OpenAI is reportedly facing a complaint filed with the Polish data protection authority that alleges the company’s ChatGPT, the AI language model, is not compliant with the European Union’s General Data Protection Regulation (GDPR). The complaint asserts that OpenAI has breached several dimensions of the GDPR, including lawful basis, transparency, fairness, data access rights, and privacy by design.
The complaint was filed by Lukasz Olejnik, a security and privacy researcher, who found inaccuracies in a biography generated by ChatGPT. Olejnik’s complaint argues that OpenAI’s approach to developing and operating ChatGPT violates GDPR regulations, claiming that the company did not engage with local regulators before launching the AI chatbot in Europe.
The complaint alleges that OpenAI processed personal data unlawfully, unfairly, and in a non-transparent manner. It also asserts that OpenAI failed to rectify inaccuracies generated by ChatGPT when requested, which contradicts GDPR’s principles.
The Polish data protection authority is expected to investigate the complaint, a process that could take several months to years.
This isn’t the first time OpenAI has faced GDPR-related issues. In March, Italy briefly banned ChatGPT after its data protection authority began probing potential GDPR breaches and age-verification practices. ChatGPT was reinstated in Italy after OpenAI fulfilled the data protection authority’s requirements in April.
By FCCT Editorial Team
, an independent military force, and allied militias in Sudan raped several dozen women and girls in West Darfur’s capital, El Geneina, and those fleeing to Chad between late April and late June 2023, Human Rights Watch said today. The assailants appear to have targeted people because of their Massalit ethnicity and, in some cases, because they were known activists.){kind=link}