A PYMNTS Company

OpenAI’s ChatGPT Faces Renewed Scrutiny from Italy’s Data Protection Authority

By  |  January 30, 2024

Italy’s data protection authority, known as Garante, has informed OpenAI that its artificial intelligence chatbot application, ChatGPT, is in violation of data protection rules. The watchdog, renowned for its proactive approach in assessing AI platform compliance with the European Union’s data privacy regime, stated on Monday that it is continuing its investigation initiated last year.

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    Last year, Garante imposed a ban on ChatGPT, citing alleged breaches of European Union privacy rules. OpenAI later reactivated the service after addressing concerns raised by the regulator. These concerns included issues related to users’ right to decline consent for the use of personal data in training algorithms.

    Despite the reactivation, Garante remained committed to its investigation. In a recent statement, the authority revealed that it has identified elements suggesting one or more potential data privacy violations. However, specific details were not provided.

    Related: FTC Investigating OpenAI Over Data Security

    OpenAI, responding to the latest development, expressed confidence in its practices aligning with EU privacy laws. In an emailed statement, the company asserted, “We actively work to reduce personal data in training our systems like ChatGPT” and affirmed its commitment to working constructively with Garante.

    The data protection authority has given OpenAI, backed by Microsoft, a 30-day window to present its defense arguments. The ongoing investigation will also take into account findings from a European task force comprised of national privacy watchdogs. Italy has been at the forefront of regulatory action against ChatGPT, being the first West European country to impose restrictions on the AI chatbot.

    Under the European Union’s General Data Protection Regulation (GDPR), introduced in 2018, companies found in breach of rules can face fines of up to 4% of their global turnover. This underscores the potential financial implications for OpenAI if Garante concludes that ChatGPT has indeed violated data privacy regulations.

    In a broader context, the scrutiny of AI systems like ChatGPT aligns with the European Union’s efforts to regulate artificial intelligence. In December, EU lawmakers and governments reached provisional terms for regulating AI systems, signaling a step closer to establishing comprehensive rules governing the technology.

    Source: Reuters