South Korean Regulator Penalizes ChatGPT For Violating Privacy Of 687 Citizens
OpenAI, the operator of the generative chatbot ChatGPT, has been fined 3.6 million won ($2,829) by South Korea’s Personal Information Protection Commission (PIPC) for the disclosure of personal information belonging to 687 individuals.
According to OpenAI, a now-fixed bug in the open source library ChatGPT caused a cache problem in March.
It caused ChatGPT Plus subscribers’ payment information to be inadvertently exposed for nine hours, including first and last names, email addresses, the last four digits of credit card numbers, and credit card expiration dates, Yonhap reported.
A total of 687 users in South Korea have been confirmed among those affected by the exposure.
The PIPC said it has fined OpenAI for breaching its duty to report a leak to authorities within 24 hours of discovering a leak. But the data protection watchdog said the company could not be held responsible for lax data protection measures.
The watchdog has also recommended that OpenAI take measures to prevent the incident from happening again, comply with South Korea’s Personal Data Protection Act and actively cooperate with the commission’s previous inspection efforts, it said.