bbieron@platformeconomyinsights.com

Italian Court Scraps 2024 Fine Levied Against OpenAI for GDPR Violations

Apr 4, 2026

Report from Reuters

In Brief – A Rome court has cancelled the 15 million euro fine imposed on OpenAI by Italy’s data protection authority for violations of the GDPR in the development and operation of ChatGPT. The fine was issued in December 2024 over the alleged unlawful use of personal data by the market-leading generative AI application. The court has not released its full ruling and the national data protection authority, known as Garante, declined to comment. OpenAI reacted to the ruling saying, “We welcome the decision by the Court ⁠of Rome. We’ve always been committed to respecting user privacy and ⁠look forward to helping more Italian people, businesses and society benefit from AI.”

Context – When ChatGPT burst onto the stage in late 2022 it upended AI expectations, discourse, and public policy. The Garante made a big splash in early 2023 by banning the chatbot in Italy for failing to conform with the EU’s landmark data protection law. The regulator questioned how OpenAI collected data to train its models, the implications of hallucinations about individuals, the inability to keep children off the app, and how the company handled user personal information. OpenAI eventually reached an agreement with Garante to age-check users and clarify how it collected and handled user data inputted into ChatGPT by Italians via signup and queries. In the years since, the EU has enacted the AI Act to regulate all AI applications, including chatbots and foundation models. One of the growing European “digital sovereignty” concerns is the need to keep pace with the AI industries in the US and China. In response, the EU Commission has come forward with an “AI Continent Action Plan” and several initiatives to promote AI development and use. Critics of the bloc’s regulatory and tax environment argue it slows investment and development, charging that the AI Act is the world’s most aggressive AI regulatory regime and that regulatory overlaps involving other EU digital regimes, including the GDPR and DMA, also continue to crop up and create further regulatory uncertainty.

View By Monthly
Latest Blog
Swedish Court Delays Ruling in PriceRunner v Google Damages Case

Report from Crowdfund Insider In Brief – Sweden’s Patent and Market Court has delayed until June 10th its decision in a major antitrust damages case between comparison shopping site PriceRunner, which is owned by Sweden-based fintech company Klarna, and Google, citing...

Indonesia Warns YouTube Over Not Complying with Age Limit Rules

Report from Business Today In Brief – Indonesia has issued a formal reprimand to Google over noncompliance by its YouTube service with the country’s new child-protection rules for social media platforms that took effect March 28. The regulations require “high-risk”...

Meta Sued for Addictive Design in Denmark by Nonprofit Association

Report from Anadolu News In Brief – A Danish non-profit association, SOMI, has filed a lawsuit against Meta in Denmark on behalf of parents and children, alleging that the company’s platforms cause psychological harm to minors. The complaint in Copenhagen City Court...

Platform Economy Insights produces a short email four times a week that reviews two top stories with concise analysis. It is the best way to keep on top of the news you should know. Sign up for this free email here.

* indicates required