The Polish Office for the Protection of Personal Data (UODO) has launched an investigation into ChatGPT, the artificial intelligence chatbot developed by OpenAI. This case highlights the growing tension between innovation in the field of artificial intelligence (AI) and strict data protection regulations in the European Union.
Artificial intelligence has seen rapid development in recent years, with applications ranging from speech recognition to text generation. In parallel, the European Union has implemented the General Data Protection Regulation (GDPR), a regulation that establishes strict guidelines on how personal data should be handled.
Privacy and security researcher Lukasz Olejnik filed a complaint accusing OpenAI of multiple GDPR violations. Olejnik questions OpenAI’s transparency in its data processing and criticizes the lack of clarity in its privacy policies by design.
The UODO, a Polish regulatory authority, has taken the lead in investigating these allegations. The complexity of this case is that OpenAI is a company based outside the EU, which adds additional layers of difficulty to the investigation process.
This case could set a precedent for how AI technologies are addressed in the context of data regulation in the EU. It is not the first case of this type; Authorities in Italy and Spain have also launched similar investigations.
In an attempt to navigate this complex regulatory environment, OpenAI has opened an office in Dublin, Ireland. However, this measure has not yet changed its status in terms of GDPR compliance in the EU.
More information at uodo.gov.pl