The Italian data protection regulator, Garante per la Protezione dei Dati Personali (Garante), has imposed a temporary ban on the use of the ChatGPT service in the country due to issues with user data protection. The German authorities are also considering similar measures to block the OpenAI service.
Garante has ordered OpenAI to immediately cease processing user data, citing a violation of EU General Data Protection Regulation (GDPR) laws. Users and data collectors are not provided with any information, and there is no legal basis for the mass collection and processing of personal data for the purpose of ‘learning’ the algorithms that the platform relies on. Furthermore, there is no age verification system to prevent minors from accessing the service. Additionally, the regulator raised questions about the accuracy of the information provided by ChatGPT, and also drew attention to the data breach that ChatGPT users suffered in March 2023.
OpenAI has complied with the regulator’s requirement, and ChatGPT is temporarily unavailable for Italian users. The company emphasizes that its practices are fully compliant with European privacy laws, and OpenAI is working to make ChatGPT available again in Italy soon. In the meantime, the company is refunding Italian ChatGPT Plus subscribers. OpenAI is also actively working to reduce the amount of personal data used to train AI systems, including ChatGPT, because they want their AI to learn about the world, not individuals.
Following Garante, the German authorities may also block ChatGPT due to data security problems. German Commissioner for Data Protection Ulrich Kelber said that a ban on the OpenAI service in the country is also possible. Regulators in France and Ireland have also contacted the Italian agency to discuss its findings.