In an ongoing series of challenges to compliance with the General Data Protection Regulation (GDPR), OpenAI is once again under the spotlight of European privacy watchdogs. This time it is the Polish privacy authority, UODO (Urząd Ochrony Danych Osobowych), which has opened an investigation into ChatGPT’s activities. This development comes just months after the Italian regulator took OpenAI to task and other European member states began looking at ChatGPT with greater interest. Spain is also currently under investigation, while the Belgian Data Protection Authority (GBA) is calling for a European approach to the issue.
ChatGPT investigated for alleged AVG violations
Polish privacy watchdog UODO has announced in a public statement that they have launched an investigation into ChatGPT after previously receiving a complaint regarding the use of the system. Although details of the complaint have not been released, UODO has indicated violations of “multiple rules” of the AVG. Chairman Jan Nowak emphasized the seriousness of the matter and stressed that his office is taking the issue very seriously.
OpenAI’s Previous AVG Violations Raise European Concerns Around ChatGPT
This is not the first time OpenAI has faced legal challenges regarding AVG compliance. In March this year, the company faced a similar situation when the Italian regulator imposed a fine for data protection violations. These developments have encouraged other European member states to turn their attention to ChatGPT and similar AI systems.
Spanish Authorities Investigate ChatGPT
Spain has also launched an investigation into ChatGPT, with Spanish authorities closely monitoring OpenAI’s activities to detect possible AVG violations. Although the results of this study have not yet been released, it points to growing concerns within the European Union about data protection in relation to AI systems.
Despite the fact that the Belgian GBA has not yet launched its own investigation, the agency did call for a coordinated European approach to the ChatGPT issue. This highlights the growing awareness among European regulators that regulations regarding AI and data protection must be strengthened and harmonized to ensure the rights and privacy of European citizens.