By Eliza Gkritsi | Euractiv Est. 3min 29-04-2024 Content-Type: News News Based on facts, either observed and verified directly by the reporter, or reported and verified from knowledgeable sources. epa10631881 OpenAI CEO Sam Altman testifies before the Senate Judiciary Subcommittee on Privacy, Technology, and the Law for an oversight hearing to examine the rules governing artificial intelligence (AI) in the Dirksen Senate Office Building in Washington, DC USA, 16 May 2023. Altman called on Congress to pass regulation to ensure safety standards for AI. EPA-EFE/JIM LO SCALZO Euractiv is part of the Trust Project >>> Languages: Français | DeutschPrint Email Facebook X LinkedIn WhatsApp Telegram Noyb, the Austrian non-profit founded by activist Max Schrems, has filed a complaint with the local privacy authority, alleging that OpenAI has violated the EU’s General Data Protection Regulation (GDPR) and has not done enough to correct inaccurate personal information provided by ChatGPT. Schrems, an activist and lawyer, has filed some of the most consequential privacy complaints in the EU. The complaint against OpenAI, filed on Monday (29 April) with Austria’s DSB, centres around “hallucinations”, wrong answers provided by artificial intelligence (AI) large language models. It asks for an investigation, a fine, corrective measures, and a declaratory decision. The company, OpenAI, is aware of the problem, but does not seem to care, Noyb said in a press release announcing the complaint. OpenAI did not respond to Euractiv’s request for comment at the time of publication. Large language models, such as ChatGPT, work by predicting the most likely words to be given in response to certain prompts. Sometimes, the model will infer the wrong words to fill in a sentence, giving an incorrect answer, or “hallucination” in the industry’s jargon. This is “acceptable” for “homework,” but not for individuals, Noyb said. EU law requires that personal data is accurate since 1995, and this principle is enshrined in the GDPR, the EU’s data privacy law, the non-profit said. Noyb mentioned the example of a public figure whose birthdate is not available online. ChatGPT wrongly inferred their birthdate when asked. OpenAI also gave an unsatisfactory response to a December 2023 request for access and erasure of the data. Data controllers under GDPR are obliged to give data subjects access to information about the processing of their personal information and delete it open request, with some restrictions. The company only provided account data for the user, but no information about the processing of personal data by the system, Noyb said. OpenAI also said that they could only block the model from giving any answer to the question about the birthdate but could not correct the provided answer, the complaint reads. This would have led to more information about the data subject being blocked from ChatGPT, which would hinder the public’s right to information about this person, who is a known figure, OpenAI said, according to the complaint. “ChatGPT cannot correct information, cannot selectively block information and any data subject must simply live with that situation – according to the controller,” the complaint said. OpenAI’s Ireland office is only a facade, while all the decisions are still taken in the US, Noyb said. For this reason, the complaint is filed against one of the company’s US for-profit entities, OpenAI OpCo LLC, which is mentioned in its terms of service. [Edited by Zoran Radosavljevic] Read more with Euractiv Bolt lobbying revelations: Estonia official says human error behind missing correspondenceThe omission of emails from the Estonian Ministry of Economic Affairs to Bolt and other mobility tech firms, demanded in a freedom of information (FOI) request, was due to human error, the Ministry's Deputy Secretary General Sandra Särav told Estonian news agency ERR.
