Ireland's Data Protection Commission (DPC) has launched an inquiry into Google to assess whether the company's development of its artificial intelligence (AI) model aligns with EU data protection laws.
The investigation will examine if Google adhered to the General Data Protection Regulation (GDPR) while developing its Pathways Language Model 2 (PaLM 2).
The DPC, the authority responsible for overseeing GDPR in Ireland, announced the investigation in a press release on September 12.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
Is Your Crypto Safe? (5 Best Crypto Security Practices Explained)
The inquiry will focus on how personal data of EU citizens may have been used in training PaLM 2.
PaLM 2, launched in May 2023, has introduced improved multilingualism, reasoning, and coding capabilities. It comes in four sizes—Gecko, Otter, Bison, and Unicorn—and is designed for a range of use cases.
In its announcement, the DPC highlighted the importance of conducting a Data Protection Impact Assessment (DPIA) for projects that pose high risks to personal data. The regulator noted:
This statutory inquiry forms part of the wider efforts of the DPC, working in conjunction with its EU/EEA peer regulators, in regulating the processing of the personal data of EU/EEA data subjects in the development of AI models and systems.
A week ago, the DPC wrapped up a separate investigation into the social media platform X. On September 4, X agreed to halt using EU and European Economic Area (EEA) users' personal data to train its AI chatbot, Grok.
X has also faced regulatory challenges outside of Europe. In late August, Brazilian regulators suspended X after its owner, Elon Musk, declined to appoint a legal representative for the company in Brazil. The suspension was upheld by the Brazilian Supreme Court on September 2.
With the new investigation into Google's PaLM 2, the DPC is making it clear that the use of personal data in developing AI models will be closely scrutinized to ensure compliance with GDPR and the protection of EU citizens' privacy.