There is an article on El Reg where the author asks ChatGPT about themselves, and they get back some information. If this data acquisition and dissemination process was being performed specifically by a company it would clearly be a situation where the GDPR applies, and the company would have certain responsibilities. However it seems probable that the actual design and implementation of ChatGPT was a bit higher level than that.
Does the GDPR apply to ChatGPT and the other chatbots that are in development around the world that are trained by reading the internet?