Fiverr, Freelancer.com, PeoplePerHour)

Fiverr: No AI Preferences panel. You must specify “No AI tools may be used on this project” in the order requirements for each gig.

Freelancer.com / PeoplePerHour: No AI-specific settings at all. Your only control is through contract clauses and limiting what you upload to the platform.

3 Write Job Posts That Express Your AI Expectations

Don’t assume freelancers know your data policies. Make it explicit in your job post and first message.

Template: Upwork Job Post (Confidential Work)

AI & Data Use Policy for This Engagement: This project involves [confidential/regulated/proprietary] information. By submitting a proposal, you acknowledge and agree to: 1. Upwork AI Settings: Configure your Upwork AI Preferences to OPT OUT of “Communications Data” and “Work Product Data” for the duration of this contract. Provide confirmation in your first message after hire. 2. No AI Tools: Do not use AI tools (including ChatGPT, Claude, Midjourney, or Upwork’s Uma) on project deliverables unless explicitly authorized in writing. 3. Confidentiality: All project information, client data, and communications are strictly confidential. 4. Secure Communication: Sensitive details will be shared via [encrypted email / secure portal]. Upwork Messages for routine coordination only. Compliance with these requirements is a condition of hire and ongoing engagement.

Template: Fiverr Order Requirements (Per-Project AI Ban)

NO AI TOOLS: This project requires 100% human-created work. Do not use ChatGPT, Midjourney, AI writing assistants, AI code generators, or any other AI tools to complete any portion of the deliverables. If you cannot complete this order without AI assistance, please cancel now. Use of AI tools without disclosure will be considered breach of contract. Please confirm in your first message that you’ve read and agree to these requirements.

Completing Your Data-Safe Hiring Process

4 Handle Files and Documents Carefully

Even with AI settings configured, platform employees can access uploaded files for support, disputes, and compliance. Minimize exposure:

File Handling Best Practices

  • Redact or anonymize sensitive information in documents before uploading
  • Use synthetic or test data for freelancer examples (not production databases)
  • Share large or sensitive files via secure links (Dropbox with expiration, restricted Google Drive) rather than platform uploads
  • For code repositories, use GitHub private repos with access controls—don’t paste full source code into messages
  • Avoid uploading: client contracts, internal strategy decks, customer PII, proprietary algorithms
  • When freelancer delivers final work, download immediately and confirm deletion of copies

⚠ The “Share Screen” Trap

Some freelancers will ask to screen-share (Zoom, Google Meet) to review work. Be cautious:

  • Don’t share your screen showing confidential client dashboards, internal tools, or unredacted documents
  • If the freelancer needs to see something sensitive, create a demo environment or redacted version
  • Remember: many screen-sharing tools have their own AI features that may analyze video/audio unless disabled

5 Build AI-Aware Contract Clauses

Your Upwork/Fiverr contract and any separate NDA or SOW should explicitly address platform data use. Essential clauses:

  1. Platform AI Configuration: “Contractor agrees to configure all freelance marketplace settings to prevent Client data from being used to train AI models, and to provide written confirmation within 24 hours of contract start.”
  2. Upload Restrictions: “Contractor shall not upload Client’s confidential information, production data, or proprietary materials to any platform in unredacted form without prior written consent.”
  3. Communication Channels: “Routine coordination may occur via platform messaging. All confidential discussions must occur via [encrypted email / secure portal].”
  4. AI Tool Disclosure: “If Contractor wishes to use any AI tools on Client work, Contractor must: (a) obtain written consent; (b) disclose which tools and what data they will access; (c) confirm tool’s terms prohibit training on user data.”
  5. Post-Engagement Data Deletion: “Upon project completion, Contractor shall delete all Client data from local systems, cloud storage, and third-party tools, and provide written certification of deletion.”

💡 Where to Add These Clauses

If using Upwork’s standard contract: Add attachment titled “Data Security and AI Use Addendum” and reference it in first message.

If using separate NDA/SOW: Include these as dedicated sections in your template.

For quick Fiverr gigs: At minimum, include AI tool ban and confidentiality notice in order requirements.

6 Periodically Review Platform Policy Updates

AI and privacy policies are evolving rapidly. What’s true today may change in six months.

Quarterly Policy Review Checklist

  • Check Upwork’s “How to control your AI preferences” help article for updates
  • Review Fiverr’s “Using AI on Fiverr” guidelines and any new AI features
  • Re-read privacy policies for platforms you use (look for “last updated” date)
  • Google “[Platform name] AI training policy change” to catch news coverage
  • Re-audit your team’s active contracts: are AI settings still configured as intended?
  • Update your internal Marketplace & AI Policy document to reflect platform changes

Assign ownership: Make someone responsible (legal ops, privacy team, or designated project manager) for tracking these updates. Add recurring calendar event: “Marketplace AI Policy Review – Quarterly.”

Platform-by-Platform Risk Assessment

✓ Upwork

Risk Level: Low-Medium (with proper configuration)

Strengths:

  • Granular AI Preferences
  • Double opt-in for training
  • Prospective-only AI use
  • No third-party model training

Weaknesses:

  • Default opt-in (from Jan 5, 2026)
  • Non-retroactive opt-out
  • Platform employee access persists

Best for: Confidential work where you need marketplace efficiency but want control

⚠ Fiverr

Risk Level: Medium-High

Strengths:

  • Fast, low-cost creative work
  • Creators retain model ownership

Weaknesses:

  • No AI preferences UI
  • Burden on buyer to say “no AI”
  • Fiverr Go trained on billions of interactions
  • Open developer platform

Best for: Generic creative tasks; avoid for anything proprietary

🚨 PeoplePerHour

Risk Level: High

Weaknesses:

  • “Messages not private/confidential”
  • No AI toggle
  • Data used for analytics/research

Best for: Initial vetting only; move work off-platform

🚨 Freelancer.com

Risk Level: High

Weaknesses:

  • Most UGC labeled “non-personal”
  • No AI-specific opt-out
  • Automated ranking on UGC

Best for: Non-proprietary tasks where data exposure is acceptable

Decision Tree: Should This Project Go on a Marketplace?

Project Type Recommended Platform Required Precautions
Public blog posts, social media Any platform Minimal. Standard contract terms sufficient.
Generic graphic design Fiverr or Upwork Provide only public brand assets. Redact internal strategy.
Internal documentation (non-sensitive) Upwork with AI opt-outs Configure AI Preferences. Use generic examples.
Proprietary code or algorithms Upwork with AI opt-outs + strict contract Opt out of work product training. Private GitHub repos. Add deletion clauses.
Client-confidential work (under NDA) Upwork with AI opt-outs + off-platform comms Opt out. Move sensitive discussions to encrypted email. Redact client names.
Attorney-client privileged work DO NOT use marketplaces Use vetted law firms or in-house counsel. Marketplace use may waive privilege.
HIPAA-covered PHI DO NOT use marketplaces Platforms don’t sign BAAs. Use HIPAA-compliant vendors only.
Financial data, customer PII DO NOT use marketplaces Regulatory risk too high. Use vetted vendors with DPAs.

Common Mistakes and How to Avoid Them

❌ Mistake #1: “I Hired on Upwork So It’s Automatically Confidential”

Reality: Upwork’s default (as of Jan 5, 2026) is opted in for AI training. If you never configure AI Preferences, your messages and work product are being used to train models.

Fix: Visit AI Preferences and toggle off Communications Data and Work Product Data. Verify your freelancer does the same.

❌ Mistake #2: “I Signed an NDA, So Platform Terms Don’t Matter”

Reality: Your NDA binds the freelancer, not the platform. Platform terms govern what the platform can do with uploaded data.

Fix: Use NDA clauses that explicitly address platform data use (see Step 5).

❌ Mistake #3: “I’ll Just Tell the Freelancer Not to Use AI”

Reality: Without platform-level settings and contract enforcement, freelancers may use AI tools anyway (especially on Fiverr, where it’s allowed by default).

Fix: Combine instructions with platform configuration, contract clauses, and spot-check deliverables using AI detection tools if needed.

❌ Mistake #4: “I Can Always Opt Out Later If I Change My Mind”

Reality: On Upwork, opting out is not retroactive. Data shared while opted in may still be used for training; only future data is excluded.

Fix: Configure settings before you post your first job or send your first message. Don’t wait.

Tools and Resources

Helpful Links

  • Upwork AI Preferences Help: Search “How to control your AI preferences on Upwork” in Upwork Help Center
  • Fiverr AI Guidelines: Search “Using AI on Fiverr” in Fiverr Help Center
  • AI Detection Tools: GPTZero, Originality.ai, or Turnitin to spot-check written deliverables
  • Secure File Sharing: Tresorit, SpiderOak, or Sync.com for end-to-end encrypted file sharing

Sample Internal Policy (One-Page Template)

[COMPANY NAME] FREELANCE MARKETPLACE & AI USE POLICY Effective Date: [Date] 1. Approved Platforms • Upwork (with AI opt-outs configured) • Fiverr (for non-confidential creative work only) 2. Prohibited Platforms for Confidential Work • PeoplePerHour (messages “not confidential”) • Freelancer.com (UGC treated as non-personal) 3. Required AI Settings (Upwork) • Communications Data: OPT OUT • Work Product Data: OPT OUT • Other Platform Data: [Your choice] 4. Prohibited Data Uploads ✗ Customer PII or contact lists ✗ Production databases or live credentials ✗ Client names or confidential client information ✗ Proprietary source code (use private repos) ✗ Financial data, trade secrets, attorney-client privileged content 5. Communication Channel Rules • Platform messages: Routine coordination only • Encrypted email: All confidential discussions 6. Contract Requirements • Use standard NDA template with platform AI clauses • Confirm freelancer AI settings in first message • Include “no AI tools” prohibition where applicable 7. Quarterly Review • [Responsible Person/Team] reviews platform policies quarterly

Attorney Services: Freelance Platform Data Privacy Consulting

As a Top Rated Plus attorney on Upwork, I help companies build and implement safe hiring practices across freelance platforms. I understand these systems from both the client and service provider perspective.

How I Can Help

Services for Companies:
  • Company Policy Development: I draft custom Marketplace & AI Use Policies tailored to your industry and compliance requirements
  • Implementation Guidance: Step-by-step training for hiring managers on configuring AI settings and vetting freelancers
  • Contract Template Library: I provide job post templates, first-message scripts, and AI-aware NDA/SOW clauses for each platform
  • Platform Settings Audit: I review your current Upwork/Fiverr usage and identify where confidential data may be exposed
  • Freelancer Onboarding Protocols: I create briefing materials and confirmation checklists to ensure compliance
  • Quarterly Policy Monitoring: Ongoing reviews to track platform policy changes and update your protective measures

Why Platform-Specific Counsel Matters

Generic data privacy advice doesn’t address the nuances of freelance marketplace hiring:

  • Upwork’s double opt-in creates coordination requirements most attorneys miss
  • Fiverr’s per-project AI opt-out demands different workflows than account-level settings
  • Regulated work (HIPAA, attorney-client) has special considerations on public platforms
  • Contract enforcement across platforms requires platform-aware language

I stay current with each platform’s evolving AI policies and help you implement practical, enforceable protective measures.

My Approach

I don’t just draft documents—I provide implementation support:

  • Screenshots and walkthroughs showing exactly where to configure settings
  • Copy-paste templates for job posts, first messages, and order requirements
  • Decision trees helping teams quickly determine if a project belongs on a marketplace
  • Training sessions for hiring managers (recorded for async viewing)

Schedule a Freelance Platform Safety Consultation

Whether you’re building your first marketplace policy or auditing an existing hiring program, I provide practical guidance tailored to your workflow.

Send me information about platforms you currently use, types of work you hire for, and any compliance concerns (HIPAA, attorney-client privilege, trade secrets, etc.). I’ll evaluate your setup and provide specific recommendations.

Email: owner@terms.law

Policy development: $720-$1,440 (3-6 hours @ $240/hr). Template library: ~$450-$720. Platform audit: $480. Training sessions: $240/hr. Quarterly monitoring: monthly retainer available.