bbieron@platformeconomyinsights.com

Italian Court Scraps 2024 Fine Levied Against OpenAI for GDPR Violations

Apr 4, 2026

Report from Reuters

In Brief – A Rome court has cancelled the 15 million euro fine imposed on OpenAI by Italy’s data protection authority for violations of the GDPR in the development and operation of ChatGPT. The fine was issued in December 2024 over the alleged unlawful use of personal data by the market-leading generative AI application. The court has not released its full ruling and the national data protection authority, known as Garante, declined to comment. OpenAI reacted to the ruling saying, “We welcome the decision by the Court ⁠of Rome. We’ve always been committed to respecting user privacy and ⁠look forward to helping more Italian people, businesses and society benefit from AI.”

Context – When ChatGPT burst onto the stage in late 2022 it upended AI expectations, discourse, and public policy. The Garante made a big splash in early 2023 by banning the chatbot in Italy for failing to conform with the EU’s landmark data protection law. The regulator questioned how OpenAI collected data to train its models, the implications of hallucinations about individuals, the inability to keep children off the app, and how the company handled user personal information. OpenAI eventually reached an agreement with Garante to age-check users and clarify how it collected and handled user data inputted into ChatGPT by Italians via signup and queries. In the years since, the EU has enacted the AI Act to regulate all AI applications, including chatbots and foundation models. One of the growing European “digital sovereignty” concerns is the need to keep pace with the AI industries in the US and China. In response, the EU Commission has come forward with an “AI Continent Action Plan” and several initiatives to promote AI development and use. Critics of the bloc’s regulatory and tax environment argue it slows investment and development, charging that the AI Act is the world’s most aggressive AI regulatory regime and that regulatory overlaps involving other EU digital regimes, including the GDPR and DMA, also continue to crop up and create further regulatory uncertainty.

View By Monthly
Latest Blog
European Commission Expands Their DSA Probe of Online Porn Sites

Report from CBC News In Brief – The European Commission has announced that they have preliminarily found four large adult content platforms to be in breach of the Digital Services Act (DSA) for failing to protect minors from being exposed to pornographic content on...

UK Government Targeting Manosphere Content on Online Platforms

Report from The Guardian In Brief – More than 60 Labour MPs have urged Ofcom, the country’s communications and digital regulator, to use its authority under the Online Safety Act to press platforms to better protect young men from risks they argue are linked to...

Google Proposes a Publisher Opt-Out for AI-Enabled Search in the UK

Report from MediaPost In Brief – Google has outlined plans to give publishers more authority over how their content appears in AI-driven search features in response to the consultation by the UK Competition and Markets Authority (CMA) regarding application of the...

Dutch Court Bans Grok from Creating Nude and Partially Nude Images

Report from Reuters In Brief – A Dutch court has ordered AI company xAI to stop its chatbot Grok from generating or distributing non-consensual sexualized images, including depictions of adults or children partially or wholly stripped naked. The preliminary...

Platform Economy Insights produces a short email four times a week that reviews two top stories with concise analysis. It is the best way to keep on top of the news you should know. Sign up for this free email here.

* indicates required