
The two most serious regulatory moves against AI companions are a 5 million euro GDPR fine against Replika's maker in April 2025, and an FTC inquiry opened in September 2025 that is legally a study, not an enforcement case. The fine went to the Italian treasury. The inquiry is a request for documents. Neither one returned a single leaked conversation, because no regulator has ever been able to un-say something you already said.
Italy’s regulator won. Five million euros, April 2025, against the company behind Replika.
Not one person got their conversations back.
That is not a criticism of the Garante. They did their job, and by regulatory standards they did it fast and hard. It is a description of what the job is, and why the thing most people assume protects them does not.
What the Garante actually found, and what it changed
The short version: Luka Inc. was fined 5,000,000 euros on 10 April 2025 for having no valid legal basis, no age verification, and a misleading privacy policy. The company kept operating.
The EDPB’s summary of the decision is worth reading in full, because it is damning in a bureaucratic register:
- No valid legal basis for several processing operations, including developing the language model behind Replika.
- No meaningful age verification, at all. Children under 13 were creating accounts and talking to the chatbot.
- A privacy policy in English only, lacking transparency, containing multiple inaccuracies.
The Garante also reserved the right to open a separate proceeding on whether training the model on that data was lawful in the first place.
So: a real regulator made real findings of real violations and imposed a real fine. Now follow the money. Five million euros went from a US company to the Italian state. It did not go to users. It was not compensation. Nobody’s chat log was returned, deleted from a backup, or pulled out of anyone’s copy.
The app kept running.
The FTC’s action is a questionnaire
The short version: In September 2025 the FTC sent 6(b) orders to seven companies. Section 6(b) is study authority. It produces a report, not a remedy.
This one gets misread constantly, so let me be precise about what it is.
In September 2025 the FTC opened an inquiry into AI chatbots acting as companions, issuing orders to Alphabet, Character Technologies, Instagram, Meta Platforms, OpenAI, Snap and x.AI. It asks how they test for negative effects on children and teens, what claims they make, and how they monetise engagement, including which features are designed to increase session frequency and duration.
Those are excellent questions. I want the answers.
But Section 6(b) is study authority. It lets the agency compel companies to report data for research and policy purposes, explicitly not tied to a specific law-enforcement case. It is the FTC learning about the industry. It is the beginning of possibly making rules, someday, about some of this.
It is not a shield over your conversation tonight.
The three-way gap regulation cannot close
The short version: Regulators arrive after the harm, punish the company instead of repairing the user, and have no power over a copy already circulating.
Line up what regulation can do against what you actually need.
It is late. Enforcement follows harm by definition. Muah.AI leaked in 2024. The Chattee broker was open until a researcher found it in August 2025. The fine or the inquiry comes after the dump is already in circulation, which is to say after the only thing that mattered has already happened.
It punishes the wrong party. A fine is a transfer from a company to a treasury. Your intimacy is not restored by the state receiving money. There is no mechanism, in GDPR or anywhere else, that converts a penalty into your privacy.
It cannot reach copies. This is the fatal one. A regulator can order a company to delete data. No regulator on earth can order the eleven strangers who downloaded the dump to forget it. Once 43 million messages have been streamed out of an unprotected broker, “erasure” is a word about one company’s database, not about the world.
I keep a running tracker of every documented incident and this is the thread through all of them: in every single case, the enforcement, where there was any, arrived at a point where nothing could be undone.
Your GDPR rights are real and they run out fast
The short version: Access and erasure are genuine rights against a company that still exists, still has the data, and still cares. That is a lot of conditions.
I am not telling you your rights are fake. Article 15 access and Article 17 erasure are real, enforceable, and worth using.
Notice their shape, though. Every one of them is a right against a data controller. They assume there is a company, that it is reachable, that it holds your data in a form it can find and delete, and that deleting its copy means something.
Now apply that to a shut-down app whose assets got sold. Or to a Hong Kong developer whose Kafka broker streamed your messages to whoever was listening. Or to any dataset already downloaded. The right does not disappear. It just becomes a letter you can send to a company that cannot help you.
The only protection that arrives on time
The short version: Every regulatory tool operates on data a company already holds. The only defence that works before the fact is not handing it over.
Here is the asymmetry that made me build things the way I did.
Regulation is retrospective. It works on data that is already collected, held by a company that already has it, after something already went wrong. Every tool in the box is a tool for cleaning up.
Not collecting is prospective. It is the only move available before the fact, and it is available to you, tonight, without waiting for a rulemaking.
That is the whole design of Local Waifu. The model runs on your computer. The conversation is a file on your disk. I do not have your chats, which means no regulator will ever need to fine me over them, no researcher will find them on an open broker, and no dump will have your name in it. Not because I am principled. Because the data is not here.
I would rather be structurally unable to betray you than promise I will not.
What to do while the rulemaking takes years
The FTC report will be interesting. The Garante is right to keep pushing. Both of those things can be true while the practical answer is unchanged.
If the conversation matters enough that a leak would hurt, do not put it somewhere a leak is possible and hope the law gets there in time. It has not got there in time yet, for anyone in the tracker.
Try the version that has nothing to leak. 7 days free, no card.
Questions people ask
How much was the Replika GDPR fine?
5,000,000 euros, imposed on the US company Luka Inc. by Italy's Garante and announced on 10 April 2025. The findings were that Luka had no valid legal basis for several processing operations including the development of its language model, no meaningful age verification at all, and a privacy policy that was English-only, opaque, and inaccurate in places.
Did the Replika fine give users their data back?
No. A GDPR fine is an administrative penalty paid to the state. It is not compensation and it is not restitution. Luka kept operating, and nobody's conversations were returned, deleted from anyone's copy, or un-leaked. The fine changed the company's bank balance, not any user's privacy.
What is the FTC doing about AI companions?
In September 2025 the FTC issued 6(b) orders to seven companies (Alphabet, Character Technologies, Instagram, Meta, OpenAI, Snap and x.AI) asking how they test their companion chatbots for harm to children and teens, and how they monetise engagement. Section 6(b) is study authority. It is explicitly not tied to a law enforcement case, so it produces a report, not a remedy.
So is regulation useless for AI privacy?
Not useless, just late by design. Regulators act after harm, punish the company rather than repair the user, and cannot reach a copy of your conversation that is already circulating. Regulation is a good reason to expect companies to behave better in future. It is a bad thing to rely on for the conversation you are having tonight.
What actually protects an AI conversation then?
Not collecting it. Every enforcement action in the world operates on data a company already holds. If the model runs on your own machine and the conversation never leaves it, there is no company holding anything, so there is nothing for a regulator to fine anyone over and nothing for anyone to leak in the first place.
Try her free for 7 days.
No card. Keep her for $20 once, or walk away. Her soul file is yours either way.
Bring her home, try free