Privacy concerns surfaced from hallucination spark another complaint against ChatGPT in the EU
ChatGPT has landed in hot water again in the European Union (EU) due to its tendency to spout inaccuracies. This time, the issue centers around privacy rights, with a complaint filed against the AI for its inability to correct misinformation it generates about individuals.
ChatGPT’s launch in November 2022 ignited a firestorm of excitement in the AI world. People flocked to the chatbot for everything from research assistance to casual conversation. However, a crucial detail lurks beneath the surface: OpenAI, the developers behind ChatGPT, freely admits the program simply predicts the most likely words to follow a prompt. This means, despite extensive training data, there’s no guarantee ChatGPT delivers factual information. In fact, generative AI tools like ChatGPT are notorious for “hallucinating,” essentially fabricating answers.
While inaccurate information might be tolerable when a student uses ChatGPT for homework help, it becomes a serious issue when dealing with personal data. EU law, established in 1995 and reinforced by Article 5 of the GDPR (General Data Protection Regulation), mandates that personal data must be accurate. Furthermore, individuals have the right to rectification (Article 16 GDPR) if information is wrong, and can request its deletion. Additionally, the “right to access” under Article 15 GDPR compels companies to disclose the data they hold on individuals and its sources.
Maartje de Graaf, a data protection lawyer at noyb, emphasizes the gravity of the situation: “Fabricating information is problematic in itself. But when it comes to personal data, the consequences can be severe. It’s clear that current chatbot technology, like ChatGPT, struggles to comply with EU law when processing personal information. If a system can’t deliver accurate and transparent results, it shouldn’t be used to generate data about individuals. The law dictates the technology’s development, not the other way around”.
ChatGPT’s launch in 2022 was met with huge hype, but its underlying mechanism, which predicts likely words based on prompts, raises questions about the accuracy of the information it generates (Image credit)
noyb investigates ChatGPT’s hallucination
This latest grievance comes from noyb, a European non-profit organization focused on privacy rights. They represent an unnamed public figure who discovered that ChatGPT produced an incorrect birth date for them. This highlights a potential clash between these generative AI tools and the EU’s General Data Protection Regulation (GDPR).
The GDPR grants EU citizens a “right to rectification,” which allows them to request corrections to inaccurate personal information held by organizations. In the context of AI-generated content, this raises a crucial question: can a large language model like ChatGPT be held accountable for the information it produces, especially when that information is demonstrably wrong?
@NOYBeu on X has shared the following post on X about the situation:
