Sunday, July 14, 2024

ChatGPT Service Back in Italy, After the Ban

Earlier this month, Italian SA raised a temporary ban for ChatGPT as there was a data breach in March 2023.

Along with this, the application had data privacy issues and lack of age affirmation which made authorities conclude this decision.

To remove this ban, Italian SA has provided certain conditions.

Compliance deadline – 30th April 2023

As per reports, the Italian SA is deciding to lift this temporary ban if ChatGPT includes certain policies which were similar to the CCPA (California Consumer Privacy Act).

The application must be transparent on how they use users’ data and must have a legitimate reason for using that data to train their AI.

Italian SA also said that users must be able to control their and must have the option to object to the usage of their data if they are no longer interested.

If and Only if ChatGPT does this, will it be allowed in Italy?


The Italian SA also said that OpenAI must include a notice of their data arrangement on their website which explains how OpenAI uses the users’ data.

Before registration, users in Italy must be able to see these arrangements and comply with them.

In addition to this, ChatGPT must have an age affirmation that asks to confirm their age whether they are between 13-18.

Previously registered users must be notified of this when they access the application and must confirm their age. 

Italian SA did not want people under 13 years of age to use this service.

ChatGPT must not collect and use customers’ data on a contract basis. Instead, they must have a concrete reason to use users’ data.

This can either be permission from the user or a legitimate interest must be there for OpenAI.

Italian SA must also have the authority check and investigate this whenever they require.

Data Subject Rights

Italian SA also said that users of Italy must have the ability to correct their information whenever they need it.

If correcting their data is difficult, there must be an option for them to delete their personal data from OpenAI.

Non-users of ChatGPT must also have the option to object to ChatGPT from using their data even if OpenAI has a legitimate need or interest in using their data.

Under Age Protection Before 31st May

As stated earlier, Italian users must be provided with an age affirmation on the signup page which gets the users’ consent and age confirmation.

This must be available before 31st May and the plan for implementation must be there before 30th September 2023.

This helps the authorities to prevent users below 13 years of age and have parental authority for users between the age of 13-18 from using the service.

Awareness Campaign

As per reports, OpenAI must conduct an awareness campaign through radio, TV, newspapers, and the internet for informing users about their personal data usage by OpenAI.

Italian SA will be investigating continuously whether ChatGPT is breaking any laws or rules related to data protection.

They will try to fix if any breach of law happens or take different actions depending upon the circumstances.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus


Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles