Bumble, a leading dating app, introduced “AI Icebreakers” in its Bumble for Friends section, using OpenAI’s ChatGPT to generate conversation starters. However, this seemingly helpful tool, introduced in December 2023, may be in clear violation of EU data protection laws, particularly the General Data Protection Regulation (GDPR).
At the heart of the issue is consent — or the lack thereof. Despite showing users a pop-up banner nudging them to click “Okay” to activate AI Icebreakers, Bumble does not legally rely on this consent to process users’ personal data. Instead, it claims a “legitimate interest” under Article 6(1)(f) GDPR as its legal basis. This legal loophole is problematic for several reasons:
Misleading Consent Banner
The repeated pop-up gives users the impression that their agreement is necessary, suggesting consent under Article 6(1)(a). However, in reality, Bumble proceeds to process data without actual user permission — an approach that is deceptive and manipulative, undermining GDPR’s requirement for informed and freely given consent.
Sensitive Data Misuse
Bumble’s AI Icebreakers use personal profile information, which may include sensitive data such as sexual orientation. Under Article 9 of the GDPR, processing such data requires explicit consent, which Bumble has never obtained.
Third-Party Data Sharing Without Transparency
The app transmits user data to OpenAI to generate AI responses. Yet, Bumble fails to fully disclose this sharing or provide information about the recipients of the data —violating its transparency obligations under Article 5(1)(a).
Inadequate Response to Access Requests
A user who requested her data under Article 15 GDPR received an incomplete response, further showcasing Bumble’s non-compliance with core GDPR rights.
As a result, European privacy advocacy group noyb filed a formal complaint with the Austrian data protection authority, arguing that Bumble is unlawfully processing personal data without a valid legal basis. The group is also calling for fines and corrective measures to stop Bumble from bypassing user rights in the name of AI innovation.
In summary, Bumble’s AI Icebreakers may seem like a clever way to spark conversation, but under EU law, they appear to be an unlawful intrusion — violating consent rules, mishandling sensitive data, and misleading users about their privacy rights.
Bumble struggles
Bumble recently announced it will lay off 30 percent of its workforce — around 240 employees — as part of a restructuring aimed at improving user experience and long-term platform engagement, Reuters news report said. This move follows similar cuts at rival Match, which recently reduced its staff by 13 percent.
Despite the layoffs, Bumble raised its Q2 revenue forecast to $244–$249 million, signaling early positive impacts from its ongoing revamp under returning CEO Whitney Wolfe Herd. The company expects to save $40 million annually from the cuts, which will be reinvested into product and technology innovation.
Bumble will incur $13–$18 million in severance-related charges across the third and fourth quarters of 2025.
Baburajan Kizhakedath
