[perryizgr8]

EU has a GDPR problem. GDPR treats common people like unthinking automatons, unable to exercise agency when it comes to data privacy online. If I think that Google is collecting too much data (I can read their terms, or read articles other people write about the terms), I will stop using Google's services. It's only because the calculus returns a net positive for me that I continue.

If EU really cares about human rights, they should remove GDPR and embark upon an awareness campaign. Tell people that the only way to pay for free online services is with their private data. If people still opt to do that, it's up to them.

[hankman86]

Last I looked, the GDPR gives “data subjects” (=regular citizens) autonomy over their data in the first place. Your argument is rather flawed: how does it help well-informed people to merely know that LLMs use personal information in their training data sets when they cannot legally block OpenAI and others from doing that? What exactly is the upside for individuals when some LLM “knows” personal details about them? I cannot think of anything. By contrast, the misuse potential is huge.

Yes, laws like the GDPR are inconvenient and costly to comply with. But they exist because personal data is harvested, monetised otherwise and used without the individuals’ consent. Which is never to their advantage.

[Thiebaut]

You are very right. There’s a reason GDPR was adopted and that is to prevent harm to data subjects, or misuses of their data. At a deeper level it actually benefits everyone - including companies themeselves because it allows them to anticipate and eleminate problems before they happen. A good example is openai’s data breach. Had they implemented GDPR security precautions it would likely never have happened. They end up reacting by putting security measures in place, which is what gdpr requested in the first place… You end up implementing gdpr anyway…