The Italian Data Protection Authority has revealed that it has imposed a €15 million fine on OpenAI for multiple breaches of the EU's GDPR regulations. The agency claims that the creator of ChatGPT collected personal data without a lawful reason and also failed to report a security breach that occurred in March 2023.
Concerns About Child Safety
Additionally, the agency pointed out that OpenAI lacked proper "mechanisms for age verification," which could lead to children under 13 being exposed to responses that are not suitable for their level of maturity and understanding. This raises serious concerns about the safety of young users interacting with the platform.
Required Actions by OpenAI
The authority has mandated that OpenAI establishes a "six-month institutional communication campaign across radio, television, newspapers, and the Internet." This campaign aims to enhance public knowledge and awareness regarding how ChatGPT operates, as well as how it collects and manages user data.
In a response shared with Euro News, OpenAI described the ruling as "disproportionate" and expressed its intention to challenge the decision. The spokesperson mentioned that the penalty was "almost 20 times" the revenue generated by the company in Italy for the year.
Source: Link