In a recent development, Italy’s data protection agency, Garante, has laid out stringent guidelines for OpenAI’s ChatGPT to adhere to before lifting restrictions imposed on the AI chatbot service. The measures aim to increase transparency and protect user privacy, particularly for minors, in compliance with the European Union’s General Data Protection Regulation (GDPR).
March 2023 Order Raised GDPR Violation Concerns
The order, issued in March 2023, resulted from concerns that ChatGPT might be violating GDPR. Consequently, Garante directed the US-based firm, OpenAI, to cease processing data belonging to individuals residing in Italy.
Garante’s press release calls for OpenAI to enhance its transparency by issuing an information notice detailing its data processing practices. Furthermore, the statement urges the company to implement age-gating measures to prevent minors from accessing ChatGPT and to adopt more robust age verification methods.
Follow CryptoMode on Twitter, Youtube and TikTok for news updates! OpenAI must clarify the legal basis for processing individuals’ data to train its AI and cannot rely on contract performance alone. That implies that OpenAI must either obtain user consent or rely on legitimate interests. OpenAI’s privacy policy currently cites three legal bases, with a heavier emphasis on contract performance for services like ChatGPT.
OpenAI User Rights and Personal Data Management
OpenAI is required to facilitate both users and non-users in exercising their rights concerning their data. That includes requesting corrections for misinformation generated by ChatGPT or deleting their data altogether.
Garante also mandated OpenAI to allow users to object to processing their data for training purposes. Moreover, OpenAI must conduct an awareness campaign in Italy to inform individuals about the processing of their information for AI training.
The Italian regulator has set April 30 as the deadline for OpenAI to complete most of the mandated tasks. However, the company has been granted additional time to transition from its existing age-gating child safety technology to a more robust age verification system.
OpenAI has until May 31 to submit a plan outlining the implementation of age verification technology capable of screening out users under 13 (and those aged 13 to 18 without parental consent). The deadline for deploying this enhanced system is September 30.
The Future of ChatGPT In Italy
Following concerns raised by Garante regarding potential privacy violations and inadequate age verification measures, Microsoft-backed OpenAI took ChatGPT offline in Italy on Friday, March 31.
In conclusion, OpenAI faces a challenging task in meeting Garante’s strict guidelines to ensure user privacy and GDPR compliance. However, the outcome will likely set a precedent for similar AI-driven services operating in the European Union.
None of the information on this website is investment or financial advice. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website.
