The Italian data protection authority regulator, known as “Garante per la protezione dei dati personali,” has issued a stern notification to OpenAI, asserting that ChatGPT, the widely-used AI chatbot, has run afoul of the European Union’s stringent data protection regulations.
This declaration comes in the wake of a series of investigations into ChatGPT’s operations, which began in early April 2023. At that time, the Italian Data Protection Authority imposed a temporary ban on ChatGPT due to multiple infractions, including the illegal collection of personal data and the absence of mechanisms to verify the ages of minors engaging with the platform.
The Italian watchdog, Garante, emphasized that OpenAI failed to adequately inform users that their personal data was being collected, thus breaching crucial aspects of the General Data Protection Regulation (GDPR), a cornerstone of EU privacy legislation.
Moreover, the Authority criticized the lack of a legal basis justifying the extensive collection and processing of personal data purportedly for training ChatGPT’s algorithms. Tests conducted by the Authority revealed discrepancies between the information provided by ChatGPT and actual factual circumstances, indicating the processing of inaccurate personal data.
Related: OpenAI Proposes Remedies On ChatGPT To Italian Watchdog
One particularly alarming finding was that ChatGPT frequently delivered responses unsuitable for minors, despite the platform’s stated design for users above the age of 13. This exposure of minors to potentially inappropriate content raised significant concerns among regulators.
OpenAI responded to the initial ban by assuring the Italian data protection authority that it would address the identified shortcomings by the given deadline of April 30. Consequently, the ban on ChatGPT was lifted.
However, the conclusion of Garante’s fact-finding endeavors led to the determination that ChatGPT had indeed violated provisions outlined in the GDPR. This outcome underscores the pressing need for stricter adherence to data privacy regulations, especially in the realm of AI-driven technologies where the potential for misuse and infringement on user rights is significant.
Source: Security Affairs
Featured News
Big Tech Braces for Potential Changes Under a Second Trump Presidency
Nov 6, 2024 by
CPI
Trump’s Potential Shift in US Antitrust Policy Raises Questions for Big Tech and Mergers
Nov 6, 2024 by
CPI
EU Set to Fine Apple in First Major Enforcement of Digital Markets Act
Nov 5, 2024 by
CPI
Six Indicted in Federal Bid-Rigging Schemes Involving Government IT Contracts
Nov 5, 2024 by
CPI
Ireland Secures First €3 Billion Apple Tax Payment, Boosting Exchequer Funds
Nov 5, 2024 by
CPI
Antitrust Mix by CPI
Antitrust Chronicle® – Remedies Revisited
Oct 30, 2024 by
CPI
Fixing the Fix: Updating Policy on Merger Remedies
Oct 30, 2024 by
CPI
Methodology Matters: The 2017 FTC Remedies Study
Oct 30, 2024 by
CPI
U.S. v. AT&T: Five Lessons for Vertical Merger Enforcement
Oct 30, 2024 by
CPI
The Search for Antitrust Remedies in Tech Leads Beyond Antitrust
Oct 30, 2024 by
CPI