Italy: Data Protection Authority fined OpenAI EUR 15 million for violations of General Data Protection Regulation

Data Protection Authority fined OpenAI EUR 15 million for violations of General Data Protection Regulation

On 20 December 2024, the Italian Data Protection Authority (DPA) published its ruling specifying that OpenAI, which operates the ChatGPT service, violated several provisions of the General Data Protection Regulation (GDPR). The violations included f…

Scope

Policy Area

Data governance

Policy Instrument

Data protection regulation

Regulated Economic Activity

ML and AI development

Implementation Level

national

Government Branch

executive

Government Body

data protection authority

Complete timeline of this policy change

Hide details

2023-03-30

under investigation

On 30 March 2023, the Italian Data Protection Authority (DPA) issued an order blocking OpenAI's pla…

2023-04-11

under investigation

On 11 April 2023, the Italian Data Protection Authority (DPA) announced it would suspend its order …

2023-04-28

in force

On 28 April 2023, the Italian Data Protection Authority (DPA) announced that OpenAI’s platform Chat…

2024-01-29

under investigation

On 29 January 2024, the Italian Data Protection Authority (DPA) issued a notice of objection to Ope…

2024-12-20

in force

On 20 December 2024, the Italian Data Protection Authority (DPA) published its ruling specifying th…

Description

Data Protection Authority fined OpenAI EUR 15 million for violations of General Data Protection Regulation

Scope

Complete timeline of this policy change