Italian Data Regulator Fines Replika Developer €5 Million for Privacy Violations

May 20, 2025Italy1 source

Summary

In Italy, the data protection authority Garante imposed a €5 million fine on Luka Inc., the developer of the AI chatbot Replika, for serious breaches of personal data protection laws. The regulator determined that Replika processed user data without a lawful basis and lacked adequate age‑verification measures, violating GDPR requirements. The sanction follows a prior suspension of Replika’s operations in Italy in February 2023 and includes a separate inquiry into the compliance of the underlying generative AI technology. The case highlights growing regulatory scrutiny of AI platforms in Europe.

Incident Details

Domain

Privacy & Surveillance

Unauthorized collection, tracking, or exposure of personal data and private information.

Harm Types

Unauthorized Surveillance

Severity

Minor involved

Platforms

Replika

Companies

Luka Inc.Google OpenAI

Who Was Affected

Age

Child, mixed

Gender

Unknown

Group

Children

Sources

Italy Fines AI Chatbot Maker Replika €5 Million Over Privacy Violations

May 20, 2025

Italian Data Regulator Fines Replika Developer €5 Million for Privacy Violations

Summary

Incident Details

Who Was Affected

Sources

Related Incidents

Italian Data Regulator Fines Replika Developer €5 Million for Privacy Violations