Netherlands: Announced Data Protection Authority investigation into OpenAI’s ChatGPT data processing practices compliance with General Data Protection Regulation (GDPR)

Description

Announced Data Protection Authority investigation into OpenAI’s ChatGPT data processing practices compliance with General Data Protection Regulation (GDPR)

On 7 June 2023, the Dutch Data Protection Authority (DPA) announced that it had requested information on OpenAI’s ChatGPT data processing practices and their compliance with General Data Protection Regulation (GDPR). In particular, the DPA requested information on the data used for training the OpenAI’s ChatGPT algorithm. First, OpenAI is required to submit information on whether it is using the data users include in their questions for algorithm training and how the questions posed by users are used in data training. The DPA noted that some users' questions could include sensitive information, including health data. Secondly, the DPA requested information on the OpenAI process for collecting and processing personal data from the Internet. Finally, OpenAI has to provide information on whether users can request the rectification or deletion of inaccurate, offensive or inappropriate data.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
ML and AI development
Implementation Level
national
Government Branch
executive
Government Body
data protection authority

Complete timeline of this policy change

Hide details
2023-06-07
under deliberation

On 7 June 2023, the Dutch Data Protection Authority (DPA) announced that it had requested informati…

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.