OpenAI is facing scrutiny from the Italian data protection authority, Garante, following an investigation that concluded the company violated European privacy laws. The Italian regulator had imposed a temporary ban on OpenAI’s large language model chatbot in 2023 for alleged violations of the European General Data Protection Regulation (GDPR). Although in-country access was later restored after OpenAI implemented changes, including age verification and an opt-out form, the Italian agency now claims that the company continues to breach privacy laws. OpenAI has 30 days to respond to the findings, and this development is part of broader European scrutiny, with regulators in Germany, France, Spain, and Poland also examining the company’s privacy practices.
The European Union is gearing up to implement a comprehensive regulation on artificial intelligence known as the AI Act. This legislation prohibits high-risk AI systems, including activities like emotion recognition and facial data scraping from CCTV. The Italian data protection authority’s actions highlight the evolving regulatory landscape surrounding AI and privacy in Europe, with authorities keen on ensuring compliance with GDPR and other relevant laws.
- ChatGPT: Privacy Guarantor, notified OpenAI of the notice of dispute for violations of privacy legislation