Italy's data protection authority, the Garante per la protezione dei dati personali, has notified OpenAI, the maker of ChatGPT, of potential violations of the European Union's General Data Protection Regulation (GDPR). The authority stated that there is evidence of breaches related to privacy laws in the region. The investigation, which was initiated ten months ago, focuses on the collection of personal data and age protections.

OpenAI had previously faced a temporary ban on ChatGPT in Italy, which was subsequently lifted in late April 2023 after the company implemented privacy controls and an opt-out form to remove personal data from processing by the large language model. However, the Italian DPA's recent findings, not yet disclosed publicly, have raised concerns about sensitive information exposure and the potential risk to younger users from inappropriate content generated by the chatbot.

In response to these allegations, OpenAI has been given a deadline of 30 days to provide a response. The company has stated that its practices align with GDPR and other privacy laws and that it takes additional measures to protect data and privacy.

Meanwhile, Apple has expressed deep concerns about proposed amendments to the U.K. Investigatory Powers Act (IPA), which could grant the government unprecedented power to "secretly veto" privacy and security updates to its products and services. The tech giant warned that this overreach by the government could prevent Apple from offering new user protections globally if enacted.

The U.K. Home Office argues that adopting secure communications technologies, including end-to-end encryption, should not come at the expense of public safety or the need to protect national security from threats such as child sexual abusers and terrorists. The proposed amendments aim to enhance the intelligence services' ability to respond swiftly to existing and emerging national security threats.

As part of the proposed changes, technology companies would be required to notify the U.K. government of any technical modifications that could affect their lawful access capabilities for government data requests. The government clarifies that the amendments do not grant powers for the Secretary of State to approve or refuse technical changes but instead focus on providing operational partners with adequate time to adapt their investigative techniques.

Apple had previously stated that it would rather discontinue offering iMessage and FaceTime services in the U.K. than compromise on user privacy and security.

The investigations facing OpenAI in Italy and the concerns expressed by Apple in the U.K. highlight the ongoing battle between protecting user privacy and ensuring public safety in the digital age.