I would not assume that it applies only to users located in the U.S., if that's what you mean, since this is designed to preserve evidence of alleged copyright infringement.
I don’t think a US court order can overrule the GDPR for EU customers, for example.
Nothing says that laws of different countries can't conflict.
Hopefully they don't though.
Isn't this why companies incorporate in various nations so that they can comply with local regulations ? I'm assuming that EU will demand OpenAI to treat EU users differently..
If they did incorporate in the EU and run their servers in the EU, the EU entity will be a separate entity and (not a lawyer), I think as a result, not the entity concerned by this lawsuit.
Assuming the EU entity were a subsidiary "but I keep that data overseas" seems unlikely to get you off the hook. However I don't think you can be ordered to violate local law. That would be a weird (and I imagine expensive) situation to sort out.
What makes you think that EU law holds sway over US companies? Conversely, would you expect EU companies to abide by US law? Can an EU court not make arbitrary demands of a company that operates in the EU so long as those demands comply with relevant EU law?
OpenAI Ireland Ltd, which as an EU resident is the entity that provides the ChatGPT services to me (according to ChatGPT’s own ToS), is within the jurisdiction of the EU, not the US.
Repeatedly making the same comment all over the local tree is childish and effectively spamming.
To your observation, it's certainly relevant to the situation at hand but has little to do with your original supposition. A US court can order any company that operates in the US to do anything within the bounds of US law, in the same way that an EU court can do the converse. Such an order might well make it impossible to legally do business in one or the other jurisdiction.
If OpenAI Ireland is a subsidiary it will be interesting to see to what extent the court order applies (or doesn't apply) to it. I wonder if it actually operates servers locally or if it's just a frontend that sends all your queries over to a US based backend.
People elsewhere in this comment section observed that the GDPR has a blanket carve out for things that are legally required. Seeing as compliance with a court order is legally required there is likely no issue regardless.
The US Cloud Act makes it illegal for US companies to operate non-e2e encrypted services that are GDPR compliant. They have to warrantlessly hand the govt all data they have the technical capability to access.
OpenAI Ireland Ltd, the entity that provides ChatGPT services to EU residents, is not a US company.