Generative AI, such as OpenAI’s ChatGPT, needs to be regulated, but governing bodies must figure out how to do so properly before rushing into prohibitions that “really aren’t going to stand up”, Ireland’s data protection chief said on Thursday.

“It needs to be regulated and it’s about figuring out how to regulate it properly,” Ireland’s Data Protection Commissioner (DPC) Helen Dixon told a Bloomberg conference, saying the debate extended to thousands of ChatGPT equivalents.

“For the Irish data protection commission, where we are at is trying to understand a little bit more about the technology, about the large language models, about where the training data is sourced.”

“So I think it’s early days, but it’s time to be having those conversations now rather than rushing into prohibitions that really aren’t going to stand up.”

The body that unites Europe’s national privacy watchdogs last week set up a task force on ChatGPT following a unilateral move by Italy to temporarily ban the chatbot which is rapidly growing in popularity.

Italy’s watchdog said on Tuesday that it is ready to allow the return of ChatGPT at the end of April if its maker OpenAI takes “useful steps” to address the agency’s concerns. Microsoft Corp-backed (MSFT.O) OpenAI took it offline in Italy last month.

While the Irish DPC is the EU’s lead regulator of many of the world’s largest technology companies due to the location of their EU headquarters in Ireland, it does not hold the same power over OpenAI which has no offices in the bloc.

Dixon added that the issues around Generative AI span far beyond data protection and include copyright and defamation concerns.

“We also want to contribute to broader discussions about the risks and about other areas of law that converge in AI,” she said.