OpenAI Faces Privacy Complaint Over ChatGPT’s Misinformation

OpenAI, the maker of the popular artificial intelligence (AI) chatbot ChatGPT, is under scrutiny after a privacy advocacy group in Austria, None Of Your Business (NOYB), lodged a complaint alleging the bot provided incorrect personal information about an individual. 

The complaint claimed this could be a violation of the European Union's stringent General Data Protection Regulation (GDPR). According to NOYB, ChatGPT generated inaccurate birthdate information about a person and continued to provide this misinformation despite requests for correction, claiming technical limitations prevented the rectification of such errors. 

OpenAI had offered to filter or block data on certain prompts but indicated that correcting the inaccuracy might not always be possible. This stance could pose significant issues under GDPR, which mandates that EU residents have the right to rectification of incorrect personal data.

The incident is not isolated, with similar concerns echoed in complaints filed in Poland and ongoing investigations in Italy. Italian regulators had previously halted the operation of ChatGPT, lifting the ban only after OpenAI introduced changes like user warnings and an opt-out option for training data use.

The broader implications of this complaint could pressurise OpenAI and other AI developers to reconsider how their technologies handle personal data, especially as GDPR violations can lead to severe penalties, including fines of up to four percent of global annual turnover. The case also raises questions about the transparency of data sources used by AI systems and the indefinite storage of generated data.

NOYB’s data protection lawyer, Maartje de Graaf, said that AI technologies must be capable of producing accurate and transparent results when processing personal data. The advocacy group has called on the Austrian Data Protection Authority to investigate, highlighting a critical juncture for AI governance in Europe.