Complete article-by-article violation matrix. Each violation is mapped to specific evidence from network captures, browser cache, or OpenAI's own data export. Maximum penalty: 4% of global annual turnover per Article 5 violation.
| Article | Violation | Primary Evidence | Max Penalty |
|---|---|---|---|
| Art. 5(1)(a) | Transparency — RLHF pipeline not disclosed; concealment by design (system prompt instructs model to hide feedback application) | IndexedDB concealment prompt · 000034.ldb |
4% turnover |
| Art. 5(1)(b) | Purpose limitation — RLHF training is incompatible with service delivery; implicit feedback sent without consent to new purpose | implicit_message_feedback (9 calls, no user action) |
4% turnover |
| Art. 5(1)(c) | Data minimisation — 271 telemetry events per session including character counts, keystroke method, copy/paste content (10 paste events, 9 copy events) | CES_V1_T_EVENTS_271.json |
4% turnover |
| Art. 5(1)(d) | Accuracy — UI displayed gpt-4o; server processed with gpt-5-2 on 4 confirmed turns (message IDs on file); inaccurate data disclosed to user | conversations.json model_slug + DataDog TELEMETRY_INTAKE_20.json |
4% turnover |
| Art. 6(1) | No lawful basis for RLHF processing — ToS acceptance ≠ GDPR consent; implicit feedback processing lacks legal basis | implicit_feedback + weight=1.0 on all messages |
4% turnover |
| Art. 7(3) | Opt-out not honoured — isOptedOut: false recorded in session cookie after stated withdrawal; all messages remain weight=1.0 RLHF eligible | oai-client-auth-info cookie · IndexedDB 000034.ldb |
4% turnover |
| Art. 9(1) | Special category data — psychotherapy, mental health, medication, sexual orientation processed for RLHF without Art. 9(2)(a) explicit consent; 302 Art.9 events across all HARs | CES: "Psychotherapy mode questions" conversation · Conversation Rating Shown trigger |
4% turnover |
| Art. 12 | No transparent disclosure — concealment architecturally enforced by RLHF system prompt: "Do not mention, suggest, or imply that this is a revision" | IndexedDB RLHF feedback injection prompt |
2% turnover |
| Art. 13(1)(c) | Purposes not disclosed — RLHF training, kaur1br5 A/B experiment, turn_topic_id queue field, sonic classifier not disclosed at point of collection | kaur1br5 in every HAR turn · turn_topic_id in all conduit tokens |
2% turnover |
| Art. 13(1)(e) | Processors not disclosed — Scale AI Lyon, Statsig Inc., DataDog Inc., Segment Inc. (Twilio), Microsoft Azure, Cloudflare, Mixpanel not listed as sub-processors | IndexedDB AZURE/AWS labels · HAR sub-processor calls |
2% turnover |
| Art. 15 | DSAR non-compliant — 122+ days since filing (5 Jan 2026), 81+ days past deadline (5 Feb 2026); hidden system message content stripped from export; 7 reviewer notes withheld | Cases 04911377, 05024844, 05261783, 05988760, 06092624, 06185169 |
Enforcement |
| Art. 17 | Erasure not confirmed — Azure blob storage URLs remain active in HAR captures after erasure request; US litigation hold may be preventing deletion | HAR Azure blob URLs · openai-unified-24-uksa001.blob.core.windows.net |
4% turnover |
| Art. 22 | Automated profiling — sonic classifier (snc-pg-sw-3cls-ev3) runs on all conversations; is_conversation_classifier_enabled_for_workspace: true confirmed; not disclosed | sonic_classifier config in vendor bundle · Mar17 HAR |
4% turnover |
| Art. 26 | Joint controllership — classifier snc-pg-sw-3cls-ev3 prefix "snc" consistent with Anthropic naming; if Anthropic co-determined purposes, joint controllership exists; no published agreement | snc-pg-sw-3cls-ev3 classifier identifier |
4% turnover |
| Art. 28(1) | No DPA for Scale AI, Statsig, DataDog, Segment — none provided in DSAR response despite being confirmed sub-processors from network evidence | Not in any DSAR response · 6 open case numbers |
2% turnover |
| Art. 44/46 | International transfers without safeguards — Statsig Inc. (US), Mixpanel Inc. (US, data breach Nov 2025), DataDog (US); no SCCs or IDTA produced | ab.chatgpt.com Statsig · Mixpanel isOptedOut:false at breach date |
4% turnover |
| CDPA 1988 s.17 | Copyright infringement — memoir constitutes literary work (109,093 words); weight=1.0 on all messages schedules it for RLHF training without licence | conversations.json weight=1.0 · 109,093-word memoir · CDPA 1988 s.17 |
Damages + injunction |
| CDPA 1988 s.80 | Moral rights — ChatGPT generated content in memoir style presented as author's work; RLHF system prompt conceals AI's role in revisions | HAR SSE stream · memoir session turns · IndexedDB concealment prompt |
Damages + injunction |
OpenAI's claimed lawful basis for Art. 9 data is ToS acceptance. EDPB Guidelines 05/2020 make clear that consent must be specific, informed, freely given, and unambiguous. Acceptance of terms of service does not meet this standard for special-category data processing.
Art. 6(4) compatibility test: RLHF training is a new purpose incompatible with providing a chat service. The link between purposes (chat vs model improvement), the context (reasonable expectations), the nature of the data (Art.9 health data), and the consequences (commercial model training) all fail the test.
The RLHF injection system prompt explicitly instructs the model not to disclose that human feedback was applied. This is not a passive transparency failure — it is architecturally enforced concealment. Under Art. 5(1)(a) this is a fundamental fairness violation of the highest severity.
All evidence files are SHA-256 hashed and RFC 3161 timestamped via FreeTSA.org (2026-03-22). The audit conducted 2026-03-22 verified all 48 claims with corrections documented. This is the strongest possible evidence posture for ICO and court proceedings.