head of his latest round of biannual meetings with US officials, including attorney general Merrick Garland in Washington, DC, tomorrow, Reynders told WIRED why the US needs to finally step up, where a probe into ChatGPT is headed, and why he made contentious comments about one of the world’s most prominent privacy activists. His bicoastal tour began with a Waymo robotaxi ride through San Francisco (he gave it a rave review) and include meetings with Google and California’s privacy czar.
It’s been five years since the EU’s stringent privacy law, the GDPR, went into effect, giving Europeans new rights to protect and control their data. Reynders has heard a series of proposals for how the US could follow suit, including from Meta CEO Mark Zuckerberg and other tech executives, Facebook whistleblowers, and members of Congress and federal officials. But he says there has been no “real follow up.”
Although the US Federal Trade Commission has reached settlements with tech companies requiring diligence with user data under threat of fines, Reynders is circumspect about their power. “I’m not saying that this is nothing,” he says, but they lack the bite of laws that open the way to more painful fines or lawsuits. “Enforcement is of the essence,” Reynders says. “And that’s the discussion that we have with US authorities.”
Now Reynders fears history is repeating with AI regulation, leaving this powerful category of technology unchecked. Tech leaders such as Sam Altman, CEO of ChatGPT developer OpenAI, says they want new safeguards, but American lawmakers seem unlikely to pass new laws.
“If you have a common approach in the US and EU, we have the capacity to put in place an international standard,” Reynders says. But if the EU’s forthcoming AI Act isn’t matched with US rules for AI, it will be more difficult to ask tech giants to be in full compliance and change how the industry operates. “If you’re doing that alone, like for the GDPR, that takes some time and it slowly spreads to other continents,” he says. “With real action on the US side, together, it will be easier.”
ChatGPT is in the crosshairs of both privacy and AI-specific regulatory efforts.
OpenAI in April updated its privacy options and disclosures after Italy’s data protection authority temporarily blocked ChatGPT, but the conclusions of a full investigation into the comp