Italy’s data protection agency on Wednesday laid out a series of requests to the artificial intelligence research lab OpenAI to address its concerns about ChatGPT. After meeting these requirements, ChatGPT will be allowed to resume use in Italy.
About two weeks ago, OpenAI took ChatGPT offline in Italy. The move comes after the Italian Data Protection Authority (Garante) temporarily restricted ChatGPT’s processing of personal data and launched an investigation into alleged violations of privacy rules. Italy was the first Western European country to restrict ChatGPT, but the chat tool’s rapid growth has drawn the attention of lawmakers and regulators in several countries. Many experts say new regulations are needed to regulate AI, given its potential impact on national security, jobs and education.
In a statement Wednesday, Garante laid out a series of “specific” requirements that OpenAI needs to meet by the end of the month. “Only in this case… the authorities will suspend the temporary restrictions on the data usage of Italian users…ChatGPT will be available again in Italy,” Garante said.
OpenAI was asked to inform Italian users of the “method and logic” behind processing the data needed for ChatGPT to function, the agency said. It also asks OpenAI to provide tools by which those whose data is involved (including non-users) can request that inaccurate personal data generated by the service be corrected or, where correction is not possible, be deleted.
Garante said OpenAI should also allow non-users to object to the processing of their personal data to run its algorithms “in a simple and accessible way.” It also gave the company until the end of September to roll out an age verification system that would exclude users under 13 from access.
Garante said it would continue to investigate OpenAI’s possible breach of data protection rules and reserved the right to take any other necessary steps at the conclusion of the ongoing investigation.
Italy’s move against ChatGPT has drawn attention from other European privacy regulators, who are examining whether tougher measures against chatbots are needed, and whether coordination is required. Spain’s data protection agency has asked EU privacy regulators to assess privacy concerns surrounding ChatGPT. In February, Italian regulators banned AI chatbot company Replika from using Italian users’ personal data, citing risks to minors and the emotionally vulnerable.
