The Italian Data Protection Authority (Garante per la protezione dei dati personali, GPDP) has fined ChatGPT maker, OpenAI 15 million euros after closing an investigation into the use of personal data by the generative artificial intelligence application.
The Garante said it found OpenAI processed users’ personal data “to train ChatGPT without having an adequate legal basis and violated the principle of transparency and the related information obligations towards users”.
According to the Italian Data Protection Authority, the US company in 2023 processed users’ personal data to train ChatGPT without first identifying an appropriate legal basis and has violated the principle of transparency and the related information obligations toward users.
“Furthermore, OpenAI has not provided mechanisms for age verification, which could lead to the risk of exposing children under 13 to inappropriate responses with respect to their degree of development and self-awareness,” the Authority stated.
Transparency order Aside from the 15 million euro fine, the Authority, with the aim of ensuring effective transparency in the processing of personal data, also ordered OpenAI to carry out a 6-month institutional communication campaign on radio, television, newspapers, and the Internet.
“The content, to be agreed with the Authority, should promote public understanding and awareness of the functioning of ChatGPT, in particular on the collection of user and non-user data for the training of generative artificial intelligence and the rights exercised by data subjects, including the rights to object, rectify and delete their data.
“Through this communication campaign, users and non-users of ChatGPT will have to be made aware of how to oppose generative artificial intelligence being trained with their personal data and thus be effectively enabled to exercise their rights under the GDPR.
“The Data Protection Authority imposed a fine of EUR 15 million on OpenAI, which was also calculated taking into account the company’s cooperative attitude,” it stated.
Last year the Italian watchdog briefly banned the use of ChatGPT in Italy over alleged breaches of EU privacy rules.The service was reactivated after Microsoft-backed OpenAI addressed issues concerning, among other things, the right of users to refuse consent for the use of personal data to train algorithms.What you should know OpenAI’s fine came as the third major sanction on tech giants this week, with Meta, Facebook’s parent company, and Netflix also bearing the brunt of European regulators this week over data protection breaches.
On Wednesday, the Dutch Data Protection Authority (Dutch DPA) fined streaming giant Netflix €4.75 million for failing to provide customers with adequate and clear information about its handling of personal data between 2018 and 2020.The fine came after an investigation revealed violations of the General Data Protection Regulation (GDPR).Earlier on Tuesday, Meta was also slammed a €251 million in Europe over a 2018 personal data breach that impacted 29 million Facebook users globally.In Meta’s case, the fine came from the Irish Data Protection Commission (DPC), which pointed out that the breach arose from the exploitation by unauthorized third parties of user tokens on the Facebook platform.
Samson Akintaro Samson Akintaro is a tech enthusiast and has over a decade experience covering and writing about the tech industry. He is currently the Tech Analyst at Nairametrics.
GIPHY App Key not set. Please check settings