According to the Italian Guarantor, ChatGPT violates privacy regulations

The Italian Privacy Guarantor has confirmed that ChatGPT violates the rules on privacy and the use of personal data . The announcement was published on the guarantor's official page and was relaunched by the Reuters news agency. The response was released after the conclusion of the checks carried out on ChatGPT by the Guarantor, which began in March 2023. However, to date the Guarantor has not released any official documents in this regard, so no further details are known on the violations alleged against ChatGPT.

ChatGPT violates privacy policies

The Privacy Guarantor said in a statement that the results of its investigations confirm that the ChatGPT application violates European privacy regulations, in particular regarding the processing of personal data. ChatGPT is an artificial intelligence (AI)-based platform , capable of generating complex texts, answering questions , developing programming codes and performing various other functions. The application is developed by the American company OpenIA, which is part of the Microsoft group. The Guarantor, in reference to the application, reported on its official website that:

“Following the provision of temporary limitation of processing, adopted by the Guarantor towards the Company last March 30, and following the outcome of the investigation carried out, the Authority considered that the elements acquired could constitute one or more offenses with respect to what established by the EU Regulation.”

The statement highlights that the investigations into possible violations of European privacy rules began between March and April 2023 , after the Guarantor had implemented a provision that temporarily limited the use of ChatGPT in Italy, due to possible violations protections from users' private data.

ChatGPT president of the Guarantor
Pasquale Stanzione, president of the Guarantor for the protection of personal data (GPDP). Source GPDP.

The fight between Italy and OpenIA continues

Italy was the first Western European country to block ChatGPT , OpenIA's AI-based platform, at the end of March 2023. On that occasion, the Privacy Guarantor temporarily limited the use of ChatGPT , as it was found that in March 2023 "the application had suffered a data loss (data breach) regarding user conversations and information relating to the payment of subscribers to the paid service".

Furthermore, the Guarantor had underlined that the application based was characterized by the " lack of information to users and all interested parties whose data is collected by OpenAI, but above all the absence of a legal basis that justifies the massive collection and conservation of personal data , in order to "train" the algorithms underlying the functioning of the platform", After the provision, the Guarantor had given OpenIA thirty days to adapt ChatGPT's data collection procedures to European regulations. The application was active again at the end of April 2023, after OpenIA had presented the changes and adaptations requested by the Guarantor.

The March 2023 block triggered an investigative investigation conducted by the Guarantor, with the aim of establishing whether and how ChatGPT violates the privacy laws adopted in the European Union. With this latest response, the dispute between Italy and OpenIA continues on the topic of protection of personal data in applications that use AI.

Computer ChatGPT

OpenIA's reaction

In the statement, which claims that ChatGPT violates privacy regulations, OpenIA is given 30 days to provide its defense arguments to the Italian Guarantor . Furthermore, the Guarantor specifies that it will also take into account the assessments and suggestions of the Task Force established by the European Data Protection Board (EDPB) to evaluate the protection of personal data in relation to the use of artificial intelligence.

The Reuters news agency asked the company OpenIA for a response on the matter, which to date has not yet released a statement .

European laws on privacy and artificial intelligence

The blocking of ChatGPT in March 2023 was ordered by the Italian Guarantor on the basis of the European law for the protection of privacy, called the General Data Protection Regulation (GDPR), in force since 2018. This law establishes that any company responsible for violations of the rules on the protection of privacy can be fined up to 4% of its total turnover .

In December 2023, the countries of the European Union reached an agreement on a new regulation for regulating the application and development of artificial intelligence , which defines the rules and limits of use of this new technology. This legislation should be approved in early 2024, and then be applied from 2026.

The article According to the Italian Guarantor, ChatGPT violates privacy regulations was written on: Tech CuE | Close-up Engineering .