In a groundbreaking move in March, Italy became the inaugural Western nation to impose a temporary restriction on the use of ChatGPT within its territory.
The decision was prompted by worries over illicit data gathering and the absence of an age verification process for underage users.
The country’s privacy watchdog, Garante, took the step to halt the service, stipulating a set of requirements that OpenAI had to fulfill to have the ban revoked.
As of April 28, Italian clientele regained their ability to use the AI platform after OpenAI implemented most of the stipulations set forth by Garante.
These measures revolved around age verification, user transparency, and the rights of both users and non-users.
The American-based corporation has launched a “welcome back” dialog box, prompting users to verify they’re either over 18 or have parental approval if they’re between 13 and 18.
The provision of their birth date on the registration page is a prerequisite for access.
Moreover, the dialog box includes hyperlinks to OpenAI’s updated privacy policy and an informative article about the development and training of ChatGPT, prominently displayed on both the login and registration pages.
By following the hyperlinks, users can acquire knowledge about the nature of data being utilized for training and the associated conditions.
OpenAI has made it clear that it will persist in handling certain kinds of data contractually to facilitate the functioning of its services, whereas data processing for algorithm training will be justified on the basis of legitimate interest.
To empower users and non-users to effectively assert their rights, as demanded by Garante, the firm has also added an option to opt out of personal data processing.
Users have the right to request deletion of incorrect information, although OpenAI currently asserts that rectifications are “technically unfeasible.”
The Italian regulatory body has praised OpenAI’s newly implemented measures, but it has urged the company to adhere to additional requirements it has specified.
In addition to the age consent prompt, OpenAI is mandated to establish an age verification protocol that precludes minors from accessing the service.
It is also obligated to initiate a campaign to inform Italians that their personal data may have been utilized in the training of ChatGPT, while simultaneously promoting awareness of the revised information policy and associated data rights.
Garante has expressed appreciation for OpenAI’s progress in harmonizing technological progress with individual rights and anticipates that the company will persist in its endeavors to adhere to European data protection laws.
However, it will maintain its scrutiny of the company’s GDPR compliance.
The prohibition on ChatGPT in Italy, which did not exceed a month, marks the first instance in the Western hemisphere of an attempt to regulate an AI generation tool such as OpenAI’s model.
The company’s adherence may establish a model for other European nations, with numerous other data protection agencies (like those in France, Ireland, and Spain) closely monitoring the situation.
