EU taskforce unveils initial strategies for ChatGPT's privacy compliance and regulation
A European Union data protection taskforce has spent over a year assessing ChatGPT’s compliance with GDPR, but remains undecided on key issues regarding the lawfulness and fairness of OpenAI's data processing.
Fines for GDPR violations can reach up to 4% of global annual turnover, and non-compliance may lead to operations being halted.
Various GDPR complaints have arisen, such as data inaccuracies and inability to correct errors, leading to ongoing investigations.
Italy's DPA temporarily banned ChatGPT, emphasizing the need for legal basis, either through consent or legitimate interests, for data processing.
The EDPB taskforce suggests safeguards and transparency to reduce privacy risks but leaves many issues unresolved.
OpenAI has restructured its EU operations, granting Ireland's DPC main oversight, potentially benefiting from a more lenient regulatory approach.
More details about the updates