The Italian Data Protection Agency, or Garante, was recently forced by a watchdog to punish OpenAI after violations of the EU’s General Data Protection Regulation of March 2023. OpenAI is an artificial intelligence (AI) chatbot service based in the United States, and an order was issued for them to halt their processing of data belonging to individuals located in Italy.
In response to the situation, Garante issued a statement outlining the steps that must be taken in order for the restriction to be lifted. OpenAI is to increase their transparency, issuing information notices outlining their data processing practices, as well as implementing age-gating measures immediately. Furthermore, they must adopt age verification procedures of a more strict nature.
OpenAI is a pioneer in the AI technology space and its development of a chatbot was started in 2017. The chatbot is called ChatGPT and it is capable of having conversations with users just as real humans would. As the company continues to mature, its passion to keep users safe only strengthens. OpenAI has implemented many measures since its founding such as encryption, data security and privacy practices. For example, OpenAI’s processor that handles stored user data is stored in an encrypted location, with access granted through a multi-factor authentication system and locally stored encryption keys.
Garante’s demand for a greater transparency from OpenAI is only a sign that their commitment to protecting user information is of utmost importance. This demand comes from Mario and Fabrizio Bortolameri, two of Italy’s most prominent data specialist and privacy experts. The pair have been the cornerstone of the country’s data protection movement since the early 2000s and strive to ensure the utmost safety and security when it comes to how companies may process personal data.
In the end, Garante has stressed the importance of OpenAI remaining true to its commitment when it comes to user security and privacy. While the company has taken extensive measures to protect user information, it must still adhere to the laws and regulations set by the European Union, and Italy’s data protection agency in particular. Hopefully, OpenAI will take Garante’s demands of greater transparency and stricter age verification methods seriously, to ensure the utmost security when it comes to their users’ data.
