8 comments

[ 4.7 ms ] story [ 31.4 ms ] thread
I wonder if they'll need to start using a filter that runs on output to verify if they information was supposed to be deleted/corrected. Would that even be allowed?
The Google Bard frontend currently does this with searches and highlights its own "mistakes" if it finds them, or presents evidence if it doesn't. I presume they'd have to show that it's effective in this case.
> Would that even be allowed?

GDPR specifically carves out an exception, allowing companies to store data for the sole purpose of making sure it stays deleted. I don't think generally the idea is to store all the "deleted" data and scrub it from the output but just to store some key. E.g. it's permissible to store first name/last name/date of birth, so you can ensure a specific persons data does not accidentally re-enter a database.

So... maybe? There's something to be argued here for sure and I suspect we'll see that argument play out in court sooner or later.

Could they give ChatGPT a big memory of corrections, and ask it to make the corrections when needed?
Yes, but it wouldn't actually work.
> However, the group expected it to be forwarded to the Irish authority since OpenAI is located there.

Of course it is.

I just thought what kind of narcissistic public figure would sue an AI chatbot because it got his birth date wrong, but then again these people are hyenas.
From what I'm gathering:

1. "The erasure request concerned specifically the data subject’s incorrect date of birth" and was "with regard to what data was used to train the algorithm"

2. "some data concerning him are online, his birthdate is not"

3. OpenAI offered filtering at inference, but noyb rejected this as it only applies "at the final output stage of the processing"

It's unclear to me what personal information they actually want erased. If his birthdate is not online, it won't have been in the training set (either accurate or inaccurate).