First of many? How Italy’s ChatGPT ban could trigger a wave of AI regulation

Regulation

Italy has recently made headlines by becoming the first Western country to ban the popular artificial intelligence (AI)-powered chatbot ChatGPT.

The Italian Data Protection Authority (IDPA) ordered OpenAI, the United States-based company behind ChatGPT, to stop processing Italian users’ data until it complies with the General Data Protection Regulation (GDPR), the European Union’s user privacy law.

The IDPA cited concerns about a data breach that exposed user conversations and payment information, the lack of transparency, and the legal basis for collecting and using personal data to train the chatbot.

The decision has sparked a debate about the implications of AI regulation for innovation, privacy and ethics. Italy’s move was widely criticized, with its Deputy Prime Minister Matteo Salvini saying it was “disproportionate” and hypocritical, as dozens of AI-based services like Bing’s chat are still operating in the country.

Salvini said the ban could harm national business and innovation, arguing that every technological revolution brings “great changes, risks and opportunities.”

AI and privacy risks

While Italy’s outright ChatGPT ban was widely criticized on social media channels, some experts argued that the ban might be justified. Speaking to Cointelegraph, Aaron Rafferty, CEO of the decentralized autonomous organization StandardDAO, said the ban “may be justified if it poses unmanageable privacy risks.”

Rafferty added that addressing broader AI privacy challenges, such as data handling and transparency, could “be more effective than focusing on a single AI system.” The move, he argued, puts Italy and its citizens “at a deficit in the AI arms race,” which is something “that the U.S. is currently struggling with as well.”

Recent: Shapella could bring institutional investors to Ethereum despite risks

Vincent Peters, a Starlink alumnus and founder of nonfungible tokens project Inheritance Art, said that the ban was justified, pointing out that GDPR is a “comprehensive set of regulations in place to help protect consumer data and personally identifiable information.”

Peters, who led Starlink’s GDPR compliance effort as it rolled out across the continent, commented that European countries who adhere to the privacy law take it seriously, meaning that OpenAI must be able to articulate or demonstrate how personal information is and isn’t being used. Nevertheless, he agreed with Salvini, stating:

“Just as ChatGPT should not be singled out, it should also not be excluded from having to address the privacy issues that almost every online service needs to address.”

Nicu Sebe, head of AI at artificial intelligence firm Humans.ai and a machine learning professor at the University of Trento in Italy, told Cointelegraph that there’s always a race between the development of technology and its correlated ethical and privacy aspects.

Sebe said the race isn’t always synchronized, and in this case, technology is in the lead, although he believes the ethics and privacy aspects will soon catch up. For now, the ban was “understandable” so that “OpenAI can adjust to the local regulations regarding data management and privacy.”

The mismatch isn’t isolated to Italy. Other governments are developing their own rules for AI as the world approaches artificial general intelligence, a term used to describe an AI that can perform any intellectual task. The United Kingdom has announced plans for regulating AI, while the EU is seemingly taking a cautious stance through the Artificial Intelligence Act, which heavily restricts the use of AI in several critical areas like medical devices and autonomous vehicles.

Has a precedent been set?

Italy may not be the last country to ban ChatGPT. The IDPA’s decision to ban ChatGPT could set a precedent for other countries or regions to follow, which could have significant implications for global AI companies. StandardDAO’s Rafferty said:

“Italy’s decision could set a precedent for other countries or regions, but jurisdiction-specific factors will determine how they respond to AI-related privacy concerns. Overall, no country wants to be behind in the development potential of AI.”

Jake Maymar, vice president of innovation at augmented reality and virtual reality software provider The Glimpse Group, said the move will “establish a precedent by drawing attention to the challenges associated with AI and data policies, or the lack thereof.”

To Maymar, public discourse on these issues is a “step in the right direction, as a broader range of perspectives enhances our ability to comprehend the full scope of the impact.” Inheritance Art’s Peters agreed, saying that the move will set a precedent for other countries that fall under the GDPR.

For those who don’t enforce GDPR, it sets a “framework in which these countries should consider how OpenAI is handling and using consumer data.” Trento University’s Sebe believes the ban resulted from a discrepancy between Italian legislation regarding data management and what is “usually being permitted in the United States.”

Balancing innovation and privacy

It seems clear that players in the AI space need to change their approach, at least in the EU, to be able to provide services to users while staying on the regulators’ good side. But how can they balance the need for innovation with privacy and ethics concerns when developing their products?

This is not an easy question to answer, as there could be trade-offs and challenges involved in developing AI products that respect users’ rights.

Joaquin Capozzoli, CEO of Web3 gaming platform Mendax, said that a balance can be achieved by “incorporating robust data protection measures, conducting thorough ethical reviews, and engaging in open dialogue with users and regulators to address concerns proactively.”

StandardDAO’s Rafferty stated that instead of singling out ChatGPT, a comprehensive approach with “consistent standards and regulations for all AI technologies and broader social media technologies” is needed.

Balancing innovation and privacy involves “prioritizing transparency, user control, robust data protection and privacy-by-design principles.” Most companies should be “collaborating in some way with the government or providing open-source frameworks for participation and feedback,” said Rafferty.

Sebe noted the ongoing discussions on whether AI technology is harmful, including a recent open letter calling for a six-month stop in advancing the technology to allow for a deeper introspective analysis of its potential repercussions. The letter garnered over 20,000 signatures, including tech leaders like Tesla CEO Elon Musk, Apple co-founder Steve Wozniak and Ripple co-founder Chris Larsen — among many others.

The letter raises a valid concern to Sebe, but such a six-month stop is “unrealistic.” He added:

“To balance the need for innovation with privacy concerns, AI companies need to adopt more stringent data privacy policies and security measures, ensure transparency in data collection and usage, and obtain user consent for data collection and processing.”

The advancement of artificial intelligence has increased the capacity it has to gather and analyze significant quantities of personal data, he said, prompting concerns about privacy and surveillance. To him, companies have “an obligation to be transparent about their data collection and usage practices and to establish strong security measures to safeguard user data.”

Other ethical concerns to be considered include potential biases, accountability and transparency, Sebe said, as AI systems “have the potential to exacerbate and reinforce pre-existing societal prejudices, resulting in discriminatory treatment of specific groups.”

Mendax’s Capozzoli said the firm believes it’s the “collective responsibility of AI companies, users and regulators to work together to address ethical concerns, and create a framework that encourages innovation while safeguarding individual rights.”

Recent: Pro-XRP lawyer John Deaton ‘10x more into BTC, 4x more into ETH’: Hall of Flame

The Glimpse Group’s Maymar stated that AI systems like ChatGPT have “infinite potential and can be very destructive if misused.” For the firms behind such systems to balance everything out, they must be aware of similar technologies and analyze where they ran into issues and where they succeeded, he added.

Simulations and testing reveal holes in the system, according to Maymar; therefore, AI companies should seemingly strive for innovation, transparency and accountability.

They should proactively identify and address potential risks and impacts of their products on privacy, ethics and society. By doing so, they will likely be able to build trust and confidence among users and regulators, avoiding — and potentially reverting — the fate of ChatGPT in Italy.