/industry-wired/media/agency_attachments/2024/12/04/2024-12-04t130344212z-iw-new.png)
/industry-wired/media/agency_attachments/2024/12/04/2024-12-04t130332454z-iw-new.jpg)
/industry-wired/media/post_attachments/wp-content/uploads/2024/01/Italys-Data-Watchdog-Raises-Alarm-ChatGPT-Breach-Concerns.jpg "publive-image")
Italy's Data Watchdog Flags ChatGPT for Potential Breach Concerns
Italy’s data protection watchdog has notified OpenAI that its artificial intelligence (AI) application ChatGPT violates data protection laws. In one instance, the regulator identified indications of possible violations following an investigation launched last year. Additionally, the Government argued that OpenAI has a 30-day window to file a defense argument. Notably, ChatGPT faced a temporary ban from the Italian Data Authority last year for allegedly violating EU privacy laws.
Italian data watchdog raises warning: Concerns about ChatGPT Breaches
Four weeks later, ChatGPT was reinstated after saying it had successfully "overcome or clarified" the issues raised by the DPA. Italy's DPA launched a "fact-finding operation" at the time, which says it has now discovered a data privacy breach.
In a statement, the DPA said it had "concluded that the available evidence points to a breach of the provisions of the EU GDPR [General Data Protection Regulation]".
They are linked to a mass collection of users’ data which is then used to train algorithms. Regulators are also concerned that young users may be exposed to inappropriate content generated by chatbots.
Under EU GDPR rules, companies that break the rules can be fined up to 4% of a company’s global turnover. The Italian DPA works in conjunction with the European Union's European Data Protection Board - which in April 2023 set up a separate task force to regulate ChatGPT.
When ChatGPT was relaunched in Italy in April 2023, the Italian regulator told the BBC that it "recognizes the measures implemented by OpenAI" but still requires greater compliance.
Specifically, a spokesperson said, "In planning the implementation of an age verification system and planning and conducting an information campaign to inform Italians of what happened as well as of their right to opt-out from the processing of their data for training algorithms". Italian privacy regulators said OpenAI Inc's ChatGPT tool and its methods of collecting user data violated the country's privacy laws.
The findings, announced in a statement Monday, follow an investigation opened by the government last March and notified to the artificial intelligence company. In its statement, the Italian company said “The acquisitions may indicate one or more breaches of EU law”. OpenAI has 30 days to respond to the findings.
San Francisco-based OpenAI is based on Microsoft Corp. after doing so, with Alphabet Inc.’s Google using artificial intelligence to improve its products.
Conclusion: The Italian Data Protection Authority's alert on ChatGPT breach concerns highlights the urgent need for strong safeguards to protect user data in AI-powered applications It is likely that the outcome of this study the results will determine future regulatory policy and industry practices.