In February 2023, the Italian data-protection authority (the Garante per la Protezione dei Dati Personali, usually shortened to the Garante) ordered Replika to immediately stop processing the personal data of Italian users. It was the first significant regulatory action against a consumer AI companion app and it remains the cleanest empirical test we have of how the European data-protection regime applies to this category.

This piece is a plain-language summary of what the Garante found, why it acted, what Replika did in response, and what the action means for the AI companion privacy story more broadly.

If you have time for one paragraph: the Garante found that Replika was processing personal data without an adequate legal basis, was failing to verify the age of users, and was creating real risks for minors and emotionally vulnerable users. The order suspended the company’s data processing for Italian users, which in practice meant the app went dark in Italy. Replika subsequently made changes (age verification, content restrictions, expanded notice) and was eventually allowed back. The action is a useful baseline for thinking about what regulators consider acceptable, and the changes it forced are visible across the category since.

What the Garante found

The Garante’s order, issued in February 2023, identified several specific concerns. The full order is in Italian and is available on the Garante’s website (gpdp.it); summaries in English are available through legal-tech and tech-press coverage.

No adequate legal basis for processing. Under GDPR, personal data processing requires one of six specific legal bases (consent, contract, legal obligation, vital interest, public task, legitimate interest). The Garante found that Replika did not have an adequate basis for the data processing it was conducting, particularly given the sensitivity of the data and the population using the app.

No effective age verification. Replika’s terms of service required users to be 18 or older. In practice, age verification was light enough that minors could and did use the app. The Garante found this inadequate given the nature of the content the app could generate.

Risks to minors specifically. The Garante identified specific risks to minor users from the kind of conversations Replika could generate, including content that was sexually explicit or otherwise inappropriate for under-18 users.

Risks to emotionally vulnerable users. The Garante also identified risks to users in vulnerable states, citing the kind of intense emotional reliance the app encouraged and the absence of safeguards for users in crisis.

Inadequate transparency. Users were not given clear enough information about what the app was doing with their data, how the AI worked, or what the limitations of the relationship they were forming actually were.

The order was sweeping. Replika was directed to immediately stop processing the personal data of Italian users, with significant fines on the table for non-compliance.

What Replika did

Replika initially restricted access to Italian users while engaging with the Garante on remediation. The remediation involved several specific changes, some of which became visible in the product globally rather than just in Italy:

  • More explicit age verification flows
  • Restrictions on certain kinds of generated content
  • Expanded privacy notices and consent flows
  • Changes to data-handling practices for the company’s user base generally

Some of these changes overlapped with or contributed to the February 2023 erotic role-play removal (which became the defining cultural event for Replika), though the relationship between the Garante action and the ERP removal is not perfectly clean. Both the regulatory pressure and the company’s separate decision-making contributed to the changes Replika users experienced that month.

Replika was eventually allowed to resume operating in Italy after demonstrating compliance with the Garante’s requirements.

Why this matters

Several reasons.

It is the first regulatory case study for the category. Before the Garante action, AI companion apps had largely operated without significant regulatory engagement. The Italian action was the first time a major regulator looked at one of these apps closely and concluded that significant changes were required. Other regulators (in Europe and beyond) have used the Garante’s analysis as a template for their own engagement.

It established practical compliance baselines. The specific things the Garante required (age verification, content restrictions, transparent privacy practices) are now common across the category. Apps that came after Replika were able to look at what the Garante demanded and design for compliance from the start.

It is the cleanest test we have of the privacy story. Coverage of AI companion app privacy often relies on what the apps say in their privacy policies, which is hard to evaluate independently. The Garante’s investigation actually examined what one major app was doing in practice and concluded it was inadequate. That is a stronger evidence base than self-reported compliance.

It shapes the regulatory roadmap. The Garante action, the Garcia case, the EU AI Act, California’s SB 243, and other regulatory activity in the space form a coherent direction of travel. The specific provisions vary; the underlying concerns (transparency, age, vulnerable users, data practices) are consistent.

What the action does not say

A few things to be careful about.

It does not mean Replika is uniquely bad. The Garante examined Replika because it was the most visible AI companion app at the time. Many of the practices that drew the regulator’s attention were industry-standard, not Replika-specific. Other apps that have not been examined as closely may have similar issues.

It does not establish that AI companion apps are inherently unsafe. The regulatory framework allows the apps to operate; it requires them to operate with adequate safeguards. The Garante’s order was about how Replika was operating, not about whether AI companion apps should exist.

It does not address content quality, model behavior, or relationship effects. The Garante’s mandate is data protection. Questions about whether the conversations are good, whether the relationships are healthy, whether the app is doing what users want, are not what the regulator is empowered to assess.

It does not directly bind US operators. GDPR applies to EU users; US operators serving EU users have to comply for those users. The principles are increasingly being adopted in US regulatory work (most directly in California’s SB 243), but the US regulatory framework is not the same as the European one.

What this means for users

Practical implications, mostly modest.

Privacy practices have improved across the category since 2023. Most major AI companion apps have made privacy practice changes that trace back, directly or indirectly, to the Garante’s analysis. Better notice flows, better age verification, more granular data controls.

The privacy story still varies a lot by app. As we covered in the adult privacy guide, the apps in this category have very different privacy postures. Kindroid is the most documented; the commercial NSFW apps are operating on standard commercial posture; Janitor’s privacy story depends on the LLM backend. The Garante’s analysis of Replika does not transfer to other apps without examination.

For European users, the Garante and equivalents in other EU countries are an active oversight presence. If you are a European user with a privacy concern about an AI companion app, your national data-protection authority is the right place to start.

For US users, the regulatory environment is in flux. SB 243 in California is the most direct US analog; FTC inquiries and state-level activity are also relevant. The picture will look different in two years than it does now.

What operators should take from this

If you operate an AI companion app and serve European users, the Garante’s analysis is required reading. The specific compliance requirements (legal basis for processing, age verification, vulnerable-user protections, transparency) are the floor, not the ceiling. The defensible product position is to design for the regulatory environment that is emerging, not the one that existed before 2023.

For US operators, the same principles increasingly apply via California and other state-level activity, plus federal-level scrutiny that is real even where it has not yet produced specific rules.

Where to read the primary documents

The Garante’s order is on the authority’s website at gpdp.it. The original is in Italian; English summaries are available through tech and legal press coverage from February-March 2023.

For the broader EU regulatory framework, the European Data Protection Board (edpb.europa.eu) has issued guidance relevant to AI systems including companion apps.

FAQ

Is Replika still banned in Italy?

No. Replika was eventually allowed to resume operations in Italy after demonstrating compliance with the Garante’s requirements. The original ban was suspended, not made permanent.

Did the Garante investigate other AI companion apps?

The 2023 action focused on Replika specifically. The Garante and other European data-protection authorities have continued to monitor the space and have made statements about other apps in various contexts.

Are US users protected by GDPR or by the Garante’s actions?

No. GDPR protects EU users. US users are protected by US law, which has its own (different) framework. The principles are similar in spirit but the rights and remedies differ.

Did this action lead to the Replika ERP removal?

The two events overlapped in time and were both driven in part by regulatory pressure. The exact causal relationship is not perfectly clear in public reporting. Both contributed to the cluster of changes Replika users experienced in early 2023.

Are similar privacy actions likely against other AI companion apps?

Yes, especially in Europe. The regulatory engagement with this category is increasing rather than decreasing. Apps with thin documentation and weak practices are more likely to draw scrutiny than apps with more public and specific privacy postures.

Privacy Guide for Adult AI Companion Apps in 2026 for the practical user-side picture.

California SB 243 Explained for the parallel US regulatory work.

Garcia v. Character Technologies for the related US legal case.

Replika Alternatives in 2026 for our current view on Replika specifically.

If you have specific information about the Garante’s action or other regulatory activity, write us at the contact form.