Italy’s data protection agency, known as Garante, has recently issued a list of requirements for OpenAI’s ChatGPT service following concerns about the potential of violations of privacy and failure to verify the ages of users. As the artificial intelligence (AI) chatbot service had raised suspicions of breaching the European Union’s General Data Protection Regulation (GDPR), the watchdog had ordered the halting of data processing of those Italian residents who had used the American company.
In an official announcement, Garante declared the necessary actions which OpenAI must undertake in order to rescind the command imposed upon ChatGPT. The directives require the firm to increase transparency, produce an information notice fully clarifying its processing practices, and execute measures of age-gating immediately to guard minors from accessing the technology; One of such methods includes improved and more accurate age verifications. OpenAI has to specify the precise legality behind the use of processing individuals’ data to cultivate its AI, and it cannot rely on the performance of a contract, meaning that it must either obtain user consent or fallback on legitimate interests. Currently, OpenAI’s privacy policy mentions three lawful bases but gives more significance to the performance of a contract to provide services like ChatGPT.
As well as that, OpenAI must provide users and non-users the right to exert control over their personal information, such as requiring corrections of any inaccuracies created by ChatGPT, or removing their data entirely. The regulatory agency has set a timeline for OpenAI’s compliance requirements, which is by April 30, holding bits for updating the age-gating child safety technology, allowing OpenAI until May 31 to present a strategized design, and Sept. 30 as the deployment date for the more protective age verification system.
Consequently, OpenAI has pulled out ChatGPT from its operations in Italy to comply with the mandates of Garante. It has been given an extension to meet the age verification demand, but is still expected to fulfill the other compliance instructions before the deadline.
OpenAI’s ChatGPT stands out due to its ability to create natural language responses resembling human conversation. Though, doubts have been aroused concerning the probable effect of such technology on privacy, especially with reference to children. This is not the first time OpenAI has gone under scrutiny by regulators; in 2019, the company declared that it would not disseminate a powerful language-generating AI model due to worries about the chances of abuse. It has since launched similar models with supplementary safeguards.
OpenAI is an AI research company that focuses on minimizing the risk of advanced AI-powered technology. Its mission statement is to ensure that artificial intelligence remains consistent with human values, including safety, privacy, and creativity. Founded in 2015, OpenAI has a team of more than 150 individuals from some of the leading organization in the AI industry.
Garante is the data protection agency of Italy. It was established in 1998 to ensure that citizens and organizations uphold the GDPR and uphold due respect and attention to personal data protection. Garante is responsible for managing the data protection process in the country and plays a vital role in lowering the chances of misuse of personal data. Apart from Italy, Garante also helps to shape the European Union’s regulatory policy in the same field.
