ChatGPT accused of violating GDPR by not correcting inaccurate personal info

OpenAI’s AI model, ChatGPT, has been accused of violating the General Data Protection Regulation (GDPR) by not correcting inaccurate personal information. 

Privacy group noyb (None of Your Business) filed a complaint against OpenAI triggered by ChatGPT’s failure to supply the correct birthday of a public figure, instead making a wild guess.

Noyb argued that this behaviour violates GDPR rules on privacy, the accuracy of information, and the right for individuals to correct inaccurate information. The group also claimed that OpenAI refused to correct or delete wrong answers, and would not disclose information about the data processed, its sources, or recipients.

The complaint further stated that ChatGPT’s “hallucinations” or generation of false information about individuals can have serious consequences. It is argued that if a system cannot produce accurate and transparent results, it should not be used to generate data about individuals. Violating the EU’s GDPR can lead to a penalty of up to 4 percent of a company’s global revenue. 

Noyb has asked the Austrian privacy watchdog to investigate OpenAI to check on the accuracy of the personal data it handles. 

Regulation ⚖️

• EU General Data Protection Regulation

Legal, regulatory 👩🏼‍⚖️

• NYOB. Complaint against OpenAI (pdf)

• NYOB. ChatGPT provides false information about people, and OpenAI can’t correct it

News, commentary, analysis 🗞️

• https://www.theregister.com/2024/04/29/openai_hit_by_gdpr_complaint/

• https://qz.com/openai-scrutiny-european-union-chatgpt-hallucinations-1851442350

• https://techcrunch.com/2024/04/28/chatgpt-gdpr-complaint-noyb/

• https://www.politico.eu/article/chatgpts-hallucinations-get-eu-privacy-complaint/