The Italian data protection authority regulator, known as “Garante per la protezione dei dati personali,” has issued a stern notification to OpenAI, asserting that ChatGPT, the widely-used AI chatbot, has run afoul of the European Union’s stringent data protection regulations.
This declaration comes in the wake of a series of investigations into ChatGPT’s operations, which began in early April 2023. At that time, the Italian Data Protection Authority imposed a temporary ban on ChatGPT due to multiple infractions, including the illegal collection of personal data and the absence of mechanisms to verify the ages of minors engaging with the platform.
The Italian watchdog, Garante, emphasized that OpenAI failed to adequately inform users that their personal data was being collected, thus breaching crucial aspects of the General Data Protection Regulation (GDPR), a cornerstone of EU privacy legislation.
Moreover, the Authority criticized the lack of a legal basis justifying the extensive collection and processing of personal data purportedly for training ChatGPT’s algorithms. Tests conducted by the Authority revealed discrepancies between the information provided by ChatGPT and actual factual circumstances, indicating the processing of inaccurate personal data.
Related: OpenAI Proposes Remedies On ChatGPT To Italian Watchdog
One particularly alarming finding was that ChatGPT frequently delivered responses unsuitable for minors, despite the platform’s stated design for users above the age of 13. This exposure of minors to potentially inappropriate content raised significant concerns among regulators.
OpenAI responded to the initial ban by assuring the Italian data protection authority that it would address the identified shortcomings by the given deadline of April 30. Consequently, the ban on ChatGPT was lifted.
However, the conclusion of Garante’s fact-finding endeavors led to the determination that ChatGPT had indeed violated provisions outlined in the GDPR. This outcome underscores the pressing need for stricter adherence to data privacy regulations, especially in the realm of AI-driven technologies where the potential for misuse and infringement on user rights is significant.
Source: Security Affairs
Featured News
Meta Begins Defense After FTC Concludes Case in Landmark Antitrust Trial
May 15, 2025 by
CPI
UK Data Bill Still No Closer to Passage As Parliamentary ‘Ping-Pong’ Drags On
May 15, 2025 by
CPI
Regeneron Pharmaceuticals Awarded $271.2M in Damages Against Amgen
May 15, 2025 by
CPI
FTC Chair Proposes 15% Staff Reduction Amid Budget Constraints
May 15, 2025 by
CPI
UK Urges Antitrust Watchdog to Prioritize Growth and Clarity in Business Regulation
May 15, 2025 by
CPI
Antitrust Mix by CPI
Antitrust Chronicle® – Healthcare Antitrust
May 14, 2025 by
CPI
Healthcare & Antitrust: What to Expect in the New Trump Administration
May 14, 2025 by
Nana Wilberforce, John W O'Toole & Sarah Pugh
Patent Gaming and Disparagement: Commission Fines Teva For Improperly Protecting Its Blockbuster Medicine
May 14, 2025 by
Blaž Višnar, Boris Andrejaš, Apostolos Baltzopoulos, Rieke Kaup, Laura Nistor & Gianluca Vassallo
Strategic Alliances in the Pharma Sector: An EU Competition Law Perspective
May 14, 2025 by
Christian Ritz & Benedikt Weiss
Monopsony Power in the Hospital Labor Market
May 14, 2025 by
Kevin E. Pflum & Christian Salas