On February 12, 2026, the Autoriteit Persoonsgegevens (AP), the Dutch data protection authority, issued a warning against the use of OpenClaw and similar open-source AI agents. The AP highlighted significant risks, including data breaches, unauthorized access, and malware within plug-ins. Security researchers indicated that about 20% of OpenClaw plug-ins harbor malware designed to steal login credentials. The AP emphasized that these AI systems can operate autonomously, posing severe security threats if misconfigured or compromised. The authority urged users and organizations, including parents, to avoid deploying such systems for handling sensitive data, stressing that compliance with GDPR remains mandatory regardless of software type. The AP also called for the inclusion of autonomous AI agents under the EU AI Act’s regulatory framework. This warning underlines the urgent need for stringent security measures in AI agent deployments, especially in sectors like marketing and advertising, where sensitive data is frequently processed.
Source link
