The UK data protection authority ICO issued a preliminary enforcement notice against Snapchat last Friday (October 6). The platform is suspected of not assessing the data security risks of its AI bot “My AI”.
“My AI” is Snapchat’s generative chatbot launched this year. It runs on ChatGPT, which has previously raised data protection concerns in the EU.
Snapchat’s chatbot is the first AI developed from a major messaging platform available in the UK.
According to one of their blog posts, the Interim Notice issued by the ICO in this case means that the Data Protection Commissioner’s Office will have to take action against the company. If the enforcement notice is final, Snapchat may be forced to stop processing data related to My AI.
The Information Commissioner’s Office found that a risk assessment carried out by Snapchat before introducing My AI “did not adequately assess the privacy risks posed by emerging AI technology, particularly to children”.
“The initial findings of our investigation are concerning that Snapchat failed to adequately identify and assess privacy risks to children and other users before introducing My AI,” said UK Information Commissioner John Edwards.
However, a Snapchat spokesperson told Euractiv that it went through a “robust legal and privacy review process” before releasing “My AI.”
Compared to ChatGPT There is “MyAI”. “Additional security enhancements and controls unique to Snapchat.”
For example, “My AI” takes into account the age of the user during the conversation. Anyone using Snapchat’s Family Center can see if their kids have interacted with “My AI.”
“All content shared with ‘My AI’ is saved until you delete it,” Snapchat’s blog post says.
“We have made it clear that companies need to weigh the risks associated with AI against the benefits. “Today’s interim enforcement notice shows that we will take action to protect the data protection rights of UK consumers,” Edwards added last Friday. He may have been referring to warning The June ICO has asked companies using generative AI to comply with data protection obligations.
Snapchat told Euractiv, “We are closely reviewing the initial outcome of the ICO. As with the ICO, we are committed to protecting the privacy of our users.
“We will continue to work constructively with the ICO to ensure they agree with our risk assessment procedures.”
Although this is possible, this does not mean that a current notice necessarily violates data protection law or that a final notice of data protection enforcement will necessarily follow.
It is currently unknown whether the European Commission is planning a similar move. The commission did not respond to Uractiv’s request by the time the article was published.
[Bearbeitet von Alice Taylor]
“Communicator. Entrepreneur. Introvert. Passionate problem solver. Organizer. Social media ninja.”