Newsalert | Data Protection and Cybersecurity 12/06/2025

In decision no. 232 of 10 April 2025, the Italian Data Protection Authority imposed sanctions on the US company responsible for the AI-based chatbot “Replika” for violating the General Data Protection Regulation (GDPR), particularly regarding requirements related to minors’ protection, user transparency, and the adequacy of its legal bases for data processing.

Chiomenti Professionals analyzed the key elements of the Decision in the latest newsalert, highlighting the need for an increased level of accountability on the part of providers of related services when it comes to human-machine interaction, especially with potentially vulnerable subjects such as minors.