- Topics
- Regions
- Events
- Webcasts
- Resources
- CW Exclusives
- Membership
“For tracking litigation, enforcement, and regulatory developments, Compliance Week
should be your prime source.”- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
GDPR push for privacy by design still ‘a long way off’
By 
Neil Hodge2023-02-16T21:00:00
Italy’s data protection authority Garante earlier this month banned U.S.-based artificial intelligence (AI) chatbot creator Replika from processing the personal data of users in the country because of the risks the service posed to minors and vulnerable people.
Replika’s chatbot is marketed as an “AI companion who cares” because it offers users personalized avatars that talk and listen to them and help their emotional well-being. In a Feb. 3 notice, Garante criticized the app’s failure to protect children by allowing it to send inappropriate and sexually explicit responses to young users.
The case serves as an example of why tech companies must use “privacy by design” when launching new products and services.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
PremiumFive years in, GDPR still a lightning rod for criticism
The General Data Protection Regulation risks losing credibility if enforcement is not harmonized and privacy by design is not at the heart of tech innovation, said EU officials during a summit marking the fifth anniversary of the legislation.
-
ArticleTikTok facing $29M fine over U.K. children’s privacy violations
The Information Commissioner’s Office warned social media platform TikTok it could be fined £27 million (U.S. $29 million) for failing to protect children’s data in line with the U.K.’s version of the General Data Protection Regulation.
-
ArticleInstagram facing record $401M fine over children’s privacy violations
Instagram is set to be fined €405 million (U.S. $401 million) by Ireland’s data protection regulator for failing to adequately secure teenage users’ data in line with the General Data Protection Regulation.
More from Regulatory Enforcement
-
News BriefFTC sues GM for selling location and behavioral data without drivers' consent
General Motors failed to disclose to customers that it tracked their precise locations and driving behavior and sold the data to third parties, the Federal Trade Commission alleged in a proposed order.
-
News BriefCash App owner Block to pay $175M over fraud caused by lax consumer protection practices
Block, the owner of Cash App and Square, will pay $175 million to settle allegations that its lax consumer protection practices put customers at high risk of fraud, the Consumer Financial Protection Bureau said.
-
News BriefFTC orders Mobilewalla, Gravy Analytics to stop collecting geolocation data without permission
Two large data brokers, Mobilewalla and Gravy Analytics, collected billions of records containing sensitive geolocation and personal data of millions of people, and then sold it without their consent, the Federal Trade Commission said.