The Data Protection Commission (DPC), the Irish supervisory authority for the General Data Protection Regulation (GDPR), has started a cross-border investigation into Google Ireland Limited to determine whether Google followed EU data protection laws while developing its artificial intelligence model.
According to a statement from DPC issued Sept. 12, the regulator will investigate the use of EU citizens’ personal data in training Google’s Pathways Language Model 2 (PaLM2) .
DPC explains what cross-border statutory inquiry into Google Ireland means. Source: DPC
Introduced on May 10, 2023, PaLM2 is an advanced language model featuring enhanced multilingual, reasoning, and coding abilities.
DPC said in its statement that a Data Protection Impact Assessment is of “crucial importance in ensuring that the fundamental rights and freedoms of individuals are adequately considered and protected when the processing of personal data is likely to result in a high risk.” Elaborating, DPC stated:
"This statutory inquiry forms part of the wider efforts of the DPC, working in conjunction with its EU/EEA (European Economic Area) peer regulators, in regulating the processing of the personal data of EU/EEA data subjects in the development of AI models and systems."
During its launch, Google said that PaLM 2 is faster and more efficient than previous models. It is available in four sizes — Gecko, Otter, Bison, and Unicorn — suitable for various use cases.
Gecko is lightweight and performs well on mobile devices, even offline. The tech giant said it would also release version updates for PaLM 2 as it is integrated into products.
DPC continues to investigate tech companies
The investigation comes just a week after the DPC concluded its probe into social media platform X after it agreed to meet the compliance requirements.
On Sept. 4, X agreed to stop using personal data from users in the EU and European Economic Area (EEA). This data had previously been used to train its artificial intelligence chatbot, Grok.
Source: DPC
X announced that it would delete data collected between May 7 and Aug. 1 and committed to refraining from gathering any additional data for the purpose of developing, improving, or training Grok.
Regulators tighten oversight to protect users
Regulators across jurisdictions have tightened their oversight of Web3, AI, cryptocurrency and related businesses in an attempt to protect users from personal harm or losing money while trading.
On Aug. 30, regulators in Brazil suspended X after its owner, Elon Musk, refused to name a legal representative for the company in Brazil. The Brazilian Supreme Court upheld the order on Sept. 2 in a unanimous decision by five justices.
In July, crypto exchange Coinbase’s United Kingdom arm was fined $4.5 million by a British regulator for breaching a voluntary agreement related to user onboarding.
Earlier this month, South Korea’s financial regulator, the Financial Supervisory Service (FSS), reportedly will inspect virtual asset exchanges for suspicious or illegal transactions. The regulator intends to ensure that crypto exchanges and related companies comply with the regulations.
As of June 1, operating an unlicensed virtual asset trading platform became a criminal offense in Hong Kong. Some applicants received initial approvals from the city’s regulator but have yet to be fully licensed.
Magazine: AI may already use more power than Bitcoin — and it threatens Bitcoin mining