On Friday, Italian regulators imposed an immediate ban on OpenAI's AI tool ChatGPT, giving the company 20 days to address concerns about the way data is collected and processed. Reports suggest that other European regulators may swiftly follow suit, with the German data commissioner saying similar action could be taken in Germany. Given the excitement over the availability of ChatGPT, it was easy to overlook warnings that it could run afoul of European data regulations. If the questions need to be worked through the European legal system, that could take some time, but regulators can take swift action in the meantime.
Under GDPR, there are only six lawful bases for processing personal data, such as consent, performance of a contract, legitimate interest, vital interest, legal requirement and public interest. To the extent ChatGPT is being trained on data obtained without explicit consent, it is unclear if any of these bases are applicable. Another challenge is whether the solution is competent to support the “right to be forgotten”, and OpenAI might have to address whether it knows what’s in the data sets in terms of personally identifying information. With the potential for fines of up to 4% of annual revenue, or $21.7 million, businesses should be aware of the implications of this development.
Originally reported by Martech: https://martech.org/chatgpt-under-threat-from-european-regulators/
This article was written automatically by artificial intelligence. Please make us aware if you have any concerns about this automatically generated content.
