155

Poland Opens GDPR Investigation into ChatGPT and OpenAI amid Mounting Privacy Concerns (www.privateinternetaccess.com)

submitted 11 months ago by JRepin@lemmy.ml to c/privacy@lemmy.ml

11 comments fedilink hide all child comments

It’s not surprising that ChatGPT has been accused of breaching the EU’s main privacy law – PIA blog noted that ChatGPT was a privacy disaster waiting to happen back in February. As the first complaint to be taken up by an EU data protection agency, this case will be watched closely by other EU Member States, and around the world. The Polish inquiry is likely to investigate many of the key GDPR issues that arise for AI programs and be used as a benchmark in future legal cases.

you are viewing a single comment's thread
view the rest of the comments

[-] criminalunicorn@feddit.uk 11 points 11 months ago

Your username would fall under GDPR as personally identifiable information - also if your instance asks for an email address, that is also personally identifiable information under GDPR.

I think any posts that users can contribute to a social network, also fall under GDPR.

This is a potential issue that many instance owners may not have realised.

[-] magnor@lemmy.magnor.ovh 9 points 11 months ago

Even if it is, this data is not processed in a way that would violate the law, unless the hosting party is doing something shady. It would be an incredible stretch to consider that a website only asking for a username to attach to a user somehow violates GDPR.

[-] IzzyData@lemmy.ml 12 points 11 months ago

Well for one thing a user is prevented from deleting their account when banned. I'm pretty sure this can be considered a violation of the law.

[-] magnor@lemmy.magnor.ovh 6 points 11 months ago

Email works the same way. Once your data is received by the other party, you cannot delete it.

Public mailing lists have a very similar behaviour to the fediverse's. I am not aware of any credible GDPR cases against those, although it may happen down the line, we'll see.

[-] webghost0101@sopuli.xyz 4 points 11 months ago

Thats a good point. An instance could comply if there remains a way to submit a remove my data form to the admins. But other instances may also have or retain data with Lemmy being a decentralized network, our data is all over the place, there is no easy way to really be forgotten on the fediverse and neither a way for law enforcement to fine every single instance.

[-] Tau@sopuli.xyz 0 points 11 months ago

But you are giving explicit consent to store that information by way of submitting it

this post was submitted on 30 Sep 2023

155 points (99.4% liked)

Privacy

31253 readers

610 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS