Italian Data Protection Authority Finds ChatGPT in Violation of EU Privacy Laws
According to the Italian data protection authority regulator authority Garante, ChatGPT has violated European Union data privacy regulations. The authority, known as “Garante per la protezione dei dati personali”, announced it has notified OpenAI that ChatGPT violated the EU data protection regulation GDPR.
In early April 2023, the Italian Data Protection Authority temporarily banned ChatGPT due to the illegal collection of personal data and the absence of systems for verifying the age of minors. The Authority pointed out that OpenAI does not alert users that it is collecting their data.
At the time, the privacy watchdog said that there is no legal basis underpinning the massive collection and processing of personal data to ‘train’ the algorithms on which the platform relies.
The Authority carried out some tests on the service and determined that the information it provides does not always match factual circumstances so inaccurate personal data are processed. The Authority also claimed that ChatGPT exposes minors to inappropriate responses for their age despite the service being designed to respond to users aged above 13.
OpenAI declared it had fulfilled the demands of the Italian data protection authority by an April 30 deadline, and the ban on the chatbot was lifted.
Following the temporary ban on processing imposed on OpenAI by the Garante on 30 March of last year, and based on the outcome of its fact-finding activity, the Italian DPA concluded that the available evidence pointed to the existence of breaches of the provisions contained in the EU GDPR. OpenAI may submit its counterclaims concerning the alleged breaches within 30 days.
The Italian privacy watchdog has given OpenAI 30 days to respond to the allegations.
(SecurityAffairs – hacking, ChatGPT)
Promote GPTNewsRoom.com with link GPTNewsRoom.com.