Italy's data protection authority, the Garante, found OpenAI's artificial intelligence chatbot ChatGPT breached several provisions of the EU General Data Protection Regulation following a fact-finding inquiry. OpenAI has 30 days to submit counterclaims. Meanwhile, the Garante issued a 79 million euro fine to energy company Enel Energia for alleged unlawful processing of personal data for telemarketing purposes in violation of the GDPR.
1 March 2024
Garante alleges OpenAI's ChatGPT violated GDPR
Related stories
Notes from the Asia-Pacific region: Looking back on an exceptional 2025 and the year to come
Notes from the IAPP Europe: Another piece of the EU Digital Package puzzle — the Data Union Strategy
Gaps in website opt-out functionality under the microscope in privacy enforcement
The case for differential privacy in the age of agentic AI
Santa Fe 4.0: la reforma constitucional que redefine derechos, tecnología y ciudadanía digital en Argentina
