Amid growing global concerns about artificial intelligence (AI) systems, Spain’s data protection agency, the AEPD, has urged the European Union’s privacy watchdog, the European Data Protection Board (EDPB), to assess the privacy implications of OpenAI’s ChatGPT.

artificial intelligence (AI) systems

The move comes as France’s privacy watchdog, CNIL, said it was investigating several complaints about ChatGPT. Similarly, Italy’s data regulator has been reviewing measures proposed by Microsoft-supported OpenAI following anxieties that prompted the regulator to ban the chatbot temporarily late last month.

The AEPD has requested that the issue of ChatGPT be included in the next plenary of the EDPB, so that dovetailed actions can be put in motion within the framework of the application of the General Data Protection Regulation.

The EDPB, which includes representatives of national data privacy watchdogs, is scheduled to meet on April 13th. It is unclear whether the ChatGPT topic will be on the table for discussion at a meeting scheduled to take place this week.

The Italian regulator’s move has caught the attention of other privacy regulators in Europe who are debating whether or not to take tougher measures on the use of chatbots, and how possible measures would be brought into play across the board.

In the US, the Biden administration also said it is looking to garner public views on potential accountability measures for AI systems as questions emerge about the risks the technology poses to national security and education.

ChatGPT is an AI-based language model developed by OpenAI. It has been used in a variety of applications, including chatbots and language translation. However, concerns have been raised about its potential to infringe on users’ privacy rights.

The AEPD’s request to the EDPB is the latest example of increased regulatory scrutiny of AI systems, particularly those that involve the processing of personal data.

The outcome of the EDPB’s evaluation of ChatGPT’s privacy concerns will be closely watched by privacy regulators and AI developers alike. Depending on the outcome, it could lead to more stringent regulations on the development and use of AI systems, which could have a significant impact on the technology industry.

PrivSec Global brings together leading experts from around the globe, for a 2-day livestream experience that ensures attendees have access to the latest information, guidance and advice on data protection, privacy and security.

PrivSec Global returns on 17th & 18th May 2023, and will once again deliver a carefully curated agenda that taps into the expertise of subject matter experts, industry leaders and academics.



→ Generative AI and the GDPR: A Match Made in Hell?

  • Day 2: Thursday 18th May 2023
  • 12:30 - 13:15