The Italian data-protection authority has expressed their opinion about the privacy concerns related to ChatGPT. The regulatory body said it would ban and investigate the same “with immediate effect” to check whether or not it complied with the General Data Protection Regulation. OpenAI maintained having complied with privacy laws when they talked to BBC.
Concerns were raised before as well about the potential risks of AI including threat to jobs, spreading of bias and misinformation. Many top personalities in the tech field including Elon Musk called for the suspension of such AI systems.
The Italian authority said on 20th March 2023 the app had experienced a data breach that involved user conversations as well as payment information. They said there is not any legal basis to justify “the mass collection and storage of personal data for the purpose of ‘training’ the algorithms underlying the operation of the platform”.
Moreover, since the chatbot did not have any way to verify the users’ age, ChatGPT “exposes minors to absolutely unsuitable answers compared to their degree of development and awareness”. In the meantime, Google’s artificial-intelligence chatbot, Bard, is available to people over 18 years of age to counter and handle such concerns.
The Italian data protection authority gave OpenAI 20 days to say how the concerns would be handled by them, otherwise they need to pay a fine of €20 million or up to 4% of annual revenues.
The Irish data protection commission is said to be in touch with the Italian regulator to understand the basis of their decision. They “will coordinate with all EU data protection authorities” with regard to the ban.
UK’s independent data regulatory body, the Information Commissioner’s Office, told BBC that although it would “support” developments in AI but at the same time it is also ready to “challenge non-compliance” with data protection regulations and laws.
Dan Morgan of SecurityScorecard said, “Businesses must prioritise the protection of personal data and comply with the stringent data protection regulations set by the EU – compliance with regulations is not an optional extra.”
BEUC’s deputy director general, Ursula Pachl, said, “There are serious concerns growing about how ChatGPT and similar chatbots might deceive and manipulate people. These AI systems need greater public scrutiny, and public authorities must reassert control over them.” She also said that they society is “currently not protected enough from the harm” that AI can cause.
China, Russia, North Korea, Iran and a few other countries have already blocked ChatGPT.
OpenAI told BBC, “We are committed to protecting people’s privacy and we believe we comply with GDPR and other privacy laws.” The company is said to have disabled ChatGPT for people in Italy upon request by Garante.
OpenAI said to have trained AI systems to “learn about the world, not about private individuals” by reducing the use of personal data in training. The company further added, “We also believe that AI regulation is necessary — so we look forward to working closely with the Garante and educating them on how our systems are built and used.” OpenAI is hopeful about resuming ChatGPT in Italy “soon”