From a compliance POV it's not enough. For example: "<NAME PERSON ONE> is president of the United States" is still identifiable even though the name has been redacted.
Since you can't be 100% certain that a filter redacts all personal data, you'd have to make sure that you have measures in place which allow OpenAI to legally process personal data on your behalf. Otherwise you'd technically have a data breach (from a GDPR pov).
And if OpenAI can legally process personal data on your behalf, why bother filtering if processing with filtering is also compliant?
> According to the EU law if you don’t click accept it’s equivalent to denying.
The result is the same. Technically there's no such thing as denying, only providing (explicit) consent. If consent is required and no consent is provided, then there is no ground for processing.
Litigation is not just 'file and forget'. Deno, or any other organisation, needs to contribute in time and effort for several years. In my opinion, "media attention / clout" is a fair compensation.
Since you can't be 100% certain that a filter redacts all personal data, you'd have to make sure that you have measures in place which allow OpenAI to legally process personal data on your behalf. Otherwise you'd technically have a data breach (from a GDPR pov).
And if OpenAI can legally process personal data on your behalf, why bother filtering if processing with filtering is also compliant?