bbieron@platformeconomyinsights.com

Italian Court Scraps 2024 Fine Levied Against OpenAI for GDPR Violations

Apr 4, 2026

Report from Reuters

In Brief – A Rome court has cancelled the 15 million euro fine imposed on OpenAI by Italy’s data protection authority for violations of the GDPR in the development and operation of ChatGPT. The fine was issued in December 2024 over the alleged unlawful use of personal data by the market-leading generative AI application. The court has not released its full ruling and the national data protection authority, known as Garante, declined to comment. OpenAI reacted to the ruling saying, “We welcome the decision by the Court ⁠of Rome. We’ve always been committed to respecting user privacy and ⁠look forward to helping more Italian people, businesses and society benefit from AI.”

Context – When ChatGPT burst onto the stage in late 2022 it upended AI expectations, discourse, and public policy. The Garante made a big splash in early 2023 by banning the chatbot in Italy for failing to conform with the EU’s landmark data protection law. The regulator questioned how OpenAI collected data to train its models, the implications of hallucinations about individuals, the inability to keep children off the app, and how the company handled user personal information. OpenAI eventually reached an agreement with Garante to age-check users and clarify how it collected and handled user data inputted into ChatGPT by Italians via signup and queries. In the years since, the EU has enacted the AI Act to regulate all AI applications, including chatbots and foundation models. One of the growing European “digital sovereignty” concerns is the need to keep pace with the AI industries in the US and China. In response, the EU Commission has come forward with an “AI Continent Action Plan” and several initiatives to promote AI development and use. Critics of the bloc’s regulatory and tax environment argue it slows investment and development, charging that the AI Act is the world’s most aggressive AI regulatory regime and that regulatory overlaps involving other EU digital regimes, including the GDPR and DMA, also continue to crop up and create further regulatory uncertainty.

View By Monthly
Latest Blog
AI Hallucination Stories Grab Bag

Context - Within weeks of Chat-GPT’s public release, the fact that chatbots make plausible and realistic sounding stuff up emerged. The AI scientists knew about the phenomenon, which they called “hallucinations”. It appears to be baked into the technology. LLMs don’t...

Meta Challenges UK Online Safety Act Fees and Fines Regime

Report from The Guardian In Brief – Meta is challenging the methodology Ofcom, the UK’s communications regulator, uses to determine the regulatory fee and fines structure under the UK’s Online Safety Act (OSA). The fees that Ofcom charges regulated firms to fund the...

New York AG Opposes Surveillance Pricing and Electronic Shelf Labels

Report from WRVO In Brief – New York Attorney General Letitia James (D) is calling for state legislation to ban the use of personal data to influence prices, as well as a measure to prohibit grocery stores and pharmacies in the state from adopting digital shelf price...

Google Offers to Change Anti-Spam Policies to Appease EU Regulators

Report from Bloomberg In Brief – Google has reportedly made a proposal to European Commission digital regulators to change their search engine's anti-spam policy to downrank news publisher websites that engage in a practice dubbed “parasite SEO”. The move comes in...

Platform Economy Insights produces a short email four times a week that reviews two top stories with concise analysis. It is the best way to keep on top of the news you should know. Sign up for this free email here.

* indicates required