OpenAI was fined by South Korea’s privacy regulator for failing to report ChatGPT leaked user information in a timely manner

OpenAI was fined by South Korea’s privacy regulator for failing to report ChatGPT leaked user information in a timely manner

OpenAI was fined by South Korea’s privacy regulator for failing to report ChatGPT leaked user information in a timely manner.

South Korea’s Personal Information Protection Commission (PIPC) said on Thursday it fined OpenAI 3.6 million won (about $2,829), the operator of artificial intelligence chat tool ChatGPT, for leaking the personal information of 687 South Korean users.

OpenAI previously said that in March, a now-patched bug in an open-source library on ChatGPT created a caching issue that caused payment information for ChatGPT Plus users to be inadvertently visible over a nine-hour window, including names. , email address, last four digits of the credit card number, and the credit card expiration date.

South Korea’s Personal Information Protection Commission (PIPC) said a total of 687 users in South Korea were confirmed to be affected. The agency said OpenAI was fined for violating its obligation to report the leak to authorities within 24 hours of discovering it.

But the privacy watchdog concluded that OpenAI was not responsible for lax protections for personal information.

The agency also recommended that OpenAI take measures to prevent the recurrence of the incident, comply with South Korea’s personal information protection law, and actively cooperate with the committee’s prior inspection activities.