Poland investigates ChatGPT for alleged privacy abuse

Occurred: September 2023

Poland's data protection authority the Urząd Ochrony Danych Osobowych (UODO) announced it was opening an investigation into OpenAI's ChatGPT for violating the privacy of Polish users.

The announcement of the investigation comes after a complaint had accused OpenAI and ChatGPT of multiple breaches of the EU’s General Data Protection Regulation (GDPR), including processing 'data in an unlawful and unreliable manner' and in a non-transparent manner. 

According to TechCrunch, the complaint was filed by local privacy and security researcher Lukasz Olejnik accusing OpenAI of a string of breaches concerning lawful basis, transparency, fairness, data access rights, and privacy by design. 

According to Olejnik, OpenAI had said it was unable to correct incorrect personal data about him, and had failed to respond properly to his subject access request, giving 'evasive, misleading and internally contradictory' answers when he had sought to exercise his legal rights to data access. 

System 🤖

Operator: OpenAI
Developer: OpenAI
Country: Poland
Sector: Multiple
Purpose: Generate text
Technology: Chatbot; NLP/text analysis; Neural network; Deep learning; Machine learning
Issue: Privacy
Transparency: Governance

Investigations, assessments, audits 🧐

News, commentary, analysis 🗞️