ChatGPT's developer OpenAI has been ordered to implement a ‘right to be forgotten’-style policy in the chatbot by the Italian data protection regulator (SA).
Data subject rights were among the most important considerations made by the Italian regulator in deciding ChatGPT’s long-term presence in the country, which has recently been in doubt.
The additional measures that must be implemented, per the Italian SA’s recent address, include the capability for users and non-users to request their personal information be changed if generated in ChatGPT user prompts.
“OpenAI will have to make available easily accessible tools to allow non-users to exercise their right to object to the processing of their personal data as relied upon for the operation of the algorithms,” the regulator said.
“The same right will have to be afforded to users if legitimate interest is chosen as the legal basis for processing their data,” it added.
The measures echo the so-called ‘right to be forgotten' - the data privacy rule that preceded GDPR and was ultimately included in the EU-wide regulations in 2018.
Since Italy banned the use of ChatGPT in the country earlier this month, a move that was branded ‘an overreaction’ by experts, talks have been ongoing between it and OpenAI - ChatGPT’s developer.
The result of these talks has led the California-based firm being given a ‘to-do’ list of changes before it can resume operating in the country.
OpenAI has been given a deadline of 30 April to comply with the numerous measures set out by the Italian SA.
These include changes to data processing transparency, the rights of data subjects, the legal basis of data processing for algorithmic training, and safeguards for minors.
GDPR and data subject rights
Data subject rights outlined under GDPR include eight fundamental tenets, including the right to withdraw consent for the use and processing of personal data.
Under GDPR, citizens are also entitled to the right to rectification under Article 16 of the legislation, meaning that data subjects can request “inaccurate or outdated personal information be updated or corrected”.
RELATED RESOURCE
Innovation to boost productivity and provide better data insights
Similarly, data subjects have the right to be forgotten, or the ‘right to erasure’, which enables them to request that their personal data be deleted.
In this context, the Italian data protection regulator appears concerned that given the potential for personal information to be disclosed via ChatGPT, this poses a risk to Italian citizens and is in breach of GDPR.
Large language models (LLMs) such as ChatGPT rely on huge volumes of information drawn from the internet to train AI models.
This has posed questions recently over how platforms such as ChatGPT may pose privacy risks - and the generation of incorrect information has been thrust firmly into the spotlight in this regard.
Last week, an Australian mayor mulled the prospect of legal action when ChatGPT generated false information which stated he was imprisoned for bribery.
In reality, Brian Hood, Mayor of Hepburn Shire Council, was a whistleblower and was neither arrested nor convicted on criminal charges.
Regulatory crackdown
Discussions around regulatory safeguards to mitigate the potential dangers of generative AI have raged since the launch of ChatGPT in November last year.
Earlier this week, US authorities launched a public consultation to explore potential “accountability measures” for companies developing AI systems such as ChatGPT.
The consultation could guide the development of future US legislation on AI safeguards to ensure responsible use.
-
Trump's AI executive order could leave US in a 'regulatory vacuum'News Citing a "patchwork of 50 different regulatory regimes" and "ideological bias", President Trump wants rules to be set at a federal level
-
TPUs: Google's home advantageITPro Podcast How does TPU v7 stack up against Nvidia's latest chips – and can Google scale AI using only its own supply?
-
OpenAI turns to red teamers to prevent malicious ChatGPT use as company warns future models could pose 'high' security riskNews The ChatGPT maker wants to keep defenders ahead of attackers when it comes to AI security tools
-
Some of the most popular open weight AI models show ‘profound susceptibility’ to jailbreak techniquesNews Open weight AI models from Meta, OpenAI, Google, and Mistral all showed serious flaws
-
'It's slop': OpenAI co-founder Andrej Karpathy pours cold water on agentic AI hype – so your jobs are safe, at least for nowNews Despite the hype surrounding agentic AI, OpenAI co-founder Andrej Karpathy isn't convinced and says there's still a long way to go until the tech delivers real benefits.
-
OpenAI signs another chip deal, this time with AMDnews AMD deal is worth billions, and follows a similar partnership with Nvidia last month
-
OpenAI signs series of AI data center deals with SamsungNews As part of its Stargate initiative, the firm plans to ramp up its chip purchases and build new data centers in Korea
-
Why Nvidia’s $100 billion deal with OpenAI is a win-win for both companiesNews OpenAI will use Nvidia chips to build massive systems to train AI
-
OpenAI just revealed what people really use ChatGPT for – and 70% of queries have nothing to do with workNews More than 70% of ChatGPT queries have nothing to do with work, but are personal questions or requests for help with writing.
-
Is the honeymoon period over for Microsoft and OpenAI? Strained relations and deals with competitors spell trouble for the partnership that transformed the AI industryAnalysis Microsoft and OpenAI are slowly drifting apart as both forge closer ties with respective rivals and reevaluate their long-running partnership.
