[hankman86]

Last I looked, the GDPR gives “data subjects” (=regular citizens) autonomy over their data in the first place. Your argument is rather flawed: how does it help well-informed people to merely know that LLMs use personal information in their training data sets when they cannot legally block OpenAI and others from doing that? What exactly is the upside for individuals when some LLM “knows” personal details about them? I cannot think of anything. By contrast, the misuse potential is huge.

Yes, laws like the GDPR are inconvenient and costly to comply with. But they exist because personal data is harvested, monetised otherwise and used without the individuals’ consent. Which is never to their advantage.

[Thiebaut]

You are very right. There’s a reason GDPR was adopted and that is to prevent harm to data subjects, or misuses of their data. At a deeper level it actually benefits everyone - including companies themeselves because it allows them to anticipate and eleminate problems before they happen. A good example is openai’s data breach. Had they implemented GDPR security precautions it would likely never have happened. They end up reacting by putting security measures in place, which is what gdpr requested in the first place… You end up implementing gdpr anyway…