Italy’s data protection authority Garante earlier this month banned U.S.-based artificial intelligence (AI) chatbot creator Replika from processing the personal data of users in the country because of the risks the service posed to minors and vulnerable people.
Replika’s chatbot is marketed as an “AI companion who cares” because it offers users personalized avatars that talk and listen to them and help their emotional well-being. In a Feb. 3 notice, Garante criticized the app’s failure to protect children by allowing it to send inappropriate and sexually explicit responses to young users.
The case serves as an example of why tech companies must use “privacy by design” when launching new products and services.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Trial Membership
First week free, then $499 for an annual Membership
Cancel anytime within the trial period.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
The General Data Protection Regulation risks losing credibility if enforcement is not harmonized and privacy by design is not at the heart of tech innovation, said EU officials during a summit marking the fifth anniversary of the legislation.
The Information Commissioner’s Office warned social media platform TikTok it could be fined £27 million (U.S. $29 million) for failing to protect children’s data in line with the U.K.’s version of the General Data Protection Regulation.
Instagram is set to be fined €405 million (U.S. $401 million) by Ireland’s data protection regulator for failing to adequately secure teenage users’ data in line with the General Data Protection Regulation.
Accounting firm Prager Metis violated auditor independence rules through use of indemnification provisions in its engagement letters hundreds of times during a period of nearly three years, the Securities and Exchange Commission charged in a lawsuit.
The American branch of South Korea-based Shinhan Bank agreed to pay $25 million across settlements with three separate regulators for admitted violations of the Bank Secrecy Act and anti-money laundering requirements.
Exelon and its subsidiary Commonwealth Edison agreed to pay $46.2 million as part of a settlement with the Securities and Exchange Commission related to their Illinois bribery and lobbying scandal that previously earned ComEd a deferred prosecution agreement.
