惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

H
Heimdal Security Blog
P
Privacy International News Feed
S
Schneier on Security
P
Proofpoint News Feed
L
Lohrmann on Cybersecurity
Spread Privacy
Spread Privacy
P
Privacy & Cybersecurity Law Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Scott Helme
Scott Helme
K
Kaspersky official blog
大猫的无限游戏
大猫的无限游戏
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
aimingoo的专栏
aimingoo的专栏
Simon Willison's Weblog
Simon Willison's Weblog
S
Securelist
Help Net Security
Help Net Security
B
Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Security Archives - TechRepublic
Security Archives - TechRepublic
云风的 BLOG
云风的 BLOG
The GitHub Blog
The GitHub Blog
N
News and Events Feed by Topic
Hacker News: Ask HN
Hacker News: Ask HN
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
M
MIT News - Artificial intelligence
雷峰网
雷峰网
博客园 - 司徒正美
V
V2EX
AWS News Blog
AWS News Blog
Know Your Adversary
Know Your Adversary
N
News | PayPal Newsroom
T
Tor Project blog
Cisco Talos Blog
Cisco Talos Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
PCI Perspectives
PCI Perspectives
Google DeepMind News
Google DeepMind News
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
U
Unit 42
C
Cybersecurity and Infrastructure Security Agency CISA
P
Palo Alto Networks Blog
G
Google Developers Blog
T
Threat Research - Cisco Blogs
博客园 - Franky
I
InfoQ
D
DataBreaches.Net
爱范儿
爱范儿
Y
Y Combinator Blog
博客园 - 叶小钗
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报

Compliance Solutions for Websites, Apps and Organizations | iubenda

AI can build your website. It can't manage your consent. | iubenda Browser signals and machine-readable consent: what they are and what the EU’s Digital Omnibus could change California Consumer Privacy Act (CCPA): Complete Guide How to increase your cookie banner opt-in rates: 5 mistakes to fix today | iubenda DPO Newsletter: Global Data Protection & Privacy News (issue #153) Why your consent management setup is a marketing performance question Everything you need to know about GDPR The redesigned cookie banner and configurator What nobody tells you about handing over the company you built European marketers are betting on retention. Privacy could be the edge they’re not using yet. The 5 best alternatives to Didomi in 2026: Pros, cons, pricing, and comparison Looking back on 15 years: what iubenda's founder would tell his 2011 self | iubenda The best cookie policy generator in 2026 DPO Newsletter: Global Data Protection & Privacy News (issue #152) | iubenda What publishers should expect from the EU’s Digital Omnibus proposal Uncertainty is the biggest blocker to AI adoption in marketing | iubenda Everything AI app builders need to know about vibecoding and privacy compliance | iubenda Introducing 1-Click Embedding for Google Tag Manager The Essential Small Business Terms and Conditions Template: What You Need to Know Terms of Use Template | iubenda IAB Europe Raises Concerns Over GDPR Procedural Regulation Draft Report | iubenda Learn from HelloFresh's Costly Mistake: Ensure Compliance with iubenda | iubenda Understanding the Spanish DPA Guide on Audience Measurement Cookies | iubenda The Austrian Data Protection Authority's FAQs on Cookies and Privacy | iubenda DPO Newsletter: Global Data Protection & Privacy News (issue #127) | iubenda Microsoft Ensuring European Data Stays Within the EU Cloud Boundary | iubenda Businesses Beware: ICO’s Record £14.3m in Fines for Data Misuse in 2023 Understanding the Risks and Responsibilities of Model-as-a-Service Companies in AI Development Facebook's New “Link History” Feature: A Blend of Convenience and Surveillance? | iubenda OpenAI’s Strategic Move in the EU: Aligning with Data Privacy Regulations TikTok Faces Lawsuit Over Tracking Non-Users What’s the Digital Markets Act (DMA) and how will it affect you? | iubenda Simplifying Cookie Consent: The European Commission's Approach | iubenda Google Settles Landmark Privacy Lawsuit for $5 Billion | iubenda Navigate GDPR Compliance with Confidence: Lessons from Recent Fines in Italy Simplifying the Commission's New Reporting Template for Digital Market Gatekeepers | iubenda Understanding the GDPR Complaint Against X (Twitter) for Illegal MicroTargeting | iubenda Spanish Media Giants Take On Meta in a Groundbreaking $600 Million Lawsuit | iubenda DPO Newsletter: Data Protection & Privacy News (issue #126) | iubenda Belgian DPA Mandates Cookie Banner Changes for Major Media Websites | iubenda UK's Top Websites Warned by ICO to Revise Cookie Practices | iubenda Understanding the European Union's Data Act | iubenda Google Announces Consent Mode v2 – here’s what it means for your business and advertising Noyb Challenges EU Commission Over Controversial Ad Campaign | iubenda OECD Updates AI Definition: A Step Forward in Shaping EU’s AI Law Firefox To Introduce Simplified Global Privacy Control Berlin Court Cracks Down on LinkedIn’s Privacy Violations The YouTube Ad Blocker Controversy: A Test of the ePrivacy Directive? | iubenda DPO Newsletter: Data Protection & Privacy News (issue #125) Facebook and Instagram Subscription: Meta adds a paywall | iubenda GDPR Violation: Lack of Transparency in Data Processing via Google Fonts Amazon Introduces AWS European Sovereign Cloud to Address EU Regulations | iubenda Texas New Data Privacy Law TDPSA: Everything you need to know How to Make Money with a Website Without Selling Anything Oregon Consumer Privacy Act: Overview | iubenda Google’s Move to Disable Third-Party Cookies: What Advertisers Need to Know IMY Fines H&M for GDPR Violations: A Closer Look EU Commission Requests Information from X Under Digital Services Act: What You Need to Know | iubenda Understanding California’s “Delete Act” and Data Broker Regulations TCF v 2.2 Initial Layer (Banner) Requirements | iubenda Grindr Faces €5.8 Million Fine: A Reminder on the Importance of GDPR Compliance | iubenda Newly Enacted Iowa Consumer Data Protection Act (ICDPA) | iubenda The Witch’s Brew of Privacy: A Halloween Tale of Compliance and Consequences IAB TCF 2.2 – What you need to do DPO Newsletter: Data Protection & Privacy News (issue #124) Blog Ideas That Make Money: How To Make Money From Your Blog + Examples | iubenda Maximize your Growth with Online Presence Management | iubenda Meta's New Pivot in Europe: To Pay or Not to Pay for an Ad-Free Experience? | iubenda Consumer Reports Launches Free ‘Permission Slip’ App to Protect Your Data | iubenda DAZN’s Access Request Saga Personal Brand Logo: How to Stand Out in a Crowded Marketplace UK-US Data Bridge: A New Era for Secure Data Transfers 7 Ways How to Promote Affiliate Links Effectively (And Boost Commissions) | iubenda Mastering LinkedIn Personal Branding: A Guide to More Opportunities Meta's New Approach: Pay for Your Privacy? | iubenda No Return, No Refund Policy Template & Guide GDPR in the US: a GDPR Checklist for US Companies Crafting a Niche with Branding and Identity Design | iubenda The Online Safety Bill: A Leap Towards a Safer Digital United Kingdom Understanding Google's $93m Settlement over Consumer Location Data Accusations | iubenda CCPA vs CPRA: Key Differences You Need to Know | iubenda How To Use Ecommerce Retargeting to Grow Your Business | iubenda PECR: Everything you need to know | iubenda How Mobile Apps Illegally Share Your Personal Data: A Deep Dive | iubenda Legal Spotlight: Privacy Concerns Surrounding OpenAI’s ChatGPT and Microsoft’s Involvement Legal Scrutiny Looms Over Transatlantic Data Deal: French MEP Takes Action Understanding the Digital Markets Act: A Comprehensive Guide Block AI Crawlers: Here’s How To Stop Your Site From Being Used for AI Training (OpenAI and Google Bard Irish Regulator Slaps $368M Fine on TikTok DPO Newsletter: Data Protection & Privacy News (issue #123) | iubenda The Privacy Pitfalls of Vehicle Data Collection: What You Need to Know | iubenda Twitter customer’s data on the menu for xAI models Update: Revised Swiss Privacy Law Takes Effect Fitbit and the GDPR Hurdle: What You Need to Know About Your Data Privacy | iubenda Terms of Service Template for your site | iubenda Senators Urge FTC to Investigate YouTube and Google for Violating Children's Privacy: What You Need to Google AdSense Requirements: Here's What You Need to Know | iubenda Users can’t opt out from marketing emails: FTC fines Experian $650,000 | iubenda DPO Newsletter: Data Protection & Privacy News (issue #122) | iubenda 7 Ways Business Process Automation Can Increase Your Profits
AI and Data Privacy: Global Responses and Concerns | iubenda
Jessica Ryder · 2023-05-25 · via Compliance Solutions for Websites, Apps and Organizations | iubenda
🚨 Update Alert:

This article was written prior to the recent developments regarding the New AI ACT. For the latest information, insights, and implications of this significant legislation, please visit our updated coverage here.

As artificial intelligence (AI) technologies continue to advance, concerns around privacy and ethical implications have intensified. Among these concerns is the question, is ChatGPT safe? ChatGPT (Generative Pre-trained Transformer) is an AI system capable of engaging in human-like conversations. In response, Data Protection Authorities (DPAs) have taken action to address the potential risks associated with this technology.

From guidelines and investigations to enforcement measures, DPAs worldwide have assumed a critical role in regulating ChatGPT and other AI systems. Join us on a journey into the world of AI regulation as we explore the diverse array of responses from Data Protection Authorities across the globe. 

  • Is ChatGPT safe? 
  • ChatGPT Faces Global Scrutiny: Summary
  • 🌐 Global By Country Breakdown: DPAs Reactions to ChatGPT

Is ChatGPT safe? 

People are questioning: is ChatGPT safe to use, and why are Data Protection Authorities concerned?

To answer simply, privacy implications and data handling concerns are at the forefront of decisions for all DPAs across the globe. Below are several detailed reasons why Data Protection Authorities are making noise over ChatGPT, to help you determine, is ChatGPT safe to use?

  • Privacy Risks: Data Protection Authorities are expressing concerns regarding the potential privacy risks associated with ChatGPT. They are scrutinizing the collection and processing of personal data during conversations to ensure compliance with data protection regulations, considering the interactive nature of the technology.
  • Data Handling and Consent: DPAs emphasize the need for organizations deploying ChatGPT to handle personal data responsibly. They focus on ensuring explicit consent from individuals, clearly communicating the purpose of data processing, and enabling individuals to exercise control over their data.
  • Transparency and User Awareness: DPAs are keen on transparency in AI interactions. They want individuals to be aware that they are interacting with an AI system rather than a human, ensuring that users have a clear understanding of how their data is used and the implications of engaging with ChatGPT.
  • Bias and Discrimination: The potential for biases in AI-generated conversations raises concerns for DPAs. They emphasize the importance of fairness and non-discrimination, urging organizations to address and mitigate biases that may emerge in ChatGPT’s responses.
  • Misinformation and Manipulation: DPAs are worried about the spread of misinformation or malicious manipulation through AI-generated conversations. They aim to mitigate the risks of social engineering, manipulation, and phishing attempts facilitated by ChatGPT’s persuasive capabilities.
  • Data Security and Unauthorized Access: DPAs highlight the need for robust security measures to protect against data breaches, unauthorized access, and misuse of personal information. They want organizations to implement safeguards to prevent unauthorized parties from exploiting ChatGPT’s access to sensitive data.
  • Regulatory Compliance: DPAs have a responsibility to enforce data protection regulations, such as the GDPR. Given the transformative nature of ChatGPT and its impact on privacy, DPAs are compelled to ensure compliance and hold organizations accountable for their use of the technology.

ChatGPT Faces Global Scrutiny: Summary

ChatGPT, the highly popular chatbot powered by artificial intelligence, is encountering challenges with European Union’s influential privacy watchdogs. In April 2023, it faced a temporary ban in Italy due to concerns that it could violate the General Data Protection Regulation (GDPR).

EU privacy watchdogs are now contemplating their next steps in examining potential abuses associated with ChatGPT, following the lead of their Italian counterparts. The Irish Data Protection Commission has expressed its intention to coordinate with other EU Data Protection Authorities on this matter, and the Belgian Data Protection Authority believes that ChatGPT’s potential infringements should be discussed at the European level.

Complaints against ChatGPT have already been filed with France’s Data Protection AuthorityCNIL, alleging privacy violations, including breaches of the GDPR.

Advocacy groups, such as the Center for AI and Digital Policy in the U.S. and consumer watchdog BEUC in Brussels, have also called for investigations into OpenAI and ChatGPT, warning that potential harm may occur before the EU’s forthcoming AI rule book is in place.

EU lawmakers are currently negotiating legal frameworks for AI technology as part of the EU Artificial Intelligence Act Draft. However, the absence of specific legislation on artificial intelligence has empowered data protection regulators to intervene. 

As DPA’s, their role includes enforcing the GDPR, which governs data collection, user protections against automated decision-making, transparency in data usage, the accuracy of personal data, and the right to correction. 

Keep reading below to see how regulators are reacting to ChatGPT 👇

🌐 Global By Country Breakdown: DPAs Reactions to ChatGPT

The EDPB has decided to establish a dedicated task force to facilitate cooperation and information exchange among data protection authorities regarding potential enforcement actions. Read the official press release here →

After the temporary banning of ChatGPT in Italy, OpenAI, the company behind ChatGPT, has complied with the requirements of the Italian Data Protection Authority (Garante Privacy) and introduced new measures. OpenAI has published a notice explaining the processing of personal data and granting European users the right to object to data processing. 

The company has implemented age verification measures and tools for users to request opposition to indexing or modification of their data. OpenAI is allowed to use legitimate interest as the legal basis for training the algorithm, but is subject to evaluation by the Garante Privacy.

OpenAI will continue to engage in dialogue with the Garante Privacy for compliance with GDPR.

In response to the rapid advancements in artificial intelligence (AI), particularly generative AIs like ChatGPT, the French Data Protection Authority, CNIL (Commission Nationale de l’Informatique et des Libertés), has released an action plan aimed at ensuring the deployment of AI systems that respect individual privacy.

With a long-standing focus on addressing the challenges posed by AI, CNIL’s action plan extends its efforts to encompass generative AIs, large language models, and their derivative applications, including chatbots. The plan revolves around four key objectives:

  1. Understanding the Functioning and Impact: CNIL aims to comprehensively grasp the workings of AI systems and their implications for individuals. This includes evaluating aspects like fairness, transparency, protection against biases and discrimination, and addressing the security challenges posed by these tools.
  2. Enabling Privacy-Friendly AI: CNIL seeks to guide and facilitate the development of AI systems that uphold personal data protection principles. It plans to offer guidance and recommendations to professionals, addressing issues such as data sharing, re-use, and selection, rights of individuals, and data accuracy.
  3. Supporting the AI Ecosystem: CNIL aims to foster innovation within the AI ecosystem in France and Europe by supporting and collaborating with innovative players. This includes offering tailored advice, launching support programs, and engaging in a sustained dialogue with research teams, R&D centers, and companies involved in AI development.
  4. Auditing and Control: CNIL will establish a framework for auditing and controlling AI systems, both prior to and following their deployment. The focus areas for control in 2023 include compliance with regulations on “enhanced” video surveillance, the use of AI in fraud detection, and the investigation of complaints related to AI systems. Notably, CNIL has opened a control procedure and a dedicated working group to analyze the data processing implemented by the OpenAI tool, including the ChatGPT service.

The CNIL’s action plan also includes a dedicated dossier on generative AI, shedding light on its technical functioning, legal questions, ethical challenges, and real-world applications. This additional resource complements existing materials available to professionals and the general public on the CNIL’s website.

As the AI landscape continues to evolve, CNIL’s proactive approach underscores its commitment to ensuring the responsible and ethical deployment of AI systems while protecting individual rights and freedoms.

Helen Dixon, the Data Protection Commissioner of Ireland, has emphasized the importance of thoughtful analysis and careful consideration when it comes to regulating AI technologies. She cautioned against being overly reactionary or hasty in implementing regulations, as doing so may lead to ineffective laws or unnecessary bans that lack durability and validity. Dixon highlights the need for a measured approach to ensure that regulations adequately address the complexities of AI while standing the test of time.

Reported here →

Spain’s Data Protection Authority has requested the EDPB to assess privacy concerns surrounding OpenAI’s ChatGPT. This request comes amidst increased global scrutiny of AI systems.

Spain’s DPA emphasizes the need for coordinated EU decisions on global processing operations. The inclusion of ChatGPT in the next Plenary of the European Data Protection Committee is requested.

More details here →

In a coordinated effort, German Data Protection Authority, led by the state commissioner for data protection and freedom of information in Rhineland-Palatinate, Prof. Dr. Dieter Kugelmann, have taken action against OpenAI, the operator of the popular AI chatbot ChatGPT. The authorities have sent a comprehensive catalog of questions to OpenAI, seeking clarification on various aspects of data protection and compliance. This move is part of the newly established TaskForce ChatGPT at the European level, reflecting the concerns of all EU data protection supervisory authorities.

Prof. Kugelmann, who also leads the TaskForce AI of German data protection supervisory authorities, highlighted the significance of this initiative, stating, “We need information from OpenAI in order to be able to check compatibility with European data protection law. Innovation is good and important, but on the other hand, applicable rules must be observed. The task forces in Germany and European Union will take care of that.”

The model letter developed by the German data protection supervisory authorities covers a range of crucial topics. It focuses on determining the legal basis for data processing by ChatGPT, ensuring the protection of children’s data, and ascertaining the transparency and adequacy of information provided to users regarding data processing. Transparency is of utmost importance when deploying AI systems, as it enables individuals to exercise their rights effectively.

NEW Latest Update

President Joe Biden has issued a significant executive order aimed at enhancing the safety and privacy of artificial intelligence (AI) technology in the United States. The White House unveiled this executive order on Monday, which outlines a series of measures designed to ensure the responsible development and utilization of AI.

One key aspect of the executive order is the requirement for AI companies and developers to adhere to new rules and practices to ensure the safety of AI technology. This includes sharing information about safety tests with the government and developing tools to guarantee the safety, security, and trustworthiness of AI systems.

White House Deputy Chief of Staff Bruce Reed emphasized the global significance of this move, stating, “President Biden is rolling out the strongest set of actions any government in the world has ever taken on AI safety, security, and trust.” The order reflects a comprehensive strategy to harness the benefits of AI while mitigating associated risks.

The executive order also has several implications for federal agencies. It calls for the development of a National Security Memorandum to guide the military and intelligence communities in their use of AI. Additionally, it focuses on protecting user privacy during AI training and addressing concerns related to cyberattacks and fraud attempts through the development of practices and standards.

Equity and civil rights are another central focus of the order. It builds upon previous executive orders to combat algorithmic discrimination, ensuring that AI is not used to discriminate in federal benefit programs, contracting, or within the judicial and law enforcement processes.

Furthermore, the order mandates the White House to establish principles and best practices for addressing AI’s impact on the workforce, examining job displacement and identifying potential uses to supplement specific needs. This information will be compiled into a report on AI’s labor-market implications.

On the international front, the State Department will work to create a “robust international framework” for AI governance, aligning with Vice President Kamala Harris’s involvement in the United Kingdom’s AI Summit.

President Biden’s executive order on AI comes shortly after Senate Majority Leader Chuck Schumer’s “AI Insight Forum,” which aimed to explore regulatory approaches for AI technology while fostering transformative innovation.

The Biden administration has announced that it is inviting public comments on accountability measures for artificial intelligence (AI) systems. Concerns about the impact of AI on national security and education have prompted this move.

During a groundbreaking congressional hearing, OpenAI CEO Sam Altman, along with other prominent figures in the AI industry, expressed their support for increased regulation, setting themselves apart from influential tech companies that have opposed regulatory intervention.

Altman emphasized the potential dangers associated with AI and advocated for additional government regulation. He highlighted how AI advancements could impact various sectors such as labor, healthcare, and the economy, underscoring the need for regulatory measures to prevent and mitigate any negative consequences. Altman emphasized that government intervention through regulations would play a “critical” role in addressing these concerns.

Accompanying Altman as witnesses were IBM Chief Privacy & Trust Officer Christina Montgomery and New York University Professor Emeritus Gary Marcus. Marcus delivered some of the most striking warnings during the hearing, particularly focusing on issues like political manipulation, health misinformation, and hyper-targeted advertising. He suggested the establishment of a Cabinet-level organization dedicated to keeping pace with AI developments and proposed safety reviews akin to those conducted by the Food and Drug Administration as a means of oversight.

Montgomery highlighted the importance of tailoring oversight of AI to different risks, suggesting the implementation of distinct rules for specific use cases based on their potential impact on society. She stressed that the most stringent regulations should be applied to those use cases posing the greatest risks to society.

Reported here →

Following the temporary limitation imposed by the Italian data protection authority on OpenAI’s ChatGPT due to data breach incidents, Brazil’s perspective on the use of similar AI technologies raises concerns about data protection. While Brazil does not currently have specific decisions from its National Data Protection Authority regarding ChatGPT or similar AI systems, expectations are justified for security, transparency, and privacy parameters to be consistently observed in order to provide safe and reliable technologies to the public.

In Brazil, the General Personal Data Protection Law (LGPD) imposes obligations on transparency, and data processing for children, and prohibits processing without a proper legal basis. Additionally, the Senate is considering Bill No. 21/2020, which establishes principles and guidelines for the development and application of AI in Brazil. The bill proposes procedural obligations to mitigate risks associated with AI technology, including privacy control, trustworthy testing, prevention of discriminatory practices, and transparency measures.

While regulators in Brazil have not yet introduced specific regulations for AI, the existing norms emphasize the need to address risks and protect children and adolescents in data processing.

Read here → (In Portuguese)

The UK hosted a groundbreaking AI Safety Summit on November 1-2, 2023, at the historic Bletchley Park. This summit brought together international governments, leading AI companies, civil society groups, and experts to discuss the safe development and use of frontier AI technology.

The summit aimed to address risks associated with powerful AI systems, such as biosecurity threats and the potential misuse of AI technology. It also explored the positive applications of AI, including advancements in medical technology and transportation safety.

Key objectives of the summit included developing a shared understanding of AI risks, establishing international collaboration frameworks, determining appropriate safety measures for AI organizations, and identifying areas for joint AI safety research.

The UK’s commitment to AI safety was further highlighted by its investment in AI research and development. The country is recognized as a global leader in AI, employing over 50,000 people in the sector and contributing significantly to the economy. The government also launched initiatives like the Foundation Model Taskforce to ensure the safe development of AI technologies.

With these efforts, the UK aimed to lead the international community in creating robust frameworks for AI safety, ensuring that the benefits of AI could be harnessed globally while mitigating associated risks.

As always, we’re following this evolving case and will keep this post updated with the latest developments. Bookmark this post to make sure that you don’t miss an update!