Poland investigates ChatGPT for alleged privacy abuse

Occurred: September 2023

Can you improve this page?
Share your insights with us

Poland's data protection authority the Urząd Ochrony Danych Osobowych (UODO) announced it is opening an investigation into OpenAI's ChatGPT for violating the privacy of Polish users.

The announcement comes after a complaint had accused OpenAI and ChatGPT of multiple breaches of the EU’s General Data Protection Regulation (GDPR), including processing 'data in an unlawful and unreliable manner' and in a non-transparent manner. 

According to TechCrunch, the complaint was filed by local privacy and security researcher Lukasz Olejnik and accused OpenAI of a string of breaches concerning lawful basis, transparency, fairness, data access rights, and privacy by design. 

According to Olejnik, OpenAI had said it was unable to correct incorrect personal data about him, and had failed to respond properly to his subject access request, giving 'evasive, misleading and internally contradictory' answers when he had sought to exercise his legal rights to data access. 


Operator: OpenAI
Developer: OpenAI
Country: Poland
Sector: Multiple
Purpose: Generate text
Technology: Chatbot; NLP/text analysis; Neural network; Deep learning; Machine learning
Issue: Privacy
Transparency: Governance


Legal, regulatory

Investigations, assessments, audits

News, commentary, analysis