Italy’s privacy body opened a probe into the company in March last year and briefly banned ChatGPT, alleging it had breached the EU’s data rules.
Italy’s privacy watchdog said on Monday that it had notified OpenAI that the methods its ChatGPT uses to gather users’ data breach the EU’s privacy laws.
It comes after Italy’s Garante per la protezione dei dati personali, or DPA, opened a probe into the company in March and briefly banned the AI chatbot, alleging that it had breached the bloc’s data rules.
The Italian body said in the statement seen by Euronews Next, that it “concluded that the available evidence pointed to the existence of breaches of the provisions contained in the EU GDPR”.
“OpenAI may submit its counterclaims concerning the alleged breaches within 30 days,” the statement continued.
Euronews Next has contacted OpenAI for comment but did not receive a response at the time of publication.
The body will take account of “the work in progress within the ad-hoc task force set up by the European Data Protection Framework (EDPB) in its final determination on the case,” the statement concluded.
GDPR is the EU’s rulebook which governs how companies can use, process, and store personal data.
On March 20, the Italian Garente said ChatGPT had experienced a data breach involving payment information and user conversations.
It said there was no legal basis to justify “the mass collection and storage of personal data for the purpose of ‘training’ the algorithms underlying the operation of the platform”.
It also said that the app does not protect minors as there is no to verify the age of the user.