Summary
Once again, OpenAI finds itself under intense scrutiny from the Italian data protection authority, Garante Per La Protezione Dei Dati Personali (Garante), after its investigation revealed various data protection violations in relation to its management of the company's flagship AI tool, ChatGPT. The violations included training ChatGPT "without having an adequate legal basis" and not complying with "information obligations towards users". Besides levying a €15 million fine, OpenAI will also have to conduct an information campaign for a six month period across Italian media platforms. This decision is one of the most significant actions taken against the tech powerhouse, and underscores the growing demand for accountability and transparency with data processing in artificial intelligence (AI) systems.
The origins of the investigation
The Garante's probe into OpenAI began in March 2023, with a particular focus on ChatGPT, amid growing concerns about its collection and processing of personal data. The investigation quickly escalated, with the Garante taking an unprecedented move imposing an "immediate temporary limitation" on the use of ChatGPT, citing various privacy violations including the:
- "mass collection and storage of personal data for the purpose of 'training' the algorithms";
- failure to report "a bug in an open source library" exposing users conversation history; and
- lack of appropriate age verification mechanisms exposing minors to "absolutely unsuitable answers compared to their degree of development and awareness".
However, the restriction proved short-lived. Within less than a month, the ban was lifted and the use of ChatGPT was reinstated after OpenAI agreed to take corrective measures to meet data protection obligations. These included:
- clarifying the explanation of "the activities of collection and processing" of user data "for the purpose of algorithm training, the manner of processing, the logic behind the processing necessary for the operation of the service, the rights of data subjects, and any other information required...";
- changing the legal basis for processing users' personal data to "consent or legitimate interest" to comply with the "principle of accountability"; and
- introducing age verification mechanisms for excluding access to the service for users under 13 years.
Unveiling ongoing privacy breaches
Despite OpenAI's efforts to address initial privacy concerns, the Garante continued with a wide scope review into ChatGPT which concluded with their decision on 20 December 2024. From their investigation, the Garante noted numerous data protection violations including:
- the absence of an "appropriate legal basis" for processing personal data used to train ChatGPT;
- failure to fulfil transparency obligations, as required under Regulation (EU) 2016/679 (General Data Protection Regulation (GDPR)), to its users; and
- lack of sufficient age verification measures to protect minors.
According to the Garante, OpenAI had processed user data "to train ChatGPT without first identifying an adequate legal basis", directly violating the GDPR's transparency principle and its obligation to inform users. Specifically, they determined the processing of personal data had occurred before ChatGPT's public release on 30 November 2022. In their opinion, "at least on that date", if not earlier, OpenAI was under an obligation to have identified a legal basis, the absence of which meant there was a violation as there was no legal basis "prior to the start of processing".
But that's not all. The Garante also rejected OpenAI's attempts to defend its actions by relying on the data protection impact assessment (DPIA) and legitimate interest assessment (LIA), both of which failed to convince the authority. According to the Garante, the DPIA and LIA, produced on 19 May and 20 November 2023 respectively, were not "decisive" in establishing that a legal basis for processing existed prior to the launch of the service, making it "impossible" for data subjects "to exercise their rights" directly violating the "principle of accountability". In particular:
- the DPIA, which pointed to "legitimate interests" as the basis for processing, failed to evidence a relevant adequacy assessment took place before 30 November 2022; and
- the LIA was produced "only at the express request" of the Garante and did not provide evidence that "the identification of one of the legal bases took place before 30 March 2023".
The Garante's ruling underscored a fundamental issue – OpenAI had lacked the necessary legal safeguards from the outset. In reaching its decision, the Garante also cited the European Data Protection Board's recent opinion, issued just days earlier, regarding the lawful use of personal data for the "design, development and deployment" of AI systems.
The investigation also uncovered OpenAI had failed to comply with the requirement to implement age verification mechanisms, the absence of which placed minors under the age of 13 years at risk of being exposed to inappropriate AI generated content.
Adding to the weight of its final decision, the Garante also faulted OpenAI for failing to inform the Garante, as required by Article 33 of the GDPR, of a breach it experienced on 20 March 2023. The breach, triggered by an internal security bug rather than an external attack, exposed personal data – specifically chat histories and payment information of ChatGPT Plus subscribers who were active during "a specific nine-hour window". This lapse in security compromised the confidentiality of data subjects. The Garante noted that OpenAI should have notified "all European data protection authorities whose data subjects had been involved in the data breach. Given that the investigation documents showed that the event affected 440 Italian users, OpenAI should have notified the data breach directly to the Authority". Failure to do so further undermined the trust in the company's commitment to its transparency obligations.
Imposing corrective measures and financial penalties
OpenAI have found itself facing a hefty penalty after the series of actions collectively amounted to several data protection violations. The Garante has not held back, imposing a €15 million fine equivalent to approximately 1.58% of the "total annual worldwide turnover for the 2023 financial year". The total amount was determined based on the following proportions:
- €9,000,000 for violations related to processing personal data unlawfully;
- €320,000 for the failure to report a personal data breach to the Garante; and
- €5,680,000.00 for the failure to comply with corrective measures imposed by the Garante in 2023.
In determining the fine, the Garante concluded that the calculation represents an "effective, proportionate and dissuasive" sanction. This approach not only mirrors the gravity of violations but also sends a crucial reminder to organisations to prioritise privacy rights within their AI systems.
The Garante have also invoked its authority granted by Article 166, paragraph 7 of the Privacy Code, instructing OpenAI to conduct a six month "institutional communication campaign" across media outlets including TV networks, radio stations, and newspapers. The aim of the campaign is to "promote a public understanding and awareness of the functioning of ChatGPT", particularly with the "collection of user and non-user data" for the purpose of training AI systems, and to outline rights "exercisable by data subjects" including the right to object, rectify and delete their personal data.
This dual action of financial penalty and public education serves as a stark reminder of the growing regulatory focus on the lawful development and deployment of AI systems.
OpenAI's response: pushback and cooperation
Unsurprisingly, OpenAI have expressed their intention to appeal the Garante's ruling, labelling it as "disproportionate". In a public statement the company emphasised its collaborative efforts with privacy regulators, particularly following the 2023 temporary ban – "when the Garante ordered us to stop offering ChatGPT in Italy in 2023, we worked with them to reinstate it a month later... they've since recognized our industry-leading approach to protecting privacy in AI, yet this fine is nearly 20 times the revenue we made in Italy during the relevant period".
Despite this, OpenAI have reaffirmed their commitment to working with privacy authorities to ensure they offer "beneficial AI that respects privacy rights".
A broader perspective on AI accountability
The Garante's decision marks a significant stride in AI regulation, showcasing an assertive approach to enforcing GDPR provisions including, specifying the legal basis for processing, promoting user privacy, developing transparent practices to ensure accountability, and safeguarding the rights of data subjects. It also sends a clear message to the global AI community – that is – compliance with data protection laws is non-negotiable.
Therefore, AI developers should ensure they embed privacy-by-design principles at the core of AI systems to support the responsible development and deployment of AI models. Companies are encouraged to:
- Ensure GDPR Compliance: Implement or develop AI systems that comply with the provisions of the GDPR.
- Adopt a Privacy First Approach: Protect personal data by default by incorporating a privacy-by-design approach within AI systems.
- Establish a Legal Basis: Carefully assess, define and document the legal basis for processing personal data. Remember the legal basis must be established prior to processing and cannot be retrospectively applied.
- Transparency and Accountability: Update privacy policies with detailed and transparent information about the use of personal data within AI systems. Provide users with clear guidance and mechanisms on how to exercise their rights, including objecting to data processing for training purposes and requesting data deletion. Transparency builds trust.
- DPIAs: Complete a DPIA prior to deployment of the AI system and at each stage of the AI life cycle. Stay proactive, not reactive, when it comes to privacy risks.
- Review and Update: Review organisational practices and update technical documentation to ensure compliance with data protection practices and evolving standards. This will not only meet the minimum requirements but will actively build a data protection strategy into AI systems.
A global wake-up call
The fine against OpenAI isn't just a penalty but may be the beginning of a new era of accountability in the world of AI. What is clear is that a legal basis must exist prior to processing, as AI systems must not come at the expense of user privacy.
As AI becomes increasingly integrated into daily life, regulators will need to collaborate to strike a balance between innovation and the protection of fundamental rights. OpenAI's challenges in Italy are likely just the beginning, as the global conversation around responsible AI intensifies.