In 2022, OpenAI amazed the world with its breakthrough technology when it first launched ChatGPT. Flashforward to 2024, the AI tech giant now faces severe backlash from an activist group, None Of Your Business (NOYB), for violating multiple provisions enshrined in the European Union’s General Data Protection Regulation (GDPR). The activist group filed a formal complaint with the Austrian Data Protection Authority when it failed to answer the date of birth of a known personality accurately and to comply with the data subject's requests for access, correction, and erasure.
Overview of ChatGPT’s Hallucination & NOYB’s Complaint
NOYB, a non-profit organization, founded by Max Schrems, filed in its complaint that the organization asked the generative AI application about the date of birth of its founder. The algorithm gave incorrect, made-up answers in response to the prompt. The model uses vast volumes of datasets, mostly public data, to generate responses “to user requests by predicting the next most likely words that might appear in response to each prompt.” Since the date of birth of the data subject (Max Schrems) isn’t available online, the algorithm couldn’t provide accurate results and rather ‘hallucinated’ false answers. In its report, NOYB reiterated that LLMs are known for their hallucinations, which occur when the model analyzes patterns that are nonexistent, producing illogical responses and therefore, if it cannot be accurate about a person’s personal details, it should not be allowed to provide them in the first place.
Upon receiving an incorrect response, the complainant filed data subject requests with the controller for access, correction, and erasure of his personal data in ChatGPT NOYB claimed that OpenAI failed to fully provide any information regarding the data processed through the model and also admitted it could not comply with the correction and erasure request as “there is no way to prevent its systems from displaying the data subject’s inaccurate date of birth in the output.”
Violations of Crucial GDPR Articles
The complaint's most important points lie in two crucial issues that breach several GDPR provisions, as highlighted by NOYB: limited access to data and inaccurate information. Let’s take a quick look at the provisions that the controller violated.
Article 5(1)(d) GDPR
Article 5(1)(d) of the GDPR obligates that the controller must make sure that the personal data of the data subjects is accurate and kept up to date. However, in NOYB’s case, the controller refused to rectify or completely remove the inaccurate information, arguing that it could block the data, preventing it from appearing, but in doing so, it would filter all the information pertaining to the data subject. NOYB argued in its complaint that “as long as ChatGPT keeps showing inaccurate data on the respondent, the controller violates Article 5(1)(d) GDPR.”
NOYB requested the Austrian Data Protection Authority to investigate the matter and use its authority to order the controller to take corrective measures. The non-profit organization further suggested the authority to impose an administrative fine “to guarantee the controller’s future compliance with the GDPR.”
Articles 15 and 17 of GDPR
Articles 15 and 17 of the GDPR provide the right of access and erasure to the data subjects, while Article 12 of the GDPR provides “transparent information, communication and modalities for the exercise of the rights of the data subject.” Date of birth comes under the category of personal data in the GDPR, which means added measures must be taken to ensure the appropriate handling, security, and accuracy of the data collected, stored, and processed by the controller. NOYB claims that the controller breached many rules in the GDPR, especially Articles 12(3) and 17, by failing to provide access to the information processed by the large language model, i.e., ChatGPT, and also by failing to correct or delete the falsified information.
What Do We Learn From It? Why Does an LLM Firewall Matter?
Large Language Models, such as GenAI, are highly prone to mistakes as they use massive volumes of datasets for training and fine-tuning. Since these datasets also include personally identifiable information (PII), including sensitive personal data, it becomes paramount to have strict controls and policies to safeguard data against unauthorized access or sensitive data exposure.
In OpenAI’s case, they couldn’t fulfill the request to access personal information and rectify or remove inaccurate information because once an LLM model ingests personal data, it's arguably impossible to scrub that data from it. Without having appropriate controls around data when it interacts with LLMs, similar scenarios may occur, compelling businesses to face heavy fines and penalties as well as a tarnished reputation.
Here, LLM Firewalls are a viable solution, enabling enterprises to filter out harmful responses, retrievals, and prompts. These firewalls are placed at different instances of LLM interactions and protect the model and data from various internal and external threats. A robust policy framework can be implemented to redact sensitive data or block hallucinations.
Read on to Learn More About LLM
Protect Your LLM Landscape with Securiti’s Context-Aware LLM Firewalls
Securiti offers a new category of context-aware, distributed LLM Firewall. The solution is built to protect the LLMs against prohibited topics, hallucinations, harmful content, and sensitive data exposure. Our LLM Firewall solution offers features that include:
- Sensitive data protection with inline detection, classification, and sanitization.
- Automated sensitive data detection, classification, and redaction.
- Toxic content prevention and tone and guidelines compliance.
- Compliance with global data and AI regulations and industry frameworks.
Request a demo today to learn.
