ChatGPT is an OPEN AI product that is considered to be the most important Artificial Intelligence development in recent years. It is a trained language model (Generative Pre-trained Transformer) that provides coherent and natural responses to questions and text commands. It is mainly characterised by its ability to offer coherent answers to complex questions and its rapid learning and improvement in performance.
Its primary tasks include the following: translating languages, writing songs, writing blog posts, creating cooking recipes, answering research questions, generating code, and it has even passed university exams.
How does it work?
When given text input, it uses its GPT model to analyse the meaning and context of the input and generate a coherent response. Moreover, ChatGPT uses its prior knowledge and ability to continuously learn to improve its performance and provide more accurate and relevant answers to user questions.
How do I use it?
First, you must visit the Open AI website https://openai.com/ and register. Once the registration process is complete, you can get started with your free trial. But please keep in mind that you will need a paid subscription to access all of the product’s features.
At Bacaria, we recommend that you review its policies at https://openai.com/policies/usage-policies before using it.
How does ChatGPT affect Data Protection?
Is important to note that ChatGPT itself does not collect personal data. However, if the user enters it in the chat, the product processes it and generates responses based on the user’s information. It can also access the IP address, as well as the browser type and settings, mainly for security purposes.
Also it is advisable not to enter personal, confidential or sensitive data, since the team responsible for developing and maintaining ChatGPT may review conversations to improve the systems and for quality purposes.
Furthermore, OPEN AI ensures that computer security measures are used, such as data encryption, limited access to servers and the regular deletion of user data to avoid any risk of exposure and vulnerabilities.
What should I bear in mind in terms of data protection if I want to implement a ChatGPT chatbot at my company?
Said company, as the data controller of the data processed through the ChatGPT chatbot, must take into account the following implications:
- Identify the processing of personal data that will be carried out with ChatGPT in its Record of processing activities.
- Use one of the lawful bases set forth in Article 6 of the GDPR.
- Fulfil the duty to clearly and simply inform the interested party/user of the chatbot about the processing of their data.
- In the event that the ChatGPT chatbot is provided by a service provider, a data processing agreement must be signed. Alternatively, if it is implemented directly by the company, a processing agreement must be signed with OPEN AI, and to do so, you must contact them via the email provided on their website, stating that you need to sign said data processing agreement.
- Perform a Data Protection Impact Assessment to analyse the features of the ChatGPT chatbot, how personal data is collected and used, the impact on rights and freedoms, and which measures will be taken to protect personal data and mitigate privacy risks.
In summary, it is evident that the use of this type of technology can entail a risk to privacy, which is why the provisions of the Data Protection Regulation and other complementary regulations must be taken into account. At Bacaria, we have a team specialised in Artificial Intelligence and privacy and we will be happy to assist you.