OpenAI’s attempt to align its flagship AI model, ChatGPT, with the European Union’s regulations, specifically the General Data Protection Regulation (GDPR), has been deemed inadequate by the European Data Protection Board (EDPB). This follows a progress report by the EDPB’s “GPT taskforce,” which stated, “The measures to comply with the transparency principle, while beneficial in preventing a misinterpretation of ChatGPT’s output, remain insufficient.”
The EDPB’s findings coincide with the year OpenAI has spent addressing temporary stop orders by several EU member states. OpenAI and ChatGPT had previously been found in violation of Italian and EU privacy laws, leading to a ban in March 2023. Despite this, the EDPB believes that OpenAI hasn’t done enough to align ChatGPT with EU regulations.
A key concern raised by the EDPB is that ChatGPT frequently produces inaccurate information. Due to the probabilistic system, the current training method has a tendency to generate biased or made-up data. It was also highlighted that end users are likely to perceive ChatGPT’s outputs as unequivocally accurate, regardless of their validity.
OpenAI’s path to compliance remains uncertain. Considering the GPT-4 model encompasses billions of data points and about a trillion parameters, it’s impractical for human verification of its data set to an extent that would meet GDPR standards of reasonable accuracy. The EDPB makes it clear that technical constraints do not justify non-compliance with these regulations.