Britain’s data watchdog has sounded the alarm for tech companies to take heed of individuals’ privacy when it comes to developing chatbots. This comes in light of the order from Italy’s Information Commissioner’s Office (ICO) for ChatGPT, a prominent AI-based system, to be temporarily blocked due to potential infringement on data protection rights.
The UK’s ICO clarified that under the GDPR, firms creating and using chatbots must obtain clear consent from people whose personal information is to be used. Alternatively, they can demonstrate “legitimate interest” in harvesting said data. The ICO released a checklist with these rules and regulations relating to such practices.
Companies must evaluate the effects of data protection and counteract potential risks, such as leaks of personal information and membership inference attacks, where someone might try to guess if a specific individual was used in the training for an LLM. Emphasize the importance of safeguarding sensitive data by utilizing data protection impact assessments to minimize these threats.