Key Highlights :
1. European parliamentarians disagree over the content and reach of the EU AI Act, but some regulators are finding that existing tools, such as the General Data Protection Regulation (GDPR) that gives users control over their personal information, can apply to the rapidly emerging category of generative AI companies.
2. ANI Italy's move to temporarily ban ChatGPT has inspired other European countries to study if harsher measures are needed to rein in the wildly popular chatbots and whether to coordinate such actions.
3. While European parliamentarians disagree over the content and reach of the EU AI Act, some regulators are finding that existing tools, such as the General Data Protection Regulation (GDPR) that gives users control over their personal information, can apply to the rapidly emerging category of generative AI companies.
4. Generative AI, such as OpenAI's ChatGPT, relies on algorithms to generate remarkably human responses to text queries based on analyzing large volumes of data, some of which may be owned by internet users.
5. The Italian agency, also known as Garante, accused Microsoft Corp-backed OpenAI of failing to check the age of ChatGPT users and the "absence of any legal basis that justifies the massive collection and storage of personal data" to "train" the chatbot.
6. "The points they raise are fundamental and show that GDPR does offer tools for the regulators to be involved and engaged into shaping the future of AI," said Dessislava Savova, partner at law firm Clifford Chance.
7. Privacy regulators in France and Ireland have reached out to counterparts in Italy to find out more about the basis of the ban.
8. Germany could follow in Italy's footsteps by blocking ChatGPT over data security concerns, the German commissioner for data protection told the Handelsblatt newspaper.
9. Meanwhile, OpenAI has taken ChatGPT offline in Italy on Friday. It did not respond to questions about other European regulators looking into potential violation in their countries.
10. OpenAI, whose artificial intelligence platform took the world by storm after its launch in November, said on Friday it actively works to reduce personal data in training its AI systems.
11. The Italian investigation into OpenAI was launched after a nine-hour cyber security breach last month led to people being shown excerpts of other users' ChatGPT conversations and their financial information.
12. Italy is the first Western country to take action against a chatbot powered by artificial intelligence.
13. While the privacy commissioners favour more regulation, the governments are more lenient. Italy's deputy prime minister has criticized its own regulator's decision by calling it "excessive" and a German government spokesman said a ban of ChatGPT would not be necessary.
14. The Italian authority's move last week was aimed at starting a dialogue with the company to address the issues raised over ChatG
As European parliamentarians disagree over the content and reach of the EU AI Act, some regulators are finding that existing tools, such as the General Data Protection Regulation (GDPR) that gives users control over their personal information, can apply to the rapidly emerging category of generative AI companies.
Since generative AI is still in its early stages, it is difficult to define what exactly constitutes as “generative AI”. Some experts believe that generative AI is simply AI that can generate new data. Others argue that generative AI is more than just data generation, and includes the ability to learn and evolve on its own.
Regardless of its definition, one thing is clear: generative AI is a rapidly growing field with a lot of potential. And regulators are starting to take notice.
Last year, the European Union released the EU AI Act, which aims to “promote the development of artificial intelligence and related technologies in the Union and to establish a framework for their regulation”. However, the act has received criticism from some parliamentarians who believe that it is too vague and does not go far enough in regulating AI.
Meanwhile, other regulators are finding that existing tools, such as the General Data Protection Regulation (GDPR) that gives users control over their personal information, can apply to the rapidly emerging category of generative AI companies. For example, the GDPR states that any company that processes personal data must have a data protection policy in place. This policy must be transparent and easy to understand, and it must be updated regularly.
In addition, the GDPR requires companies to give users the right to access their personal data, the right to change their data protection policy, and the right to complain if they believe that their data is not being processed in accordance with the policy. These rights should be available to all users, regardless of whether they are customers or employees of the company.
These are just a few examples of how the GDPR is being used to regulate generative AI companies. As the field of generative AI continues to grow, regulators will need to keep up with the changes.
