LIONEL BONAVENTURE / AFP
The Cnil opened an investigation on Thursday April 13 on ChatGPT, the OpenAI conversational robot. Illustrative photo.
IA – Will France follow in Italy’s footsteps and in turn suspend ChatGPT? If it is too early to say, the conversational robot of the American company Open AI is in any case under investigation by the National Commission for Informatics and Freedoms (Cnil) since Thursday April 13. The French personal data protection authority must investigate five complaints, including the one filed Wednesday by the deputy of the presidential majority, Eric Bothorel.
The elected official has indeed requested the Cnil for possible violations of ChatGPT to the European General Data Protection Regulation (RGPD). He posted screenshots of his interactions with the AI tool, which show numerous errors when asked about his profile, with fanciful dates and functions. However, the GDPR stipulates in particular that the personal data processed must be exact.
“Is it normal that what looks like a tool that processes personal data disseminates erroneous data on our fellow citizens? Seems problematic to me.”Eric Bothorel told AFP when he filed his complaint. “I’m not saying ‘Haro on ChatGPT'”he had however specified, considering that it was up to the Cnil to decide on the adequacy of the current law to the evolution of artificial intelligence.
And the chatGPT mythos came crashing down… https://t.co/DZkoAcNK8d
— eric bothorel (@ebothorel)
A dedicated working group at European level
His doubts about the Open AI tool had been shared in early April by the French Minister Delegate for Digital, Jean-Noël Barrot, who claimed that ChatGPT did not comply with the GDPR. He, however, also felt that it was better “frame” the tool rather than forbidding it.
In parallel with the opening of the French investigation, the European Data Protection Board (EDPB), the body responsible for coordinating the various CNILs at EU level, announced the creation of a “dedicated working group” to promote European cooperation on the subject and discuss possible sanctions.
Each national data protection authority can decide at its own discretion to ban such or such non-European site in its country if it considers that it does not comply with data protection law. In Italy, the local authority thus decided at the beginning of the month to suspend the access of Italian Internet users to the conversational robot and gave Open Ai twenty days to comply with the GDPR, under penalty of a heavy fine.
See also on Le HuffPost :