Italy’s data protection authority, Garante, has officially notified OpenAI that its Artificial Intelligence 0chatbot application, ChatGPT, is in violation of data protection regulations.
This announcement comes on Monday, marking a continuation of an investigation initiated last year by Garante, one of the European Union’s proactive bodies in assessing AI platform compliance with the bloc’s stringent data privacy regime.
Last year, Garante had imposed a ban on ChatGPT due to alleged breaches of EU privacy rules. Following intervention by OpenAI to address concerns, including user rights to withhold consent for the use of personal data in algorithm training, the service was reinstated. Despite the reactivation, Garante expressed its commitment to ongoing investigations.
In a statement, Garante disclosed that it had identified elements suggesting potential data privacy violations, although specific details were not provided. OpenAI has not yet responded to requests for comments on the matter.
Garante has granted Microsoft-backed OpenAI a 30-day window to present its defense arguments with the authority’s investigation stating that it will consider findings from a European task force comprised of national privacy watchdogs.
Italy stands out as the first West European country to curb ChatGPT, reflecting the increasing scrutiny from lawmakers and regulators on the rapid development of this AI technology. The General Data Protection Regulation (GDPR) introduced by the EU in 2018 empowers authorities to impose fines of up to 4% of a company’s global turnover for violating privacy rules.
In a related development, in December, EU lawmakers and governments reached provisional terms for regulating AI systems, including ChatGPT, signaling a significant step toward establishing comprehensive rules governing the transformative technology.