Temporary restriction order for ChatGPT
Italian data protection authorities have temporarily imposed restrictions on the AI language model “ChatGPT” for allegedly violating the General Data Protection Regulation (GDPR) of the EU (European Union). The Italian data protection agency GPDP announced on the 31st.
This measure is a response to the ChatGPT customer information leak that was discovered on March 20. ChatGPT developer OpenAI announced on the 24th that it had taken the service offline in order to deal with a bug that caused a user’s chat history to be displayed to others. It is said that personal information such as credit card numbers (last 4 digits) and addresses of some paid users was leaked.
Under the EU Data Protection Regulation (GDPR), the Italian Supervisory Authority (SA) has ordered the immediate restriction of data processing for Italian users by the US company OpenAI. At the same time, a fact-finding investigation has begun.
The authorities pointed out that ChatGPT did not provide users with enough information in advance about why they are collecting data. It argues that there is no legal basis for AI to collect and store large amounts of personal data when learning algorithms.
In addition, he said that personal data collected may be processed incorrectly because the information provided by ChatGPT is sometimes inconsistent with the facts.
The Italian data protection authority also said that although ChatGPT limits its users to those over the age of 13, the lack of a user age verification process within the service meant that minors were being shown inappropriate answers. emphasized that there is a possibility
Because OpenAI has a representative in the European Economic Area, it is subject to Italian supervisory authorities. Failure to notify within 20 days of the measures taken may result in fines of up to approximately ¥2.9 billion (€20 million) or up to 4% of total global annual turnover.
What is GDPR
“Personal Data Protection Law” in the EU. It imposes stringent requirements on companies, and non-compliance can result in fines of up to 4% of annual global turnover. The basic principles that companies and organizations must adhere to in order to comply with the GDPR are:
Transparency, data subject rights, data minimization, legal basis, security, data protection principles, data breach notification, international data transfers, representation within the EU, privacy impact assessment.
connection:Meta Inc. Fined 55 Billion Yen for Behavioral Advertising
AI chatbot development regulations
While AI chatbots are gaining attention all over the world, there are also voices objecting to blind development. The Center for AI Digital Policy (CAIDP), a non-profit research organization that addresses AI ethics, social impacts and privacy issues, said today that ChatGPT poses a threat to public safety and privacy. (FTC).
The FTC is a federal agency that supervises and monitors fair trade in the United States. CAIDP requires OpenAI to undergo an independent review before releasing any AI product. He also called for a freeze on future AI language model releases until they comply with FTC guidelines for transparency, fairness, and clarity.
On the 29th, an online signature campaign was launched asking all research institutes to suspend the development of next-generation AI systems that are more powerful than the AI language model “GPT-4” released by OpenAI in March for six months. rice field. CAIDP Chairman Mark Lautenberg is on the list of signatures, along with Tesla founder Elon Musk and Apple co-founder Steve Wozniak.
connection:Elon Musk, AI researchers call for a pause in next-generation AI model development