Italy is going to be a crazy place to visit in 100 years if they just kick out every new tech like this.

This ban has nothing to do with AI as a technology, and nothing to do with AI at all. This is a temporary ban because openAI, as a company, does not handle users private data (the data it collects from users who are using chatgpt, not the AI training data) in a GDPR compliant way.

They also broke GDPR in regards to informing users what personal data of theirs was impacted in a security breach that openAI had recently.

While Italy is more aggressive in chasing down GDPR violations than most other EU countries, openAI should get their data handling into compliance, because the current product they sell (and by product, I once again am not talking about the AI model itself, but the chatgpt platform through which registered users can use it), is technically breaking the law EU-wide.

Oh man I can see this getting expensive for them

> For especially severe violations, listed in Art. 83(5) GDPR, the fine framework can be up to 20 million euros, or in the case of an undertaking, up to 4 % of their total global turnover of the preceding fiscal year, whichever is higher.

https://gdpr-info.eu/issues/fines-penalties/#:~:text=For%20especially%20severe%20violations%2C%20listed,fiscal%20year%2C%20whichever%20is%20higher.

[deleted]

If you read the article, its about user account data and not the training data.

[deleted]

The article also says that the Italian agency is mad that OpenAI isn't collecting a lot more private data to determine the age of users.

[deleted]

I can’t ever see GDPR as being construed as to mandate more Personal Information collection in order to comply. That’s a crazy argument from Italian regulators. Shame it’s coupled with a legitimate, critical ruling.

Tell me you've never set foot in Europe without telling me.

If my country banned chatgpt I d be very mad . This tool has changed my problem solving philosophy at work and in life for the better

Italy more like Ltaly now

It's temporary, chill.

Wut ?

Good. GDPR must be taken seriously, the ban won't last long if OpenAI complies.

The ban is temporary and it's normal for a website that doesn't adhere to GDPR. It has nothing to do eith GPT, or the technology itself.

ChatGPt can make your life better without raping your privacy and leaking your payment infos.

Government knows best.

i wonder why they didnt put more effort into scaling and security beforehand like how would they not think that many people would want to use it

Ho got it, my bad.
Got heated up for no reason

Legislators are the worst.

[deleted]

Real Reason behind the ban LOL
https://twitter.com/KaranbirSohi/status/1641846183915290625?s=20

[deleted]

I’m curious, where did you go? Northern Italy is just as economically advanced as the rest of Western Europe - not to say that the South is bad, Palermo is an amazing place for example. Have you ever been to Positano?

In terms of tourism it is also the most visited country in Europe, I wonder why you had such a bad experience considering how many wonderful things Italy has to offer, from food, people, wine, architecture, history, nightlife, nature…

What did you not like about Italy? Why was your experience so horrible?

What if they just stop doing business in Italy?

Italians have one joke besides their economy

They would have to drop all of EU.

Stay far away, please. Thanks!

Their choice. The real question is will openAI care in the end? I mean it their citizens want the tool the work around is probably quite easy as we see in China.

If storing data for children has different compliance laws then you have to collect that data to store any data at all and remain in compliance.

I understand why but this is unlikely to help Italy ..

Not necessarily. COPPA has no such requirement, for example. Instead, it applies if you know or reasonably suspect a child under a specific age could or is using the platform. It’s sort of a “don’t ask don’t tell” dilemma here.

That might be an individual Italian law, or atleast something besides GDPR. GDPR has no such mandate.

What this have to do with legislators?

It sounds crazy because it's not what it's being asked of openAI, the regulator complain that openAI hasn't put anything in place to check if the user is a minor, which is a reasonable complaint. They are not asking openAI to collect more data for the sake of it, but to refuse access to minors

Who empowered the GPDP?

COPPA is American law though, not European regulation.

It is an example of how laws may not require active collection of personal data.

OpenAI is breaking EU laws, not only Italian.

Oh yeah. Who the F would like to have privacy or be sure that their data are safe, right? Only an idiot.

/s - just in case

What a joke Italia. The number one steal of your data is your own government American Canadian British constantly they breached their own Constitution. Canada cuz Mr potato Head challenge everybody to his dictatorship just like the truckers when he said they were racist and terrorists we find out had nothing to do with anything but him in power. Number two the Americans using the CIA the FBI a Homeland security to silence their own people cuz they spoke up against them. Brett just treats everybody like an idiot and collect their data. I love chat GDP AI rocks. They just want this gone because the challenges their authority. Because AIS have no feelings it is logical. And today is science politicians is all about feelings and I've already heard them call AI is racist sexes so what the hell is wrong withs people.

Did they steal the data or was it voluntarily given?

If the data was given voluntarily, should you be able to shoot the “perpetrators”?

Do they want to operate in the EU? Then they have to follow the law, as simple as that.

They don't want to comply to the law? The get out of the EU.

Wait, why? Is this an EU thing?

Cool talk Chief.

They just did. ChatGPT just blocked italian traffic.

Feels like Italy is insecure of the future. Let’s make it confident through vpn (:

[removed]

> The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018. The GDPR will levy harsh fines against those who violate its privacy and security standards, with penalties reaching into the tens of millions of euros.

https://gdpr.eu/what-is-gdpr/

Italy stepping behind

That doesn’t make them GDPR compliant for the rest of Europe

The members of GPDP are indeed elected by the Italian parliament, but they are not specifically to be legislators. Also, once elected, they are not legislators, more like judges.

Are you okay

Age verification is permitted even under GDPR. The fuck you talking about lol.

The fact that collecting it puts companies at further risk and GDPR doesn’t require it? The fuck you on about?

Lol? You definitely don't get the point of GDPR. "Getting more data" isn't the issue, it's "getting it without permission", "leaking" or "storing it improperly".

You don’t get the point of infosec and data protection. Minimizing risk is critical. Stop talking about shit you don’t understand please :)

GDPR ain't infosec lol.

Lmfao. GDPR is compliance and infosec. Quick quiz: what’s GRC stand for buddy?

https://www.europarl.europa.eu/RegData/etudes/ATAG/2023/739350/EPRS_ATA(2023)739350_EN.pdf

>The GDPR requires the use of verification with regard to age and parental consent.

Lol. This guy.

Lmfao. Nice job, let’s read the whole thing shall we?

> Processing shall be lawful only if and to the extent that at least one of the following applies:

> the data subject has given consent to the processing of his or her personal data for one or more specific purposes;

> processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

> processing is necessary for compliance with a legal obligation to which the controller is subject; processing is necessary in order to protect the vital interests of the data subject or of another natural person;

> processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

> Where point (a) of Article 6(1) applies, in relation to the offer of information society services directly to a child, the processing of the personal data of a child shall be lawful where the child is at least 16 years old.

> 2Where the child is below the age of 16 years, such processing shall be lawful only if and to the extent that consent is given or authorised by the holder of parental responsibility over the child.

> 3Member States may provide by law for a lower age for those purposes provided that such lower age is not below 13 years.

Taken together, the company is only requires to get consent if 1) it processes the information, and 2) it is directly done for services direct to children.

So no mandatory consent or age verification across the board. You wanna try again bud?