Roma
Via della Vite 41, 00187
+39 06 772 50 136
+39 06 770 70 449
Rende
Rende (CS)
Corso Italia 215, 87036

The ChatGPT block

The Privacy Guarantor has blocked ChatGPT in Italy.

The temporary limitation of the processing of Italian users’ data comes after March 20, when the software suffered a data breach, losing information relating to conversations with users and payment methods provided.

Created by San Francisco-based AI research firm OpenAI, ChatGPT is Natural Language Processing software. To interact with users, it draws not only from an infinite series of digital data, but also from the same conversations with users. This is what makes ChatGPT so interesting and potentially flawed: its ability to learn what users have told it before. And therefore learning from us could also communicate wrong or inaccurate answers from a lexical and grammatical point of view.

With regard to the blockade in Italy, Open AI has 20 days to communicate the measures taken to meet the requirements requested by the Authority and, in the event of failure, could pay fines of up to 20 million euros.

In fact, the Authority asked the American company to provide useful information on the legitimacy of data processing in the learning phase of the artificial intelligence system. In fact, the lack of a legal basis that allows the use of user data to train the algorithm is contested.

Another issue to be explored is the way in which ChatGPT selects its sources: inaccuracies in the information given to users and provided by them can lead to incorrect data processing.

The last point highlighted by the Privacy Guarantor is the management of underage users. ChatGPT does not have any type of filter to verify the age of users: therefore, despite the formal limitation for under 13s, in fact there is no mechanism that prevents minors from acquiring information unsuitable for their degree of awareness or providing personal data.

In the digital society in which we are called to act, the possibility of being able to rely on certain services plays a fundamental role: the Authority’s decision highlights the crucial importance of online data security and management and processing. Also thanks to the GDPR, the general regulation on data protection operating in the European Union, users are acquiring greater awareness of privacy.

The issue of online privacy remains a necessary piece for a safe digital transition path: so essential as to limit even such resonant projects, such as ChatGPT.