Microsoft-backed OpenAI faces its toughest struggles yet as it gears up to comply with the EU’s GDPR. If the company fails to comply with the rules, it could face hefty fines and be forced to delete the data or even face a ban.
The company is temporarily banned in Italy and is under investigation in many European countries, including France, Germany and Ireland for alleged mishandling of data. Earlier this month Canada started investigating OpenAI for data use and disclosure.
It is believed that the company has scrapped and used people’s personal data without their consent. The Europen Data Protection Board, the umbrella organisation for data protection authorities of Europe, is planning to set up an EU-wide task force to coordinate investigations and enforcement around ChatGPT.
OpenAI has said that it is working to comply with the laws, but it is unclear if it will be able to do so in time simply because the model that the ChatGPT is based on works by scraping data from the internet.
Italy has asked OpenAI to comply with the law by April 30, which means by that time OpenAI would have to ask people for their consent or prove that it has a legitimate interest in collecting the data. Moreover, OpenAI will also have to explain how it uses people’s data and give enough power to the people to correct any mistakes about them.
The case against OpenAI is significant because it could set a precedent for how other AI companies are regulated in Europe and elsewhere. The European regulators are sending a clear message that they would not tolerate the misuse of personal data.
The case is also being closely watched by the AI community, where many are of the view that such laws are too stringent and will stifle innovation. However, the regulators argue that the laws are necessary to protect the personal data of European citizens.
“The US has a doctrine that when stuff is in public, it’s no longer private, which is not at all how European law works,” Lilian Edwards, an internet law professor at Newcastle University told MIT Technology Review. Another problem that OpenAI will face is finding and then deleting the data of Italian users which would be like finding a needle in a haystack. Even if the company deletes the data somehow, it will still linger on the internet.
It remains to be seen how OpenAI will comply with the Europen law.
In the News: UK’s Data Protection and Digital Information Bill: 5 things to know