TL;DR:
- Google has postponed the launch of its generative AI chatbot, Bard, in the European Union (EU) due to concerns raised by the Irish Data Protection Commission (DPC).
- The DPC stated that Google did not provide adequate information and documentation prior to the planned launch date, leading to the delay.
- The specific concerns raised by the DPC regarding Bard have not been disclosed.
- Other EU data protection authorities have identified various data protection issues related to AI chatbots, including the legal basis for data processing, transparency requirements, AI-generated disinformation, and user rights.
- Bard’s launch timeline in the EU is currently uncertain, while OpenAI’s ChatGPT has been freely accessible to European users.
- The Irish DPC’s delay does not indicate a strict ban but emphasizes the need for sufficient information and compliance.
- The impact on the market will depend on how Google addresses the privacy concerns raised by the DPC and other EU data protection authorities.
Main AI News:
In a recent development, Google has postponed the launch of its generative AI chatbot, Bard, in the European Union (EU) this week in response to concerns raised by the Irish Data Protection Commission (DPC), which serves as the tech giant’s lead data protection authority in the region.
This delay comes in contrast to OpenAI’s approach, as the company had previously released a free research preview of its rival chatbot, ChatGPT, without any restrictions on global access. The DPC’s deputy commissioner, Graham Doyle, stated today that Google had informed the authority of its intention to launch Bard in the EU “this week.” However, Google failed to provide the necessary information to the regulator prior to the planned date, leading to the postponement of the launch.
Doyle expressed that the DPC had not received a detailed briefing or access to a data protection impact assessment (DPIA) or any supporting documentation at this point. As a matter of urgency, the DPC has requested this information from Google and has raised additional data protection inquiries. Consequently, Bard will not be launched this week.
The timeline for Bard’s launch in the EU remains uncertain. It is worth noting that European users have already been able to freely utilize similar large language model (LLM) technology for several months, as OpenAI did not impose access limitations during its ChatGPT research preview. Additionally, European users can easily access Google’s Bard by employing a VPN with a location set to the US or another market where the tool is available.
The DPC has not disclosed the specific concerns it has raised with Google regarding Bard. However, other EU data protection authorities have already highlighted numerous data protection issues associated with ChatGPT, which could also be relevant to Google’s case. These issues include the legal basis claimed for processing individuals’ data to train LLM AI models, compliance with transparency requirements mandated by regional privacy laws, and addressing problematic matters like AI-generated disinformation. Moreover, child safety issues and the provision of data access, rectification, and erasure rights to EU users have also been subjects of concern.
Doyle commented that the matter is currently under examination by the DPC, and once they receive further answers from Google, they will share information with other data protection authorities. In April, EU data protection authorities agreed to establish a task force through the European Data Protection Board to coordinate enforcement actions related to ChatGPT. The DPC is expected to contribute its findings to this collective effort.
Earlier this spring, OpenAI’s ChatGPT caught the attention of several EU data protection authorities and was temporarily suspended in Italy in April after an intervention by the local DPA, Garante. Unlike Google, OpenAI does not have a major establishment in any EU Member State, which grants competence to all EU DPAs to intervene under the General Data Protection Regulation (GDPR) if they have concerns. In contrast, only the Irish DPC is empowered to oversee Google’s chatbot.
Notably, the Irish DPC’s commissioner, Helen Dixon, has previously criticized hasty bans on generative AI chatbots and urged regulatory bodies to establish guidelines for applying the bloc’s rules to this technology before imposing restrictions. Hence, Ireland has not implemented a strict ban but rather a degree of delay linked explicitly to Google’s failure to provide adequate information, along with unspecified “data protection questions.”
In contrast to Garante’s intervention regarding ChatGPT, European users are unaware of the nature of the concerns raised by the DPC with regard to Google’s Bard. Therefore, it is difficult to assess the extent of the Irish regulator’s intervention in this powerful generative AI tool. It remains to be seen if this delay might lead to Google being compelled to provide comparable privacy disclosures as OpenAI and grant users greater control, as was the case with ChatGPT following the intervention in Italy. Ongoing investigations into ChatGPT’s GDPR compliance in multiple EU Member States further add to the complexity of the situation.
Conclusion:
Google’s delay in launching its AI chatbot Bard in the EU due to privacy concerns raised by the Irish DPC highlights the importance of addressing data protection issues in the deployment of AI technologies. This development underscores the need for companies to provide transparency, comply with privacy laws, and address concerns related to AI-generated disinformation and user rights. How Google responds to these concerns will determine the impact on the market and the acceptance of AI chatbots in the EU.
