Poland’s Personal Data Protection Office has launched an investigation into complaints against OpenAI’s ChatGPT, with an unnamed applicant accusing the company of processing data in an “unlawful and unreliable manner.”
Jan Nowak, chairman of the Data Protection Office, said in a statement on September 20 that this is not the first time that questions have been raised about ChatGPT’s compliance with European data protection and privacy principles.
The complaint alleges that OpenAI processes data in an illegal and unreliable manner, and that its rules for collecting and processing data are not transparent.
Remember we mentioned that the AI regulatory landscape in Poland is still in its infancy? This is another small but significant development.
— secgen.eu (@secgen_eu) September 21, 2023
The applicant stated that in his case, ChatGPT generated false information about him and that OpenAI did not meet his requirements to exercise his rights under the European General Data Protection Regulation (GDPR).
Novak acknowledged, however, that the proposed lawsuit against OpenAI could be difficult because it involves a company based outside the EU.
“The case involves violations of many regulations on personal data protection, which is why we will ask Open AI to answer some questions so that the administrative proceedings can be conducted thoroughly,” Novak said.
Meanwhile, Jakub Groszkowski, vice president of the Polish office, said the allegations in the complaint cast doubt on OpenAI’s approach to European personal data protection principles.
He added that the office will therefore clarify these concerns, particularly in the context of the privacy by design fundamental principles contained in the GDPR.
RELATED: German regulator launches investigation into ChatGPT GDPR compliance
This isn’t the first time OpenAI has run afoul of European GDPR compliance.
In March this year, the Italian data protection authority announced that it would temporarily block the artificial intelligence chatbot ChatGPT and launch an investigation into suspected violations of data privacy rules.
Italy’s data regulator also said users lacked information about the data collected by OpenAI.
In April, German regulators reportedly asked the company to answer questions about its intentions and ability to comply with the EU’s strict data privacy laws under the GDPR.
In the same month, the European Data Protection Board established a task force on OpenAI.
Cointelegraph reached out to OpenAI but did not receive an immediate response.
AI Eye: The Real Uses of AI in Crypto, Google’s GPT-4 Rivals, and the AI Advantage of Bad Employees