ServizioContenuto basato su fatti, osservati e verificati dal reporter in modo diretto o riportati da fonti verificate e attendibili.Scopri di piùPrivacy

Artificial Intelligence, Italian Data Protection Authority blocks ChatGPT

Illicit collection of personal data detected and absence of age verification systems

2' di lettura

(Translated with ChatGPT from

Stop to ChatGPT until privacy regulations are respected. The Garante per la Protezione dei Dati Personali (Italian Data Protection Authority) has ordered the temporary limitation of the processing of data of Italian users by OpenAI, the US company that developed and manages the platform. According to a statement, the Authority has opened an investigation into the company “invented” (initially as a non-profit) by Sam Altman and now led by Satya Nadella.


Lack of information to users

ChatGPT, the most well-known relational artificial intelligence software capable of simulating and processing human conversations, suffered a data breach on March 20th, concerning users’ conversations and information related to payment by subscribers to the paid service.

The privacy authority found the lack of information to users and all those whose data is collected by OpenAI, but above all, the absence of a legal basis justifying the massive collection and storage of personal data for the purpose of “training” the algorithms underlying the platform’s operation. As also evidenced by the checks carried out, the information provided by ChatGPT does not always correspond to the actual data, thus resulting in inaccurate processing of personal data.

Minors and “inadequate” responses

Finally, despite the terms published by OpenAI stating that the service is intended for those over 13 years old, the Authority points out that the absence of any filter for verifying the age of users exposes minors to responses that are completely inadequate for their level of development and self-awareness.

OpenAI, which does not have a headquarters in the European Union but has designated a representative in the European Economic Area, must communicate within 20 days the measures taken to implement what has been requested by the Garante, under penalty of a fine of up to €20 million or up to 4% of the company’s annual global turnover.”

Riproduzione riservata ©



Brand connect



Notizie e approfondimenti sugli avvenimenti politici, economici e finanziari.