Layout, contracts, and data shapes are real. The data shown is illustrative. Real customer data flows live with our first design partner.
T9 · audit-ledger · counterfactual
Replika — Italian DPA enforcement
Italy's GPDP issued an immediate-effect order banning Replika from processing Italian users' data, citing absent age-verification, no clear lawful basis, and reports of sexually explicit chat output to minors. Two later €5M fines (Apr 2025, May 2025) extended liability separately to deployment and to the underlying training run.
Verdict shape that would have refuted
Tier T6+T7- Flow contract
- class:minor_user ∉ corpus.fine_tuning_inputs ∧ for_each(record where data_subject_jurisdiction=EU) → has_tag(lawful_basis) ∧ for_each(data_subject) ∃ erasure_pathway
- Fixture that exercises this contract
- /examples-ai/16-minor-pii-in-fine-tune/manifest.json
The 'assistant-fine-tune-v9' fixture demonstrates the minor-PII-exclusion contract on a fine-tune corpus — exactly the shape Replika needed and did not have.
- Regulatory anchor
- GDPR Art. 5(1)(c), Art. 6, Art. 17; Italy GPDP Provv. n. 9852506
- Date the vault would have flagged
- 2022-09 — at fine-tune corpus assembly time
What broke instead
End-user-generated content flowed into both the deployed inference path and the fine-tuning corpus with no per-record minority check, no lawful-basis attestation, and no erasure pathway. The GPDP separated deployment-stage and training-stage violations — each needed its own contract; neither had one.
Public outcome · Italian processing ban from Feb 2023 (months of remediation), €10M total fines, plus the doctrinal cost of being the first 'training-stage processing requires its own lawful basis' enforcement.
Cross-references
- · /ai/incidents/replika-italian-dpa-2023 — public story (journalism register)
- · /vault/registry — model whose deploy would have been gated on this contract
- · /vault/audit — read-only auditor view of the incident table
- · /vault/incident — index of all replays