OpenAI did not notify the Garante of a security breach that occurred in March 2023, violating crucial GDPR regulations, which mandates immediate reporting of such incidents.
Italy’s data protection authority accused OpenAI of failing to ensure adequate transparency regarding user data processing, undermining users' rights to understand how their information is used.
The authority stressed that OpenAI must implement age verification mechanisms to avoid exposing children under 13 to potentially harmful content, emphasizing child safety in AI applications.
OpenAI has been required to run a six-month communication campaign to inform users about data collection practices, compliance with GDPR, and their rights regarding personal information.
Collection
[
|
...
]