Banner1.jpg

Garante per la protezione dei dati personali (Italy) - 10085455

From GDPRhub
Garante per la protezione dei dati personali - 10085432
LogoIT.png
Authority: Garante per la protezione dei dati personali (Italy)
Jurisdiction: Italy
Relevant Law: Article 5 GDPR
Article 6 GDPR
Article 8 GDPR
Article 13 GDPR
Article 14 GDPR
Article 33 GDPR
Article 55 GDPR
Article 56 GDPR
Type: Investigation
Outcome: Violation Found
Started: 30.03.2024
Decided: 20.12.2024
Published: 20.12.2024
Fine: 15000000 EUR
Parties: OpenAI
National Case Number/Name: 10085432
European Case Law Identifier: n/a
Appeal: Unknown
Original Language(s): Italian
Original Source: Garante (in IT)
Initial Contributor: Inder-kahlon

The DPA fined OpenAI €15,000,000 for the non-transparent processing of personal data without correctly identifying an adequate legal basis. It also mandated a six-month public campaign to raise awareness about ChatGPT’s data processing practices and user rights under the GDPR.

English Summary

Facts

On 20 March 2023, a technical bug on the ChatGPT service caused users to view the chat history of other users instead of their own for a limited amount of time. The controller, OpenAI, publicly acknowledged the issue and confirmed that the exposed data included names, surnames, email addresses, and the last four digits and expiration dates of credit cards used for the ChatGPT Plus (the paid version of the service).

Following this data breach, the Italian DPA started an ex officio investigation.

Holding

First, the DPA considered whether the one-stop-shop mechanism would apply. More specifically, the DPA considered that, at the time of the alleged violations, the controller was established in California and did not have any indicated establishment in the EU. In fact, ChatGPT has been available in the EU since 30 November 2022, as also confirmed by the controller. The controller had an establishment in Ireland only from the 15 February 2024. Therefore, the DPA found that, for every alleged violation of the GDPR happened before the 15 February 2024, the one-stop-shop mechanism does not apply and the DPA has jurisdiction to rule on the matter.

Second, the Italian DPA concluded its investigation and held that:

Violation of Article 33(1) GDPR

The controller is under the obligation to notify any data breach to the DPA within 72 hours according to Article 33(1) GDPR. The controller states that it notified the data breach to the Irish DPA, as it was in the process of setting up its Irish registered office when the breach happened.

The DPA considered that, during the breach, the controller was based in the U.S.A and did not have any establishment in the EU. The DPA highlighted that, where a proprietor does not have an establishment in the EU, Article 56 GDPR does not apply in favour of the general rule laid out in Article 55(1) GDPR, according to which each supervisory authority is competent to execute the tasks assigned to it and to exercise the powers conferred upon it under the GDPR in the territory of the respective Member State.

The DPA further considered that the decision could not be transferred to the Irish DPA as the alleged violations happened before the establishment for the controller in Ireland.

Thus, the controller violated Article 33(1) GDPR, as it failed to notify the Italian DPA, instead of the Irish one.

Violation of Articles 5(2) and 6 GDPR

The DPA considered that, in relation to the data processing to train the models underlying the ChatGPT service, that the data processing started much earlier than the service they were intended for. This means that, during that period, the controller should have defined the legal basis for such processing, which it did not. This is in line with Article 5(2) GDPR establishing the accountability principle of the controller.

Considering that the controller failed to correctly identify an adequate legal basis before the data processing took place, they violated Article 6(1) GDPR.

Violation of Articles 5(1)(a), 12 and 13 GDPR

When analyzing the controller´s privacy policy, the DPA found that twp types of data processing: the processing of users´ data to be able to use the controller´s service, and the processing of non-users´ data to train the models underlying the ChatGPT service.

The GDPR, under Article 5, as well as Article 12 and 13, establishes some transparency obligations in this regard, namely that both users, as well as third parties whose data is being used, are correctly informed of the processing. The DPA found that various elements indicate that these obligations were not respected: first, the privacy policy was only available in English; and, second, it was not easily reachable on the controller´s website.

From a content standpoint, the privacy policy did not contain any information about the data processing of non-users´ data, that are used to train the models underlying the ChatGPT service.

Therefore, the controller violated Article 5(1)(a), Article 12 and Article 13 GDPR.

Violation of Article 24 and 25 GDPR

The DPA recalled that Recital 38 GDPR highlights the need for specific protection of minor´s data protection. As per Article 24(1) GDPR, the controller should put into place adequate technical and organizational measures. Moreover, Article 25 GDPR highlights that the controller must adopt such measures taking into account the state of the art and the costs of implementation, as well as the nature, scope, context and purposes of the processing, as well as the risks having different probability and severity for the rights and freedoms of natural persons posed by the processing.

The controller did not implemented any mechanism to verify the age of users when registering for the ChatGPT service, even though the terms of service conditions of service (ToS) identified minors among potential users, stating that, for the purposes of a valid contractual relationship contractual bond, users aged between 13 and 18 require the consent of the holder of parental responsibility.

The documentation on file shows that the controller has expressed its commitment to consider the implementation of age verification mechanisms only following the corrective measure imposed by the DPA decision no. 9874702.

Moreover, the DPA considered that the corrective measures imposed on the 11 April 2023 in the context of the DPA decision no. 9874702, were disregarded by the controller.

Therefore, the controller violated Articles 24 and 25 GDPR.

Violation of Article 5(1)(d) GDPR

The DPA found various issues related to the accuracy of the data prompted out by ChatGPT. This raises questions as per the compliance of ChatGPT with Article 5(1)(d) GDPR. However, considering that such questions of accuracy are yet to be resolved, and thus ongoing after the date 14 February 2024, the DPA found it appropriate to apply the one-stop-shop mechanism and refer such questions to the Irish DPA.

Use of Article 166(7) of the Privacy Code

The DPA exercised for first time its new powers under Article 166(7) of the Privacy Code and ordered OpenAI to carry out a six-month institutional communication campaign aimed at enhancing transparency in the processing of personal data. The campaign, which must be broadcast across radio, television, newspapers, and the internet, will focus on informing the public about ChatGPT's data practices, specifically the collection of both user and non-user data for AI model training. The content of the campaign, to be agreed upon with the Authority, must educate individuals about their rights under the GDPR, including the right to object, rectify, and delete personal data. The goal is to enable users and non-users to better understand how to exercise their rights and to oppose the use of their data for training generative AI models.

Imposition of a fine

In light of the aforementioned violations, the Italian DPA imposed a fine of € 15,000,000 on OpenAI, for the numerous violations of the GDPR.

Comment

This decision seems to follow the decision of 30 March 2023, where the Italian DPA imposed the temporary limitation of the processing of personal data of data subjects established in Italian territory after a complaint advanced by Inder Kahlon about the lack of transparency in the processing of personal data in the context of AI training and the fact that there was no age verification mechanisms in place.

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the Italian original. Please refer to the Italian original for more details.

- English version

Measure of November 2, 2024
SEE ALSO.
- Communiqué of December 20,
2024
- Announcement of April 13, 2023
- Announcement of April 12, 2023
- Measure April 11, 2023
- Announcement April 8, 2023
- Announcement of April 6, 2023
- Announcement of April 4, 2023
Announcement of March 31, 2023
- Measure of March 30, 2023
[web doc. no. 10085455]

Register of measures
No. 755 of November 2, 2024

THE GUARANTOR FOR THE PROTECTION OF PERSONAL DATA

AT TODAY'S MEETING, attended by Prof. Pasquale Stanzione, president; Prof. Ginevra Cerrina
Feroni, vice president; Dr. Agostino Ghiglia and Lawyer Guido Scorza, components; and Cons.
Fabio Mattei, secretary general;
HAVING REGARD to Regulation (EU) 2016/679 of the European Parliament and of the Council of
27 April 2016 on the protection of individuals with regard to the processing of personal data and on
the free movement of such data and repealing Directive 95/46/EC (General Data Protection
Regulation, hereinafter "Regulation");
HAVING REGARD TO the Code on the Protection of Personal Data (Legislative Decree No. 196
of June 30, 2003), as amended by Legislative Decree No. 101 of August 10, 2018, setting
forth provisions for the adaptation of the national system to the aforementioned Regulations
(hereinafter "Code");
HAVING REGARD TO Regulation No. 1/2019 concerning internal procedures having external
relevance, aimed at carrying out the tasks and exercising the powers entrusted to the Supervisor
for the Protection of Personal Data, approved by Resolution No. 98 of April 4, 2019, published in
G.U. No. 106, May 8, 2019 and at www.gpdp.it, web doc. no. 9107633 (hereinafter "Regulation of
the Supervisor No. 1/2019");
HAVING REGARD to the documentation on file;
HAVING CONSIDERED the comments made by the secretary general pursuant to Article 15 of
the Supervisor's Regulation No. 1/2000;
RELATOR Professor Ginevra Cerrina Feroni;
1. INTRODUCTION
The proceeding originates from an investigative activity initiated ex officio following the publication
of press reports regarding some technical issues (bugs) occurred on March 20, 2023 to the
ChatGPT service offered and managed by the U.S. company OpenAI OpCo, LLC (hereinafter also
the "Company" or "OpenAI").
ChatGPT, an acronym for Chat Generative Pre-trained Transformer, is a chatbot based on a
generative artificial intelligence system, which generates textual outputs based on textual inputs
(so-called prompts).
For the purposes of this measure, "generative artificial intelligence" refers to the field of artificial
intelligence that focuses on the creation of novel and original content using predominantly
neural algorithms, and "neural network" refers to a standard computational model applicable
in a wide variety of contexts that enables the recognition of objects, shapes or patterns within a
datum or dataset (e.g., a human face in a photograph). Generative artificial intelligence algorithms
are used in a wide range of applications, including recognition and generation of images, voice or
music tracks, text, and video.
The version of the Large Language Model (LLM) underlying the free ChatGPT service at the time
of the events is GPT 3.5, that to the paid version of the service is GPT 4.
For the purposes of this measure, "Large Language Model" means a probabilistic model of a
natural language, such as English or Italian, that is based on the observation that all natural
languages are strongly redundant and correlated, and "Generative Pre-trained Transformer
(GPT)" means a generative artificial intelligence algorithm that is based on the use of a particular
computational model called Transformer, which appears to be more efficient and more versatile
than the classical neural model in cases where the input data structure is sequential (as in Large
Language Models) and the goal of generation is the prediction of the next element in the sequence
based on the observation all previous elements. The use of particular computational models
(Transformer) and particular numerical representations of linguistic units (Embedding) makes it
possible to construct a very dense and extensive network of semantic correlations between
linguistic units in a text, making the automated generation of new text virtually indistinguishable
from the text produced creatively by a human being who has read the same body of text
understanding its meaning.
Press reports disclosed that due to a bug, on the main page of the ChatGPT service, the user was
displaying the chat title history of other users of the service instead of their own.
The Company later publicly confirmed the incident and clarified that the data involved in the
technical issue that could have been viewed by users other than those affected were the first
name, last name, e-mail address, and the last four digits and expiration date of the credit card
used to pay for the ChatGPT Plus service (the paid version of the service).
In light of the news of this data breach, the Garante initiated an ex officio investigation noting that
the processing of personal data by OpenAI as part of the ChatGPT service could give rise to a
violation of the legislation on personal data with particular reference to the absence of appropriate
information for users and all interested parties whose data had been collected by OpenAI and
processed as part of the ChatGPT service; to the absence of a legal basis for the processing of
data for the purpose of training the algorithms underlying the operation of the platform; to the
mismatch of some of the information provided by ChatGPT with the actual data and the
consequent inaccuracy of the personal data subject to the data controller's processing activities;
and to the absence of any filter for verifying the age of users, even though the service was aimed
at users over 13 years of age, with the consequent risk of exposing minors to responses
unsuitable with respect to their level of development and self-awareness.
Within this framework, on March 30, 2023, the President of the Authority adopted with respect to
OpenAI, pursuant to Article 5, paragraph 8, of the Guarantor's Regulation No. 1/2000, an
emergency measure (No. 112/2023, prot. No. 54718/23) to provisionally restrict the processing of
personal data of data subjects established in the Italian territory, pursuant to Article 58, paragraph
2(f), of the Regulation.
Subsequently, in Order No. 114 of April 11, 2023, the Authority resolved to suspend Order No.
112/2023 of provisional restriction on the condition that the holder, pursuant to Article 58(2)(d) of
the Regulations, take appropriate measures to ensure that the personal data processing activities
within the ChatGPT service are carried out in a manner that complies with the data protection
regulations. Specifically, the Authority enjoined the owner to:
1. Prepare and publish on its website a notice that, in the terms and manner set forth in
Article 12 of the Regulations, would make known to the data subjects, including those other
than users of the ChatGPT service, the activities of collection and processing of their data for
the purpose of algorithm training, the manner of processing, the logic underlying the
processing necessary for the operation of the service, their rights as data subjects, and any
other information required by the Regulations;
2. To make available, on its website, to interested parties, including those other than users of
the service, who had connected from Italy, a tool through which they could exercise their
right to object to the processing of their personal data, obtained from third parties, carried out
by the company for the purposes of algorithm training and service delivery;
3. make available, on its website, to interested parties, including those other than users of
the service, who had connected from Italy, a tool through which they could request and
obtain the correction of their personal data if processed inaccurately in the generation of
content or, where such a measure proved impossible in the state of technology, to proceed
to the deletion of their personal data;
4. include a link to the policy addressed to users of the service in the registration flow in a
location that would allow it to be read before registration, through ways that would allow all
users who had connected from Italy, including those already registered, at the first access
any reactivation of the service, to view this policy;
5. Changing the legal basis for the processing users' personal data for the purpose of
algorithm training by removing any reference to contract and assuming consent or legitimate
interest in relation to the company's competence assessments as the legal basis for
processing in a logic of accountability;
6. Make available on its website to service users who had
connected from Italy, an easily accessible tool through which to exercise the right to object to
the processing of one's own data acquired when using the service for algorithm training if the
legal basis chosen under point 5 above was identified as legitimate interest;
7. in the event of possible reactivation of the service from Italy, insert the request, to all users
connected from Italy, including those already registered, to pass, during the first access, an
age gate such as to exclude, on the basis of the declared age, underage users;
8. Submit to the Guarantor, later than May 31, 2023, a plan for adoption of age verification
tools suitable for excluding access to the service for users under 13 years of age and those
under 18 years of age in the absence of an express manifestation of willingness by holders
of parental responsibility, to be implemented, no later than September 30, 2023;
9. to promote, by May 15, 2023, an information campaign, of a non-promotional nature, in all
the main Italian mass media (radio, television, newspapers and the Internet), subject to
agreement with the Guarantor as to content, with the aim of informing people that their
personal data were likely to be collected for the purpose of algorithm training, that a detailed
information notice was published on the Company's website and that a tool was made
available, also on the Company's website, that would enable those concerned to request and
obtain deletion of their personal data.
The Guarantor indicated differentiated deadlines for the implementation of each of the above
prescriptions, setting a deadline of April 30, 2023 for the fulfillment of the prescriptions in items 1
through 7; a deadline of May 31, 2023 for the prescription in item 8; and a deadline of May 15,
2023 for the fulfillment of the prescription in item 9, reserving any further action, including urgent
and temporary action, in the event of inadequate or insufficient implementation of the prescribed
measures.
2. OPENAI'S RESPONSES TO ORDER NOS. 112/2023 AND 114/2023 AND
COMMENTS FROM THE GUARANTOR
In a note dated April 28, 2023 (Prot. No. 69713/23), OpenAI announced that it had complied with
the requests in items 1 through 7 and, in particular:
1. to have adopted and posted in the privacy policy and help center sections of the site a
privacy policy regarding processing for model training purposes;
2. to have implemented, in addition to a dedicated e-mail address for the submission of
petitions by interested parties, a tool to allow European users to exercise their rights of
opposition and cancellation by filling out a special form made available in the privacy policy
and notice of the site;
3. in relation to the right of rectification to continue in-depth investigations and research on
the matter, allowing, in any case, the interested parties to address their requests to the
owner by sending a dedicated e-mail or using the form mentioned in the previous point;
4. that he had placed the link to the privacy policy on the site's home page, log-in page, and
registration page in a position where it could be read before the conclusion of the registration
process, and that already registered users would be shown a window containing links to the
privacy policy and help center, along with a request to confirm their age;
5. That we have identified the legitimate interest referred to in Art. 6(1)(f) of the Regulation
as the legal basis for processing personal data for algorithm training purposes;
6. that it has made available-through its ToS (Terms of Service), privacy policy and Data
usage for consumer services FAQ section-a form to allow users to exercise an opt-out with
respect to the use of their personal data for algorithm training purposes;
7. To have implemented an age gate that provides: (a) for new users, to provide the date of
birth, so that, on the one hand, account creation is prevented if an age under 13 indicated
and, on the other hand, confirmation is obtained from the person aged between 13 and
17 that the consent of the holder of parental responsibility has been collected to create the
account; (b) for already registered users, to declare an age over 13 and, if under 18, to have
collected the consent of the holder of parental responsibility to access ChatGPT services.
The owner also clarified that it has supplemented the privacy policy by expressly indicating, for
minors between the ages of 13 and 18, the need for the consent of a parent or the holder of
parental responsibility to access ChatGPT services, as already stated in the ToS.
In a subsequent note dated May 15, 2023 (Prot. No. 78218/23) OpenAI announced that it had
complied with the request in Item 9 of Order No. 114/23 through:
a) interviews in newspapers: in particular, "La Repubblica," in its May 15 Affari&Finanza
insert, published an interview with Mira Murati, CTO of the Company, also aimed at
highlighting measures that data subjects can take where they do not want their data to be
used to train the models underlying ChatGPT services;
b) newspaper notices: in particular, dedicated advertising space was created in the Monday,
May 15 print editions of "La Repubblica" and "La Stampa" to publish educational material
related to the ChatGPT service;
c) A page directed to users on the OpenAI website;
d) an educational video to be produced in collaboration with the Authority: in particular, the
Company represented to the Guarantor that it had initiated the creation of a video related to
the findings indicated in point 9 of Order No. 114/23 and expressed its willingness to adopt
the same in collaboration with the Guarantor by making it public through the Authority's
institutional channels.
In a note dated May 18, 2023 (prot. no. 79806/23), the Authority expressed strong opposition to
the media campaign, as envisaged above, in that it was carried out without any prior information
and agreement with the Guarantor regarding its terms and conditions, contrary to the prescriptions
set forth in provision no. 114/2023. In the same note, the Authority reserved any assessment with
respect to the punctual fulfillment of the prescriptions given in the aforementioned provision and
invited the Company to submit without delay and, in any case, no later than May 19, a
communication campaign project in line with the aforementioned prescription and with the
observations represented, suitable for reaching the same public whose personal data were, in all
likelihood, processed.
The Company, following a request for an extension, responded with a note dated May 23, 2023
(prot. no. 82299/23) in which, on the one hand, it recalled the initiatives already illustrated in the
previous note aimed at complying with the above-mentioned requirements of the Authority and, on
the other hand, again with view to adapting to the indications received, it represented its
willingness to commit itself in order organize with national television and radio broadcasters the
broadcasting of informative messages
inherent in the ChatGPT service. Specifically, the Company represented that such messages
would:
- Illustrated the training methods of ChatGPT;
- Clarified that the training also involves the processing of personal data;
- provided guidance to interested parties on how to find more information and exercise their
rights under the Regulations.
In response, the Authority, in a note dated June 22, 2023 (prot. no. 97898/23), specified that it was
unable, in light of the information provided, to assess the impact of the campaign with particular
reference to the initiatives that the Company would have intended to launch via social media,
lacking any useful element for this, and considering the planned information activities to be carried
out through newspapers and television to be below expectations and unlikely to reach the hoped-
for audience. The Guarantor also expressed an opinion against the use of its logo in the
aforementioned communication campaign.
In a note dated May 31, 2023 (prot. no. 86958/23), OpenAI sent a communication regarding age
verification system referred to in point 8 of measure no. 114/2023, outlining, based on the
state of the art, some possible age verification solutions, and highlighting the lack, at the European
level, of a shared position on the matter. In particular, the Company proposed the following
solutions: i) verification by a third party; ii) use of the Italian public digital identity system (SPID); iii)
use of artificial intelligence technologies; iv) credit card verification (in addition to another system);
and v) use of confirmation methods (e.g., specific questions) of parental consent.
In this regard, the Guarantor, in the aforementioned note of June 22, 2023, specified that, without
prejudice to the possibility of a constructive discussion, including in the future, on the issue, it
would be up to the Company, by the month of September, in a logic of accountability, to identify
one or more solutions deemed useful for the purpose and fulfillment of the prescription given in the
aforementioned Order No. 114/2023.
OpenAI, in a note dated September 29, 2023 (prot. no. 8657/24), announced that it had decided to
outsource the age verification activity to a third party, in this case the certified company Yoti Ltd.
(hereinafter "Yoti"), which guarantees that in the execution of age verification no data is provided
to OpenAI. Specifically, the Company represented that it intends to implement the following user
age verification solutions:
1. Yoti App: users provide, one time to Yoti a government-issued ID and a photograph with
subsequent verification for access to OpenAI by scanning a QR code from the OpenAI
webpage;
2. Age estimation: users take a self-timer (selfie) using the Yoti app or website, which
estimates the user's age with an absolute error rate of 1.79 years;
3. ID Scan: users scan an ID and take a self-timer; in this case Yoti checks the match
between the two items using an automatic processing system.
3. INVESTIGATIVE ACTIVITY
Parallel to the handling of the precautionary measure, the Authority proceeded with the
acquisition of the elements deemed necessary for the conduct of the investigation through two
requests for information, pursuant to Article 58(1)(e) of the Regulations and 157 of the
Code.
In a note dated April 4, 2023 (Prot. No. 57229/23), the Guarantor sent a request for information to
OpenAI asking for clarification regarding: a) the operation of ChatGPT; b) information on the
processing of data provided to data subjects; c) measures taken to prevent access to the service
by individuals under the age of 13; and d) the data breach event of March 20, 2023.
Subsequently, in a note dated October 6, 2023 (Prot. No. 137422/23), the Supervisor sent the
Company a request for additional information, both with specific reference to the age verification
system and with respect to the feedback provided by OpenAI to the previous note.
In response to the Authority's first request for information, the Company in a note dated May 19,
2023 (Prot. No. 80945/23), represented:
a) Regarding the operation of ChatGPT:
- that it has trained its model with data from three primary sources of information: i)
those publicly available on the Internet, ii) those licensed from third parties, and, finally,
iii) those provided by users or "trainers" contracted by the Company for this purpose. In
this regard, the Company has attached the impact assessment (DPIA) dated May 19,
2023 (first draft dated February 24, 2023);
- that it has taken measures to limit the amount of personal data in the model's training
information by excluding websites that contain large volumes of personal data, not
collecting data from the so-called dark web, and also using Azure Cognitive Services in
the fine-tuning phase of the model to remove personally identifiable information;
- to use different methodologies for the collection of training information: i) for those on
the Internet, so-called crawling by OpenAI directly or by third parties; ii) for those
licensed, a copy of the same provided by the licensor; iii) for those derived from user
interactions, the acquisition of the same during that phase and through feedback
provided by the appointed "trainers."
- that it has identified legitimate interest as referred to in Art. 6(1)(f) of the
Regulation as the legal basis for processing personal data in the training and
refinement (fine-tuning) phases of the models, and that it has made appropriate
assessments of the level of necessity of the processing, particularly regard to
publicly available data collected from the Internet;
- to further limit the processing of personal data, to provide instructions to external
collaborators, responsible for categorizing data, to exclude information containing
personal data from inclusion in the fine-tuning dataset;
- to provide users with the ability to opt out of allowing their chats to be used for model
training purposes and to delete their account, permanently removing the associated
data.
b) Regarding data processing information provided to data subjects:
- to have prepared, in addition to the information made available through the
appropriate Notice, directly linked to the privacy policy, a specific tool for the removal of
personal data, available on the Company's website for the benefit of anyone who
wishes to object to the use of their data for model training purposes;
- to have planned the launch of an information campaign both online and in two major
Italian newspapers.
c) On the data breach:
- to have published a post on its website regarding the event that occurred on March
20, 2023, providing information about the incident and to have directly contacted by e-
mail all stakeholders potentially affected by the event, including 440 Italian
stakeholders;
- that the data breach would involve some personal data of users subscribing to the
ChatGPT Plus service and in particular their first name, last name, e-mail
address and billing information, including the type of credit card, the last four digits of
it and its validity date;
- that it found the previously unknown bug in an open source library and fixed the
problem on the same day it was detected (March 20, 2023).
With respect to the Authority's request for additional information dated October 6, 2023, on the other
hand, the Company, in a note dated November 20, 2023 (Prot. No. 56039/23), represented:
a) to understand a publicly accessible source as any information freely and openly available
on the Internet and that, before using such data, it applies filters to remove information from
which the model should not learn, such as hate speech, adult content, content aggregation
sites, and spam;
b) that more than 99% of pre-training data come from public sources such as Common
Crawl, one of the largest freely accessible word sources on the web, while the remaining 1%
comes from data licensed from third parties that either own high-quality datasets or are
generated internally by the Company itself; in choosing licensed datasets, OpenAI selects
suitable sources to build secure artificial intelligence models, such as high-quality datasets
that reflect diverse information positions and include specialized subjects such as science
and mathematics;
c) that there is no involvement of Common Crawl, nor of the third parties providing datasets,
in the preparation of the datasets themselves for the training process;
d) of not being able to exclude personal information from training a priori, because it is
necessary to train the model on how the language works and to understand and answer
users' questions (prompts);
e) That no personal data is used for profiling, advertising, sales proposals or information
purposes;
f) that it has implemented several safeguards to reduce the processing of personal data in
pre-training (first phase in which the model is taught to predict, reason, and solve problems),
post-training (second phase in which the model is aligned with human values and
preferences), and in answering user questions (output), specifying what operations are
actually performed for each phase. OpenAI reported that it has adopted procedures for
periodic reassessment of training processes in order to best apply the principle of
minimization, with specific reference to post-training filtering [OMISSIS]. In this regard,
OpenAI reiterated that it offers users the option of not granting their conversations for model
training and that it warns them not to include sensitive information in questions (prompts).
The Company also reported that it has implemented a web crawler (CPTBot) that crawls
publicly available web pages to search for information that may
improve models (website owners can disable GPTbot by entering it in the robot.txt file). The
Company pointed out that it was the first AI company to create and implement such an
approach and reported that Common Crawl, which is the primary source of GPT 3.5 and
GPT 4, also provided tools for websites to exclude crawling by its bots. Regarding user
deletion requests, OpenAI referred to the forms found online, the ability offered to users to
exclude conversations from training, and to delete their accounts;
g) With respect to the request to specify whether mechanisms such as entity detection, word
embeddings (or similar) have been implemented to identify relevant personal data (in the
form names, locations, dates) within textual streams, and how these are processed during
the training phase of the algorithm and during the generation of textual streams, OpenAI
deferred to the answer provided in (f) above;
h) As to the technical solutions implemented to enable individuals to exercise the right to
rectification of inaccurate data and the right to deletion of data already used, OpenAI, having
made a premise on the functioning of an LLM, provided descriptive feedback on the handling
of rectification and deletion requests. Regarding rectification, the Company reported that it
inaccuracies where possible (e.g., with so-called fine-tuning) and that, if this approach is not
sufficient given the technical complexity of the model, it excludes personal information from
the output tout court. OpenAI clarified that the GPT models are instructed to reject prompts
related to private and sensitive information, except for public figures, and, to illustrate this
function, provided some screenshots as examples. As for deletion, OpenAI referred to the
online form briefly describing the deletion procedure.
Along with the November 20, 2023 acknowledgement, the Company produced six documents,
including an undated copy of the Legitimate Interest Assessment (LIA).
In the same memo dated November 20, 2023 (Prot. No. 56039/23) OpenAI, with specific reference
to age verification of users, produced a copy of the impact assessment (DPIA) drafted on the age
verification system adopted for users in Italy only, the contract with Yoti, a whitepaper on age
verification, the privacy policy updated as of June 23, 2023, and the age verification notice.
The Company also pointed out that, at the outcome of an initial short trial period, it considered it
appropriate to rectify some of the solutions already envisaged, providing the following operating
details:
1. Age estimation: age verification is based on age estimation through an austosnapshot
(selfie) provided by the user through the Yoti App or related site. The tool simply estimates
the age and the photo is deleted immediately;
2. ID scan: age verification is based on scanning a user's ID (passport, driver's license, or ID
card) and calculating the age derived from the date of birth. As part of this verification, Yoti
deletes the data once the session is completed or after 25 hours (the latter assumption refers
to the assumptions of sessions not finalized by the user), whichever occurs first;
3. Credit card: age verification is linked to the use of a credit card in the user's name through
a minimum temporary transaction (£0.30) in relation to which Yoti requests authorization for
payment.
All of the above solutions involve Yoti communicating only a session ID and the result of the user's
age verification to OpenAI.
The clarifications regarding the data subject's right to object, the exercise of which was facilitated
following the intervention of the Garante, are irrelevant to the establishment of the violation de
qua, as they pertain to a moment of processing subsequent to the one under analysis.
In fact, what the Authority has ascertained concerns the Company's failure to provide for functional
checks to prevent access to the service for interested parties under the age of 13 and to ensure
the involvement in the enrollment process of the holder of parental responsibility for minors
between the ages of 13 and 18, for purpose of obtaining the relevant authorization, as
required by the terms and conditions of the contract defined by the Company itself.
The Authority, on the other hand, does not believe that there are suitable elements to consider the
violation, contested under art. 166, par.5, of the Code, regarding the digital consent of minors
under art. 8 of the Regulations ascertained since the legal basis of reference, as illustrated above,
was identified in the execution of the contract under art. 6, par. 1, letter b), of the Regulations.
As a result of the foregoing, OpenAI is deemed to have violated Articles 24 and 25(1) of the
Regulations, and said violation, ascertained as of March 30, 2023, should be deemed to have
been consummated on November 30, 2022, and to be non-continuous in nature.
6.5 ART. 83, PAR. 5, LECT. (E), OF THE REGULATIONS: INFORMATION CAMPAIGN
The Office charged OpenAI with a violation of Article 83(5)(d) of the Regulation for failure to
comply with an order of the Authority, namely the compliance order in Item 9 of Order No.
114/2023.
Article 58(2) of the Regulation in listing the remedial powers available to each supervisory
authority provides, in subsection (d), that they may order the data controller to bring processing
operations into conformity with the provisions of the Regulation, where appropriate, in a specified
manner and within a specified time.
Article 83(5)(e) of the Regulations provides that failure to comply with an order, temporary or
permanent restriction of processing or order to suspend data flows of the supervisory authority
under Article 58(2) constitutes a violation subject to an administrative fine of up to 20 million euros
or for enterprises, up to 4 percent of the total annual worldwide turnover of the previous year.
In Order No. 114/2023, the Garante prescribed to OpenAI, as a condition for suspending the
effectiveness of the provisional restriction order No. 112/2023, the implementation, by
May 15, 2023, of an information campaign of a non-promotional nature in all the main Italian
mass media (radio, television, newspapers and the Internet) to be agreed upon with the Guarantor,
for the purpose of informing people that their personal data had been likely collected for the
purpose of algorithm training, of the publication on the Company's website of detailed information
and of the provision, also on the Company's website, of a tool through which all interested parties
would be able to request and obtain the deletion of their personal data (point 9 of Order no.
114/2023).
In a note dated May 15 (Prot. No. 78218/23), OpenAI announced that it had complied with the
Authority's requirement through the measures outlined in the factual reconstruction (see para. 2),
including an educational video to be produced in collaboration with the Authority. With reference to
the latter initiative, the owner, in the above-mentioned note, represented to the Guarantor that it
had prepared information campaign video, the willingness to adopt it in collaboration with the
Authority, making it public through the relevant institutional channels.
The Authority, in a note dated the following May 18 (prot. no. 79806/23), expressed strong
opposition to the media campaign, in that it was carried out without any prior information and no
prior agreement with the Guarantor regarding its terms and conditions, contrary to the
prescriptions of Order no. 114/2023. In the same note, the Authority reserved any assessment with
respect to the punctual fulfillment of the prescriptions given and invited the Company to submit
without delay and, in any case, no later than the following May 19 (extended to May 23), a
communication campaign project in line with the prescription and the observations represented.
In a memo dated May 23, 2023 (Prot. No. 82299/23), the Company, in a move to comply with the
indications received, represented its willingness to commit itself in order to organize with national
television and radio stations to broadcast information messages related to the ChatGPT service.
In a note dated June 22, 2023 (prot. no. 97898/23), the Authority, informed that it was unable, in
light of the information provided, to assess the impact of the campaign with particular reference to
the initiatives that the Company planned to launch via social media, lacking useful elements of
evaluation and judged the prospective activities through newspapers and televisions to be below
expectations and unlikely to reach the hoped-for audience. The Guarantor also expressed an
opinion against the use of its logo in the aforementioned communication campaign.
In its defense brief (see defense brief, translated version, p. 59) and at the hearing OpenAI argued
that it had correctly complied with the corrective measure de qua given the initiatives put in place
despite the tight timeframe granted (just over a month), the need to allocate a budget and the
company's limited resources (including in terms of specific experience in the field of
communications) or, at the limit, that it had simply "misinterpreted Measure no. 114" and, after the
Authority's notice of May 18, 2023, that it had "worked hard to overcome its internal limitations"
and meet the expectations of the Supervisor.
Finally, the Company stated that it would commit "to cooperate with the Guarantor and adopt
necessary efforts to increase transparency and raise awareness among data subjects in general
about their rights and the development of AI systems."
The Authority considers that OpenAI has not complied with the Authority's requirements, pursuant
to Article 58(2)(d) of the Regulation, with reference to point 9 of Order no. 114/2023, in that the
information campaign promoted, as carried out as of May 15, 2023, was not agreed upon with the
Authority, nor was the same suitable, due to the choice of means and methods of communication,
as well as the very limited time of the same, to reach the generality of the public interested in
ChatGPT services, among other things, making her aware of the rights recognized by the
regulations in force beginning with the right to object to the processing of personal data put in
place by the Company inter alia for the training of its models and, this, with particular reference, to
the personal data of non-users, not recipients of any other form of information.
As a result of the foregoing, OpenAI is deemed to have violated Article 83(5)(e) of the
Regulations for failure to with an order of the Authority pursuant to Article 58(2)(d) of the
Regulations, and said violation should be deemed to have been consummated on May 15, 2023,
and to be of a non-continuous nature.
6.6 ART. 5, PAR. 1, LECT. (D), OF THE REGULATION
The Office charged OpenAI with violation of Article 5(1)(d) of the Regulations because the
ChatGPT service, as of March 30, 2023, was generating inaccurate outputs.
Article 5(1)(d) of the Regulation requires that personal data must be accurate and, where
necessary, kept up to date (principle of accuracy) and that data controllers must take all
reasonable steps to delete or rectify in a timely manner data that are inaccurate in relation to the
purposes for which they are processed.
In Order No. 112/23 restricting processing, adopted as a matter of urgency on March 30, 2023, the
Garante highlighted the fact that the information provided by ChatGPT in outputs to users did not
always match the actual data.
The technical-legal issue regarding the accuracy of LLMs is one of the most debated
topics in the doctrine and was also evaluated by the European task force created by the EDPB on
April 13, 2023. In its final report, approved on May 23, 2024, and published the following May 24,
the task force noted that the purpose of OpenAI's data processing is to train the GPT language
model underlying ChatGPT services and not necessarily to provide accurate information, as the
probabilistic nature of the system leads the model to produce biased or discriminatory (biased)
results. However, the results provided by ChatGPT are likely to be considered factually
accurate by end users regardless of their actual accuracy. It is, therefore, important that the data
controller provide adequate information about the probabilistic mechanisms for creating the
outputs and their limited level of reliability, including an explicit reference to the fact that the
generated text, although syntactically correct, may be biased or discriminatory. This fulfillment,
which can be traced back to the principle of transparency in Art. 5(1)(a) of the Rules, is useful to
avoid misinterpretation of ChatGPT outputs by users, but does not exempt the Company from
having to work towards compliance with the principle of accuracy (see final report, pp. 8 and 9). In
this regard, it is noted that OpenAI, following the Garante's Order No. 114/2023, while
acknowledging the technical difficulties, has implemented some measures to reduce the effects of
inaccurate outputs. In the defense brief, the Company pointed out that since the launch of the
service in November 2022, OpenAI has made it clear to users that ChatGPT should not be
understood as an accurate source of informationthrough statements, notices, articles, FAQs on the
website, and a dedicated pop-up window to inform users about the potential inaccuracy of the
service's responses (see defense brief, translated version, pp. 45 and 51-52). The Company
represented what measures were taken, at each training stage, to identify and remove inaccurate,
unreliable, or potentially harmful information (pre-training stage), instruct models to refuse to
provide private or sensitive information about individuals (post-training stage), and offer people to
report inaccuracies and request rectification (service use stage). The Company also pointed out
that although it is not technically possible to make an LLM 100 percent accurate, "OpenAI is
committed to improving the accuracy of its models, not because ChjatGPT should be relied upon
as an accurate source of information, but because more accurate answers will make ChatGPT
more useful to its users (cf. defense brief, translated version, p. 47) and that a November 2023
study recognized ChatGPT (GPT 4, GPT 4 turbo and GPT 3.5 models) as having the lowest
hallucination rate among the leading generative artificial intelligence services (see defense brief,
translated version, pp. 47-48).
In light of the foregoing, it seems clear that the legal issue regarding the inaccuracy of the
personal data of the ChatGPT service outputs raised by the Guarantor in the Emergency Interim
Restraining Order No. 112/2023 is far from resolved and that the technical and organizational
measures implemented by OpenAI over the past year are the result of a constant and ongoing
process. As reported by the Company, OpenAI's models and accuracy mechanisms are, by their
nature, in continuous development (see defense brief, translated version, p. 45). The alleged
infringement must, therefore, qualify as a continuing infringement (i.e., of a permanent nature) and
therefore still in existence as of February 15, 2024, the dies a quo of the Company's establishment
in the European Union, through its subsidiary OpenAI Ireland
Ltd. As the one-stop shop mechanism is to be applied from that date with the consequent transfer
of competence to the lead supervisory authority, pursuant to Article 56 of the Regulation (identified
in the Irish Data Protection Commission), in the light of EDPB Opinion No. 8/2020 on the
competence of a supervisory authority in the event of a change in the circumstances relating to the
main or sole establishment, it is considered that it cannot, in this specific respect, proceed on the
grounds of lack of competence and the transmission of the files to the Irish lead authority is
ordered.
7. INJUNCTION ORDER FOR THE APPLICATION OF ADMINISTRATIVE FINE AND
ANCILLARY PENALTIES
The Authority, pursuant to Articles 58(2)(i) and 83 of the Regulations as well as Article 166 of the
Code, has the power to impose an administrative fine under Article 83, in addition to or instead of
the other corrective measures provided for in the same paragraph.
In the present case, given that the corrective measures pursuant to Article 58(2)(d) of the
Regulation have already been ordered by the Authority with the suspension order of the urgent
provisional restraining order No. 114/2023, the Guarantor hereby adopts the injunction order
ordering the application of the administrative pecuniary sanction pursuant to Art. 58(2)(i) of the
Regulations and the ancillary sanction of carrying out an institutional communication campaign
aimed at promoting awareness of the right to the protection of personal data, pursuant to Article
166(7) of the Code, with particular reference to the right of data subjects to exercise their right to
object.
In determining the penalty, the Authority shall take into account the relevant principles and
interpretation provided by the EDPB in Guidelines 4/2022 on the calculation of administrative fines
under the GDPR, version 2.1, adopted on May 24, 2023.
Based on the above arguments, the Supervisor found that the following provisions of the
Regulations were violated: Article 33; Articles 5(2) and (6); Articles 5(1)(a), 12 and 13;
Articles 24 and 25(1); Article 83(5)(e) of the Regulations.
In the present case, it should first be noted that the Company engaged in a series of conducts that
integrated multiple violations, as in the preceding paragraphs specifically outlined and justified.
The violations relating to the legal basis (Articles 5, apr paras. 2 and 5 of the Regulation),
transparency (Articles 5(1)(a), 12 and 13) and age verification (Articles 24 and 25(1)) can be
brought under the aegis of Art. 83(3) of the Regulation, according to which in the presence of
several violations of the Regulation, relating to the same or related processing, the total amount of
the administrative fine may not exceed the amount provided for the most serious violation.
Significantly, with reference to such violations, a case of linked processing, as defined in
paragraph 28 of the aforementioned guidelines (a unitary conduct consists of several actions that
are put in place on the basis of a unitary will and are contextually, spatially and temporally related
so closely that they can be considered, from an objective point of view, as a single coherent
conduct), can be configured. The most serious of these violations must be found in the violation of
transparency obligations given that both Article 5(1)(a) (principle of transparency) and Articles 12
and 13 (rights of data subjects) are sanctioned under Article 83(5), which sets the maximum fine at
the sum of 20 million euros or, for companies, 4 percent of annual worldwide turnover in the
previous year if higher. In contrast, violations related to data breach (Art. 33 of the Regulation) and
failure to comply with an order of the Authority (Art. 83(5)(e) of the Regulation) constitute separate
violations, which do not fall within the scope of Art. 83(3) of the Regulation.
According to Article 83(1) of the Regulations, the administrative penalty must be effective,
proportionate and dissuasive in relation to the individual case. In the aforementioned guidelines,
the EDPB has
specified that the calculation of administrative pecuniary sanctions should start from a harmonized
starting point, which is the initial basis for further calculation of the amount of the sanction, in which
all the circumstances of the case are considered and weighted (see para. 46). The harmonized
starting point must consider three factors: 1) nature of the violation within the meaning of Article
83(4)-(6) of the Regulations; 2) gravity of the violation; and 3) turnover of the enterprise (see para.
48).
Starting with the first profile, in the present case, there are two violations, in the abstract, of a more
serious nature (Art. 83(5) of the Regulations) and one less serious violation (Art. 83(4) of the
Regulations). The first two refer to the three violations, considered in a unified manner under
Article 83(3) of the Regulations and the failure to comply with the order of the Guarantor, while the
second concerns the data breach.
As for the gravity in concrete terms, the elements to be taken into consideration are: a) nature,
seriousness and duration of the violation (Art. 83(2)(a) of the Regulation); b) intentional or
negligent nature of the violation (Art. 83(2)b) of the Regulation); c) categories of personal data
affected by the violation (Art. 83(2)(g) of the Regulation).
In the present case, the seriousness of the violations, with reference to the three violations linked
by the principle of unity of action, must be considered of a high level given that: (i) the nature of the
violations relates to two fundamental principles (transparency and accountability, namely, the
inability of the owner to demonstrate that the identification and election of the legal basis of the
processing took place before the processing began) and to the rights of the data subjects (with
reference to the violations of the information obligations, namely, the information that should have
been made regarding the processing activities for purposes of training the models underlying the
ChatGPT service, particularly in relation to non-users, whose expectations regarding the
processing of data for the aforementioned purposes are to be considered practically non-existent);
(ii) the nature of the processing involves significantly high risks as it is connected to an innovative,
disruptive and very rapidly expanding technology; (iii) the object of the processing has a cross-
border nature of global scope with effects that are practically uncontrollable by the data subjects;
(iv) the purpose of the processing falls within the core business of the Company; (v) the number of
data subjects involved is very high: 1.8 million active monthly Italian users of the ChatGPT service
in March 2023, but above all potentially the entire Italian population to whom publicly available
information on the web collected, directly or indirectly by OpenAI for the training of the GPT
models underlying the ChatGPT service can be traced; vi) the nature of the data likely also
involved special data and, in the absence of age verification mechanisms and child data filtering
systems for training purposes, personal information referring to underage subjects. The limited
duration of the breach (November 30, 2022 to March 30, 2023) does not seem to be a suitable
element to counterbalance the judgment of high severity since the end of the breach depended on
and coincided with the emergency intervention of the Supervisor.
In contrast, with reference to the violation of Art. 33 of the Regulation, the limited number of users
potentially involved in the data breach (440 potential Italian users), the nature of the security
incident (bug in an open source library), the common nature of the compromised data, the rapid
and effective intervention of the Company in securing (suspending the service), remediation at the
corporate level (fixing the bug) and at the community level (intervention on the open source
library), as well as the notification of the data breach, albeit to a supervisory authority
unquestionably not competent at the time of the facts, are elements suitable to configure the
relevant violation as low level.
On the other hand, the violation of Article 83(5)(e) of the Regulation must be considered to be of a
high level in view of its seriousness , taking into account the peculiarity of the Authority's order to
which the reactivation of the service in Italy was subordinated in accordance with the provisions of
point 9 of Order No. 114/2023, not noting the difficulties encountered in compliance due to the
size and organization of the Company at the time of the events, the limited time for
compliance.
All violations must be considered culpable in nature. As stated by the Art. 29 Working Party, in the
guidelines regarding the application and provision of administrative fines for the purposes of
Regulation (EU) No. 2016/679, adopted on October 3, 2017 and transposed by the EDPB on May
25, 2018 (Guidelines WP 253), intentional behavior refers to both awareness and intentionality
(consciousness and will) to commit an offense, while negligent behavior lacks the intention to
cause the violation despite the failure to comply with a duty of care. OpenAI, recalling a recent
ruling by the Court of Justice of European Union (Judgment C-807/21 of Dec. 5, 2023), according
to which it is the burden of the supervisory authority to establish that a violation was committed
with intent or negligence by the data controller since only unlawful violations can result in the
imposition of a pecuniary administrative sanction, argued that the Garante did not, in the act of
notification of violations under Article 166 of the Code, provide any element in this regard. The
Company cited, in order to argue its defense, the fact that OpenAI, a U.S.-based nonprofit
research company, had not planned or expected to operate an important consumer-facing service,
but once ChatGPT's user base and operations grew enough to fall within the scope of the GDPR,
OpenAI quickly took steps to improve its practices. Consequently, the malicious or negligent
nature of the alleged GDPR violations is nonexistent and cannot be presumed by Garante (see
defense brief, translated version, pp. 61-62). In this regard, it is noted that while it is true that the
CJEU has stated in the aforementioned decision that Article 83 of the Regulation does not permit
the imposition of an administrative fine without a finding that such a violation was committed with
malice or negligence by the data controller (see para. 75), it is also true that the Court itself has
upheld the basic principle ignorantia legis non excusat, stating that a data controller may be
sanctioned for conduct falling within the scope of the GDPR if that controller could not have been
unaware of the unlawful nature of its conduct, regardless of whether it was aware that it was
violating the provisions of the GDPR (see para. 76). This principle had already been enunciated by
the Court of Justice in another case (Judgment C-601/16 of March 25, 2021, paras. 97 and 98) in
which it had held that an undertaking can be sanctioned for conduct falling within the scope of
Article 101(1) TFEU if that undertaking could not have been unaware of the anti-competitive nature
of its conduct, regardless of whether or not it was aware that it was infringing the competition rules
of the Treaty (see to that effect, judgment of June 18, 2013, Schenker & Co. and Others, C 681/11,
EU:C:2013:404, paragraph 37). It follows that the fact that that undertaking mischaracterized in law
its conduct on which the finding of infringement was based cannot have the effect of exempting it
from the imposition of a fine, since it could not have been unaware of the anti-competitive nature of
that conduct (judgment of June 18, 2013, Schenker & Co. and Others, C 681/11, EU:C:2013:404,
paragraph 38)." In the present case, OpenAI cannot escape its obligation to know and apply the
Regulation simply by claiming that it could not have foreseen the success of its service.
Knowledge and application of the Regulations are independent of the success of an economic
initiative since the Regulations, as is well known, protect a fundamental right provided for and
protected by Article 8 of the Charter of Fundamental Rights of the European Union and must be
complied with before processing personal data, not at a later time, discretionarily identified by the
owner. The very fact that the Company considered that it had to comply with the Regulations only
in the face of the success of the ChatGPT service in the European Union in itself integrates the
negligence underlying the concept of fault and allows the Company to be deemed to have
demonstrated the existence of this subjective element. More specifically, negligence is
demonstrated precisely by the awareness manifested by the Company of having adopted from the
outset
... a privacy compliance model based primarily on three elements: transparency, privacy by
design/the principle of minimization, and opt-out mechanisms for users, and that in light of the
great success of ChatGPT, continuous compliance activities have been undertaken aimed at the
improvement of the organizational model (by way of example, draft DPIA and LIA). (see hearing
transcript p. 3). Finally, the defense argument that OpenAI was (and still is) a small research
organization with limited resources... (see document attached to the hearing transcript p. 6) cannot
be accepted, given that, as referred to in the above-mentioned WP 253 guidelines, Firms should
be responsible for adopting structures and resources appropriate to the nature and complexity of
their activities. Therefore, data controllers and processors cannot legitimize data protection law
violations by appealing to a lack of resources. The fault on OpenAI's part must therefore be
considered serious because the company launched a service involving large-scale processing of
personal data worldwide without having taken the minimum measures to comply with the
Regulations.
Also relevant to the quantification of the administrative fine are the aggravating factors in Article
83(2)(d) and (k) of the Regulations.
With regard to the first profile, the degree of responsibility of the data controller must be
considered high due to the failure to adopt, at the time of launching the service, appropriate
technical and organizational measures to mitigate the risks to the rights and freedoms of the data
subjects and grant them the exercise of the prerogatives set forth in Chapter III of the Regulation.
As for the second circumstance, it is noted that the violations established allowed the company to
avail itself of a competitive advantage and consequently obtain financial benefits.
For the purpose of adopting the administrative sanction, the adoption of measures put in place by
the data controller to remedy the violation and mitigate its possible negative effects shall be taken
into account as a mitigating factor (Art. 83(2)(f) of the Regulations), in particular:
- The updating of the information in Articles 12 and 13 of the Regulations, including with
reference to the purposes of model training, most recently with the Privacy Notice of
December 15, 2023, effective February 15, 2024;
- the publication of the privacy policy on the home page of the site, in the privacy policy
sections, in the site's help center, and on the log-in page, or its placement on the registration
page in such a position that it could be read before the conclusion of the registration process,
as well as the presentation to already registered users of a window that contained links to the
privacy policy and the help center along with a request for confirmation of their age;
- The implementation of the age gate mechanisms described in Section 3.1.4, both for new
and existing registered users;
- with reference to model training, the measures taken to limit the processing of personal
data during the various stages of training.
OpenAI's turnover relevant to the calculation of the penalty is the total worldwide turnover referring
to the fiscal year 2023. The fiscal data provided by the Company, in a memo dated April 23, 2024,
indicates this value to be $1,029,186,389.00, or approximately €948,487,890.00 as of the date of
adoption of this measure.
Because of the above elements, evaluated as a whole, taking into account the Company's total
annual worldwide turnover in the previous fiscal year, it is deemed to determine, total amount
of the administrative fine as 15,000,000.00 euros, which is approximately 1.58% of the total annual
worldwide turnover in fiscal year 2023. This amount is determined in the following terms:
• Pursuant Article 83(3) of the Regulations, considering the uniqueness of the conduct by
dealing with
related treatments for the reasons stated above, the amount of the fine for violation Articles
5(1)(a), 5(2), 6, 12, 13, 24 and 25(1) of the Regulations is calculated in the amount of
9,000,000.00 euros;
• the amount of the fine for violation of Article 33 of the Regulations is calculated as
320,000.00 euros;
• the amount of the fine for the violation Article 83, Paragraph 5 (e) of the Regulations is
calculated as 5,680,000.00 euros.
The total aggregate fine determined at 15,000,000.00 euros is considered, in accordance with
Article 83(1) of the Regulations, to be effective, proportionate and dissuasive.
The general interest with respect to the issue of the impact of generative artificial intelligence on
the right to the protection of personal data and the circumstance that the communication campaign
that OpenAI was prescribed at the time to put in place but which the company did not adequately
carry out should have been aimed, in particular, at making the interested parties aware of the
rights to which they are entitled and the concrete ways through which they can effectively exercise
them, also requires the application of the accessory sanction provided for in Art. 166, paragraph 7,
of the Code of the injunction to carry out an institutional communication campaign aimed at
promoting awareness of the personal data protection issues that come to the fore in the case in
question in these proceedings with particular reference precisely to the terms and modalities
through which the interested parties will be able to exercise in a simple and effective manner, all
the rights to which they are entitled under the current regulations starting with those of opposition,
rectification and cancellation.
This sanction is appropriate to pursue the purpose of knowability of the Authority's decisions
underlying the publicity regime provided by the legislature in light of the fact that the information
campaign ordered by the Guarantor in Order 114/2023, as illustrated above, was not
properly fulfilled by the Company thereby lacking the purpose pursued by the Authority, through
that order, to promote public awareness and understanding regarding the risks associated with the
ChatGPT service and the guarantees and rights in relation to the processing of personal data
carried out within the scope of that service.
In view of the seriousness of the violations ascertained, particularly taking into account that this
involves large-scale processing involving a large number of data subjects, the nature of the
violations, and the risks in terms of personal data protection associated with making available to
the public a service based on innovative and complex technology in the absence of due
safeguards, it is deemed necessary to order the Company to carry out institutional
communication campaign to be carried out in all the main Italian media (radio, television,
newspapers and the Internet), lasting six months from the start of the campaign itself to begin
within 45 days of notification of the Garante's approval of the communication plan,-which the
Company must submit within 60 days of notification of this order and- , the contents of which must
be approved in advance by the Garante itself. The campaign should be aimed at promoting public
understanding and awareness of the operation of the ChatGPT service, its implications with
respect to the right to personal data protection, with particular reference to the collection of data
from users and non-users for model training purposes and the rights that can be exercised, with
specific reference to the right of data subjects to exercise the right to object and the right to data
deletion. Within 60 days of the end of the communication campaign, moreover, the company shall
communicate to the Authority any information useful for assessing the fulfillment of this order
therein including that relating to the manner through which the rights under current regulations
including the right to object and the right to
deletion of personal data.
In case of failure to comply in a timely manner, the Authority reserves the right to take
further action.
Finally, it is believed that the prerequisites set forth in Article 17 of Regulation No. 1/2019
concerning internal procedures having external relevance, aimed at the performance of the tasks
and exercise of the powers delegated to the Guarantor, for the annotation of the violations
detected herein in the Authority's internal register, provided for in Article 57(1)(u) of the
Regulation, are met.
ALL OF THE ABOVE THE GUARANTOR
Pursuant to Article 57(1)(f) of the Regulation, declares unlawful the processing described in
the terms set forth in the grounds made by OpenAI OpCo LLC, located at 3180 18th Street,
San Francisco, California, United States of America, and accordingly:
ORDER
to OpenAI OpCo LLC, headquartered at 3180 18th Street, San Francisco, California, United
States of America to pay the total sum of 15,000,000.00 euros as a fine for violations of
Articles 5(1)(a) and par. 2, 6, 12, 13, 24, 25, and 32 of the Regulations, representing that the
violator, pursuant to Article 166, paragraph 8, of the Code has the option to settle the dispute
by paying, within the term of sixty days, an amount equal to one-half of the penalty imposed.
INGIUNGE
a) to the aforementioned Company, in the event of failure to settle the dispute pursuant to
Article 166, paragraph 8, of the Code, to pay the sum of 15,000,000.00 euros, in the manner
set forth in the annex, within 30 days of the notification of this order, under penalty of the
adoption of the consequent executive actions pursuant to Article 27 of Law No. 689/1981;
b) as an ancillary sanction, pursuant to art. 166, par. 7, of the Code, for the reasons
expressed in the explanatory statement, to the aforementioned Company to carry out an
institutional communication campaign, to be carried out on all the main Italian media (radio,
television, newspapers and Internet), lasting six months starting from the start of the
campaign itself to be started within 45 days from the notification of the approval by the
Guarantor of the communication plan that the company must send within 60 days from the
notification of this measure - and whose contents must be approved in advance by the
Guarantor himself. The campaign should be aimed at promoting public understanding and
awareness of how the ChatGPT service works, the implications of the same with respect to
the right to personal data protection, with reference to the collection of data from users and
non-users for model training purposes and the rights that can be exercised by them under
the Regulations, with specific reference to the right of the interested parties to exercise the
right to object and the right to delete personal data;
c) to the Company to transmit to the Authority within sixty days of the end of the
communication campaign any information useful for assessing the proper fulfillment of the
order referred to in the preceding letter including the terms and modalities through which the
interested parties have been and will be guaranteed the exercise of the rights covered by the
campaign itself beginning with those of opposition and cancellation.
PROVIDES
a) Pursuant Article 17 of the Regulation of the Guarantor No. 1/2019, the entry in the register
internal of the Authority, provided for in Article 57(1)(u) of the Regulation, of violations and
measures taken;
b) The transmission of the files to the Irish supervisory authority, as the lead supervisory
authority pursuant to Article 56(1) of the Regulations as of February 15, 2024, with reference
to the violation referred to in Article 5(1)(d) of the Regulations and in relation to further
profiles of unlawful data processing of a continuous nature.
Pursuant to Article 78 of the Regulations, as well as Article 152 of the Code and Article 10 of
Legislative Decree No. 150 of September 1, 2011, opposition to this measure may be lodged
with the ordinary judicial authority, with an appeal filed with the ordinary court of the place
where the owner of the personal data processing has its residence, or, alternatively, with the
court of the place of residence of the interested party, within the term of thirty days
from the date communication of the measure itself, or sixty days if the claimant resides
abroad.
Rome, November 2, 2024
THE CHAIRMAN.
Stanzione
THE SPEAKER.
Cerrina Feroni
THE SECRETARY GENERAL
Matte