#1 Middle East & Africa Trusted Cybersecurity News & Magazine |

40 C
Dubai
Sunday, June 22, 2025
HomeTopics 1AI & CybersecurityAI Inaccuracy Breaches Privacy: Noyb Files GDPR Complaint Against ChatGPT

AI Inaccuracy Breaches Privacy: Noyb Files GDPR Complaint Against ChatGPT

Date:

Related stories

Iran’s State TV Hijacked to Broadcast Protest Videos Satellite Hack amid Rising Tensions

On 18 June 2025, Iran’s state broadcaster, Islamic Republic of Iran...

Monster 7.3 Tbps DDoS Attack Blocked by Cloudflare in Historic Mitigation

In mid‑May 2025, Cloudflare successfully deflected the largest DDoS...

CISA Adds Actively Exploited Apple and TP-Link Vulnerabilities to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has...
spot_imgspot_imgspot_imgspot_img

The European Union’s General Data Protection Regulation (GDPR) is designed to safeguard the privacy of EU citizens. However, a recent complaint filed by the non-profit organization Noyb raises concerns about the potential for AI-powered chatbots like ChatGPT to violate these regulations.


Microsoft Office Home & Business 2021 (AMAZONE)

This article explores the details of Noyb’s complaint, the challenges of ensuring GDPR compliance with large language models (LLMs), and offers 10 recommendations for developers of AI-powered chatbots to navigate the legal landscape of personal data privacy.

Noyb’s complaint alleges that OpenAI, the developers of ChatGPT, are in violation of GDPR by failing to ensure the accuracy of personal data generated by their chatbot. The complaint stems from an incident where ChatGPT provided inaccurate birthdate information about a public figure.

Here’s why this case is significant:

  • GDPR’s Right to Rectification: The GDPR grants individuals the right to have inaccurate personal data about them rectified. Noyb argues that ChatGPT’s inability to correct demonstrably false information constitutes a GDPR violation.
  • Opaque AI Systems: The inner workings of complex AI models like ChatGPT are often opaque, making it challenging to identify the source of inaccuracies or ensure the veracity of generated information.
  • Potential for Reputational Harm: Inaccurate personal data generated by AI can have serious consequences, potentially damaging an individual’s reputation or causing emotional distress.

Microsoft Office Home & Business 2021 (AMAZONE)

10 Steps for GDPR-Compliant AI Development:

  1. Data Quality and Bias: Focus on high-quality training data to minimize bias and ensure the accuracy of generated information.
  2. Transparency and Explainability: Strive for greater transparency in AI models, allowing developers to identify and address potential sources of inaccuracy.
  3. User Control and Correction Mechanisms: Implement user controls that allow individuals to flag inaccurate information and request corrections within the AI system.
  4. Privacy by Design: Integrate data privacy considerations throughout the development process of AI-powered chatbots.
  5. Data Minimization: Collect and use only the minimum amount of personal data necessary for the chatbot’s functionality.
  6. Strong Data Security Measures: Implement robust security measures to safeguard personal data collected and processed by the AI model.
  7. Regular Audits and Testing: Conduct regular audits and testing to identify and address potential privacy risks associated with the AI chatbot.
  8. User Awareness and Education: Educate users about the limitations of AI-generated information and potential inaccuracies.
  9. Compliance with Data Protection Regulations: Ensure compliance with all relevant data protection regulations, including GDPR.
  10. Collaboration and Dialogue: Promote collaboration and dialogue between AI developers, policymakers, and legal experts to address emerging privacy challenges in the AI landscape.

Microsoft Office Home & Business 2021 (AMAZONE)

Conclusion

The Noyb vs. OpenAI case highlights the critical need for responsible development and deployment of AI-powered chatbots. By prioritizing data accuracy, transparency, and user control, developers can create AI systems that comply with GDPR and minimize the risk of privacy violations. As AI technology continues to evolve, ongoing collaboration between developers, legal experts, and policymakers is crucial to ensure a future where AI innovation thrives alongside robust data privacy protections. The path forward lies in striking a balance between technological advancement and responsible data stewardship, safeguarding the privacy of individuals in the digital age.

Ouaissou DEMBELE
Ouaissou DEMBELEhttp://cybercory.com
Ouaissou DEMBELE is a seasoned cybersecurity expert with over 12 years of experience, specializing in purple teaming, governance, risk management, and compliance (GRC). He currently serves as Co-founder & Group CEO of Sainttly Group, a UAE-based conglomerate comprising Saintynet Cybersecurity, Cybercory.com, and CISO Paradise. At Saintynet, where he also acts as General Manager, Ouaissou leads the company’s cybersecurity vision—developing long-term strategies, ensuring regulatory compliance, and guiding clients in identifying and mitigating evolving threats. As CEO, his mission is to empower organizations with resilient, future-ready cybersecurity frameworks while driving innovation, trust, and strategic value across Sainttly Group’s divisions. Before founding Saintynet, Ouaissou held various consulting roles across the MEA region, collaborating with global organizations on security architecture, operations, and compliance programs. He is also an experienced speaker and trainer, frequently sharing his insights at industry conferences and professional events. Ouaissou holds and teaches multiple certifications, including CCNP Security, CEH, CISSP, CISM, CCSP, Security+, ITILv4, PMP, and ISO 27001, in addition to a Master’s Diploma in Network Security (2013). Through his deep expertise and leadership, Ouaissou plays a pivotal role at Cybercory.com as Editor-in-Chief, and remains a trusted advisor to organizations seeking to elevate their cybersecurity posture and resilience in an increasingly complex threat landscape.

Subscribe

- Never miss a story with notifications

- Gain full access to our premium content

- Browse free from up to 5 devices at once

Latest stories

spot_imgspot_imgspot_imgspot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here