Skip to main content
Skip to navigation

Regulatory Enforcement

GDPR push for privacy by design still ‘a long way off’

By Neil Hodge2023-02-16T21:00:00

Italy’s data protection authority Garante earlier this month banned U.S.-based artificial intelligence (AI) chatbot creator Replika from processing the personal data of users in the country because of the risks the service posed to minors and vulnerable people.

Replika’s chatbot is marketed as an “AI companion who cares” because it offers users personalized avatars that talk and listen to them and help their emotional well-being. In a Feb. 3 notice, Garante criticized the app’s failure to protect children by allowing it to send inappropriate and sexually explicit responses to young users.

The case serves as an example of why tech companies must use “privacy by design” when launching new products and services.

THIS IS MEMBERS-ONLY CONTENT

cw-membership

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

Premium
Five years in, GDPR still a lightning rod for criticism

2023-05-25T18:04:00Z By Neil Hodge

The General Data Protection Regulation risks losing credibility if enforcement is not harmonized and privacy by design is not at the heart of tech innovation, said EU officials during a summit marking the fifth anniversary of the legislation.
Article
TikTok facing $29M fine over U.K. children’s privacy violations

2022-09-26T15:55:00Z By Neil Hodge

The Information Commissioner’s Office warned social media platform TikTok it could be fined £27 million (U.S. $29 million) for failing to protect children’s data in line with the U.K.’s version of the General Data Protection Regulation.
Article
Instagram facing record $401M fine over children’s privacy violations

2022-09-06T19:30:00Z By Neil Hodge

Instagram is set to be fined €405 million (U.S. $401 million) by Ireland’s data protection regulator for failing to adequately secure teenage users’ data in line with the General Data Protection Regulation.

More from Regulatory Enforcement

Article
Florida boarding school pays $1.7M for enrolling kids of drug cartel parents

2026-02-13T22:08:00Z By Adrianne Appel

A Florida school has agreed to pay more than $1.7 million for enrolling children whose parents had been sanctioned by the U.S. for their ties to Mexican drug cartels, the U.S. Department of the Treasury’s Office of Foreign Assets Control said Thursday.
Article
FinCEN launches whistleblower portal, seeking tips on BSA and sanctions violations

2026-02-13T21:32:00Z By Oscar Gonzalez

The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has launched a whistleblower webpage to solicit tips on fraud, money-laundering, as well as violations of the Bank Secrecy Act (BSA) and U.S. sanctions.
Article
Disney pays $2.75M to California for alleged privacy violations

2026-02-13T21:12:00Z By Adrianne Appel

Disney has agreed to pay $2.75 million to settle allegations by California that its streaming service sold the personal information of subscribers without their permission.