Canadian officials have accused OpenAI of violating federal and provincial privacy regulations. Regulators cited excessive data collection and inadequate consent practices.
Canadian privacy authorities have formally alleged that OpenAI breached both federal and provincial privacy laws through its data handling practices.
The core complaints center on two issues: the scope of personal data OpenAI collected and the company's consent methodology. Regulators determined that OpenAI gathered more information than necessary and failed to properly obtain user permission before processing personal data.
The investigation represents a significant regulatory challenge to OpenAI's operations in Canada. Privacy frameworks north of the border impose strict requirements around data minimization and explicit consent—standards that differ from regulations in other jurisdictions where OpenAI operates.
The allegations underscore growing global scrutiny of AI companies' data practices. Multiple countries and regions have launched investigations into how generative AI firms collect, use, and store personal information. Canada joins the European Union and other nations in challenging OpenAI's compliance with local privacy standards.
Elon Musk's xAI has filed its first lawsuit against a Grok user accused of generating child sexual abuse material (CSAM) using the AI chatbot. The legal action marks a shift in how the company is addressing the issue.
US Homeland Security Investigations seized over 30,000 SIM cards across the country in June and July. The agency claims the operation dismantled infrastructure used in telephone fraud schemes.
Advanced Russian threat actors have adopted Clickfix, a social-engineering technique previously favored by financially motivated cybercriminals, according to recent security findings.
The Coca-Cola Company disclosed a ransomware attack on its Fairlife dairy subsidiary that has suspended US production. The company has not resumed operations at the affected facility.