South Korea fines OpenAI's ChatGPT and Meta Platform for data breaches and privacy violations

Updated : Jul 28, 2023 16:36
|
Editorji News Desk

South Korea's Personal Information Protection Commission (PIPC) has recently imposed fines on tech giants OpenAI and Meta, the parent company of Facebook. OpenAI's chatbot, ChatGPT, has been fined 3.6 million won for a data breach incident on 27 July.

The breach was caused by a bug in an open-source library on ChatGPT, leading to the unintended exposure of personal information belonging to 687 South Korean citizens. The leaked data included payment details such as names, email addresses, the last four digits of credit card numbers, and credit card expiration dates of ChatGPT Plus subscribers. OpenAI confirmed the incident and acknowledged the affected users in South Korea.

The PIPC found that OpenAI failed to promptly report the data leakage to authorities within the required 24-hour period. Consequently, the company was held responsible for breaching its duty in protecting personal information. However, the commission also highlighted the need for enhanced personal information protection measures across the board.

To avoid similar incidents in the future, the PIPC has advised OpenAI to take preventive measures and adhere to South Korea's personal information protection law. The commission further urged the company to actively cooperate with the PIPC's inspection activities.

Meanwhile, Meta, the parent company of Facebook, has been slapped with a hefty fine of 7.4 billion won by the PIPC. This fine is related to the unauthorized collection and use of personal information for personalized online advertising.

The PIPC revealed that Meta had gathered personal information without obtaining proper user consent, and this violation took place before July 2018. The commission discovered that Meta secretly collected Facebook users' personal data through "Facebook Login," a feature that allows developers to integrate Facebook accounts with their applications or websites.

Previously, in September of the previous year, Meta had faced another fine of 30.8 billion won for failing to clearly inform users and obtain their consent when using their data for personalized advertisements.

Despite the seriousness of the offence, the PIPC has decided not to pursue a criminal complaint against Meta at this time. Instead, it granted the company a grace period to address the issues on its own and ensure compliance with data protection laws.

Also Watch: Frontier Model Forum: Google, Microsoft, OpenAI, Anthropic join hands to tackle AI related security risks

Meta

Recommended For You

editorji | Business

Parliamentary Panel bats for legal guarantee of MSP to protect farmers' interests

editorji | Business

Bihar fully prepared to create robust business ecosystem, investment safe: Dy CM Samrat Choudhary

editorji | Business

"If they tax us, we tax them...," Trump Signals Tough Trade Stance; Reciprocal Tariffs on India

editorji | Business

Top 5 Losers of NIFTY 50: A Day of Decline for Leading Stocks

editorji | Business

India's renewable energy capacity addition doubled to 15 GW in Apr-Nov: Pralhad Joshi