AI & Law@ai_and_law · Post #696 · 06.11.2025 г., 08:04
🇺🇸Law Enforcement Ordered OpenAI To Share User Data In First Known Warrant For ChatGPT Prompts
Forbes reports on the role a person's ChatGPT prompt history played in a U.S. Homeland Security Investigations criminal probe, based on an unsealed search warrant.
Parent company OpenAI was not asked to identify the individual and it is unclear what data the government received in its request. But a privacy advocate said the incident shows law enforcement may increasingly look to chatbot histories to glean information about a person during an investigation and the importance of having protections on that data.
#AIPrivacy
AI & Law@ai_and_law · Post #306 · 14.05.2024 г., 07:04
Germany Issues Guidance on AI Applications and Data Protection
The German Data Protection Conference (DSK) released a new Guidance document on May 6, 2024, outlining data protection considerations for deploying Artificial Intelligence applications, with a particular focus on Large Language Models.
The Guidance primarily targets those deploying AI applications, but also indirectly applies to developers, manufacturers, and providers of these systems. It outlines that deployers of AI applications must determine their field of application and the purposes for which they will serve.
The Guidance highlights that AI application deployers must take particular care when entering and outputting personal data, as well as with special categories of personal data. Furthermore, the deployers must check results for inaccuracies and discriminatory effects.
#AIPrivacy#GDPR
AI & Law@ai_and_law · Post #303 · 09.05.2024 г., 07:04
Noyb Files GDPR Complaint Against OpenAI Over Inaccurate ChatGPT Data
European data privacy watchdog noyb has filed a complaint against OpenAI, alleging violations of the General Data Protection Regulation (GDPR).
The complaint centers on OpenAI's inability to rectify inaccurate personal data generated by its chatbot, ChatGPT. Noyb argues that such practices violate the GDPR's requirement for accurate personal data processing and individual rights to rectification and access.
The complaint details how OpenAI refused to correct an incorrect birthdate for a public figure, despite requests.
OpenAI defends its stance by citing ongoing research on factual accuracy in large language models. They reportedly offered to filter or block data on specific prompts, but this could restrict access to all information about the individual.
Noyb further claims OpenAI failed to adequately respond to the individual's request to access information, another GDPR requirement.
The complaint requests the Austrian Data Protection Authority to:
✅ Investigate OpenAI's data processing practices regarding personal data accuracy.
✅ Order OpenAI to comply with the individual's access request.
✅ Enforce GDPR compliance by OpenAI.
✅ Impose a fine to deter future violations.
This case highlights the ongoing tension between technological innovation and data privacy regulations within the EU.
#DataProtection#GDPR#AIPrivacy
AI & Law@ai_and_law · Post #781 · 10.03.2026 г., 08:04
📖The Confidentiality Gap in Consumer AI
A new academic study, “You Trust Your Chatbot With Everything. Should You?”, compares five major consumer chatbots (ChatGPT, Gemini, Claude, Grok and DeepSeek) and maps the gap between the confidentiality users expect and what platforms actually provide. The findings are structural rather than scandalous: consumer chats are typically used for model training by default, can be reviewed by human annotators, may feed advertising personalization, and often flow through a complex operational supply chain. As chatbots evolve into persistent assistants with memory and long-term personalization, conversations increasingly contain detailed narratives about health, finances, relationships, and legal concerns — disclosures far deeper than typical search queries.
The study argues that current safeguards rely primarily on policy promises and interface warnings rather than architectural guarantees. Its central proposal is “Sealed Mode” — a privacy-by-design pathway for sensitive topics such as health or wellbeing, where conversations would not be used for training, would avoid advertising and cross-service sharing, would limit human access, and would follow strict retention rules. T
#AIgovernance#AIprivacy#AIlaw#DataProtection#ResponsibleAI
AI & Law@ai_and_law · Post #566 · 09.05.2025 г., 07:04
🇪🇺New Privacy Risk Playbook for LLMs: Practical Tools, GDPR Alignment
A new report, AI Privacy Risks & Mitigations for Large Language Models (LLMs), delivers a structured risk management framework tailored for LLM systems, offering concrete mitigation strategies against the most common privacy threats in AI. Beyond theory, the document brings practical value: real-world use cases illustrate how to operationalize privacy risk controls in active deployments.
Crucially, this framework is designed to align with GDPR requirements — notably, Article 25 on Data Protection by Design and Default, and Article 32 on Security of Processing. By detailing technical and organizational measures, it equips developers and AI system users to systematically detect, assess, and address privacy vulnerabilities while supporting compliant and responsible AI rollout.
#AIPrivacy#LLM#GDPR#AIGovernance
AI & Law@ai_and_law · Post #784 · 13.03.2026 г., 07:04
👓Report Raises Privacy Concerns Over Data Annotation for Meta Smart Glasses
A media investigation reports that workers reviewing data for Meta have watched sensitive footage recorded by Ray-Ban Meta smart glasses, including videos showing people in private situations such as using the bathroom or changing clothes. The report is based on interviews with more than 30 employees of Sama, a contractor from Kenia providing data annotation services for Meta’s AI systems. According to interviewed workers, some videos captured by the smart glasses showed intimate scenes, including people having sex or partners leaving bathrooms unclothed.
The investigation was conducted by Svenska Dagbladet, Göteborgs-Posten, and journalist Naipanoi Lepapa. Employees cited in the report said reviewing such content created discomfort but was part of their assigned annotation work. The report describes a continuous flow of potentially privacy-sensitive material being processed for training and improving Meta’s AI systems.
Meta confirmed that content shared with its AI services may be reviewed by contractors to improve user experience. According to the company’s privacy policies, photos, videos, voice recordings, and transcripts generated through interactions with Meta AI or cloud processing on its smart glasses may be analyzed using machine learning and human reviewers, including third-party vendors.
#AIPrivacy#DataAnnotation#AIGovernance#AIethics#SurveillanceTech#WearableAI#PlatformResponsibility