ChatGPT Service Back in Italy, After the Ban

Earlier this month, Italian SA raised a temporary ban for ChatGPT as there was a data breach in March 2023.

Along with this, the application had data privacy issues and lack of age affirmation which made authorities conclude this decision.

To remove this ban, Italian SA has provided certain conditions.

Compliance deadline – 30th April 2023

As per reports, the Italian SA is deciding to lift this temporary ban if ChatGPT includes certain policies which were similar to the CCPA (California Consumer Privacy Act).

The application must be transparent on how they use users’ data and must have a legitimate reason for using that data to train their AI.

Italian SA also said that users must be able to control their and must have the option to object to the usage of their data if they are no longer interested.

If and Only if ChatGPT does this, will it be allowed in Italy?

Information

The Italian SA also said that OpenAI must include a notice of their data arrangement on their website which explains how OpenAI uses the users’ data.

Before registration, users in Italy must be able to see these arrangements and comply with them.

In addition to this, ChatGPT must have an age affirmation that asks to confirm their age whether they are between 13-18.

Previously registered users must be notified of this when they access the application and must confirm their age. 

Italian SA did not want people under 13 years of age to use this service.

ChatGPT must not collect and use customers’ data on a contract basis. Instead, they must have a concrete reason to use users’ data.

This can either be permission from the user or a legitimate interest must be there for OpenAI.

Italian SA must also have the authority check and investigate this whenever they require.

Data Subject Rights

Italian SA also said that users of Italy must have the ability to correct their information whenever they need it.

If correcting their data is difficult, there must be an option for them to delete their personal data from OpenAI.

Non-users of ChatGPT must also have the option to object to ChatGPT from using their data even if OpenAI has a legitimate need or interest in using their data.

Under Age Protection Before 31st May

As stated earlier, Italian users must be provided with an age affirmation on the signup page which gets the users’ consent and age confirmation.

This must be available before 31st May and the plan for implementation must be there before 30th September 2023.

This helps the authorities to prevent users below 13 years of age and have parental authority for users between the age of 13-18 from using the service.

Awareness Campaign

As per reports, OpenAI must conduct an awareness campaign through radio, TV, newspapers, and the internet for informing users about their personal data usage by OpenAI.

Italian SA will be investigating continuously whether ChatGPT is breaking any laws or rules related to data protection.

They will try to fix if any breach of law happens or take different actions depending upon the circumstances.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Prakash

Recent Posts

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors…

2 days ago

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce shoppers…

3 days ago

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to malicious…

3 days ago

Black Basta Ransomware Leveraging Social Engineering For Malware Deployment

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in 2022…

3 days ago

Critical Laravel Vulnerability CVE-2024-52301 Allows Unauthorized Access

CVE-2024-52301 is a critical vulnerability identified in Laravel, a widely used PHP framework for building…

3 days ago

4M+ WordPress Websites to Attacks, Following Plugin Vulnerability

A critical vulnerability has been discovered in the popular "Really Simple Security" WordPress plugin, formerly…

3 days ago