AI liability and operator duties in Italy: 2026 guide

Italy is the first EU Member State to pass a national AI law. Law No. 132/2025, in force since October 2025, adds sector-specific obligations on top of the EU AI Act for workplace AI, healthcare, professional services, judicial use, and deepfakes. The supervisory authorities are AgID and ACN, operating under a coordination committee at the Presidency of the Council of Ministers. An Italian operator faces this national layer simultaneously with EU-level obligations already in force, including Article 5 prohibited practices (February 2025), Article 4 AI literacy (February 2025), GPAI model duties (August 2025), and Article 50 transparency obligations arriving 2 August 2026. The revised Product Liability Directive applies from 9 December 2026. This guide explains what each layer requires, how they interact, and what the liability and insurance consequences are.

Law No. 132/2025: Italy's national AI statute

Law No. 132/2025 was approved by the Italian Parliament on 17 September 2025, signed by the President of the Republic on 23 September 2025, and published in the Official Gazette (Gazzetta Ufficiale) of 25 September 2025. After the standard 15-day vacatio legis it entered into force on approximately 10 October 2025. It covers 28 articles organised around six main thematic domains.

The law is notable for what it is not. It does not purport to create a standalone licensing or certification system for AI systems. It does not establish a general prohibition on AI deployment or require prior authorisation for commercial AI use. Instead, it establishes sector-specific obligations in areas where the EU AI Act deferred to Member State discretion or where national legislative traditions required specific adaptation, chiefly labour law, healthcare regulation, and judicial system integrity.

Sources: A&O Shearman analysis of Law No. 132 of 23 September 2025; Norton Rose Fulbright, Italy enacts Law No. 132/2025; Squire Patton Boggs, Italian Law no. 132/2025: the first domestic law in the European Union on the use of artificial intelligence.

The supervisory structure: AgID, ACN, and the Presidency committee

The institutional architecture under Law 132/2025 places strategic coordination with a committee at the Presidency of the Council of Ministers. The two operational agencies are:

AgID (Agenzia per l'Italia Digitale). The Agency for Digital Italy is Italy's digital transformation authority, responsible for the digitisation of the public administration. Under Law 132/2025 and Article 70 of the EU AI Act, AgID takes on national competent authority functions for AI systems used in public administration and for market surveillance in domains within its remit. It is the point of contact for operators in public procurement contexts and for AI systems interacting with e-government infrastructure.

ACN (Agenzia per la Cybersicurezza Nazionale). The National Cybersecurity Agency was established in 2021 and has rapidly become Italy's primary authority on digital security. Under Law 132/2025 its role extends to AI systems that pose cybersecurity risks or that are integrated into critical infrastructure. ACN's interest in AI is not purely defensive: it has a mandate to support Italy's AI industrial base while managing systemic security risks. For operators running AI agents that interact with network infrastructure, industrial control systems, or national security-adjacent applications, ACN is the primary supervisory interlocutor.

The coordination committee at the Presidency of the Council of Ministers acts as the high-level body that sets AI policy direction, resolves jurisdictional questions between agencies, and represents Italy in EU-level AI governance forums, including the AI Board established under the EU AI Act.

In practice, Italian operators will find that sectoral supervisors remain influential for their specific industries. IVASS (Istituto per la Vigilanza sulle Assicurazioni) supervises AI use in insurance under the EIOPA opinion framework. Banca d'Italia supervises AI in banking alongside EBA guidance. Garante per la Protezione dei Dati Personali (the Italian data protection authority) remains the primary authority for AI systems that process personal data, with the power to investigate and sanction under GDPR and under Law 132/2025 provisions that touch privacy.

Workplace AI obligations under Law 132/2025

Italian labour law has long treated monitoring of workers with particular care. Article 4 of the Workers' Statute (Law 300/1970) prohibits remote monitoring of workers through audio-visual equipment or other systems except with prior agreement with trade union representatives or authorisation from the National Labour Inspectorate. Law 132/2025 extends this framework explicitly to AI systems.

Employers deploying AI systems that are used to monitor, evaluate, or make decisions about employees must give prior written notice to the relevant trade union representatives (rappresentanze sindacali unitarie, RSU, or rappresentanze sindacali aziendali, RSA). Where a company-level union structure does not exist, notification goes to the national union associations in the relevant sector. The notification must describe the AI system's purpose, the data it processes, and the nature of the outputs it produces that affect workers.

Where an AI system produces an automated decision with employment consequences, including performance rating, disciplinary action, pay adjustment, or dismissal, the affected worker has a right to request explanation of the decision and to request human review. An AI output cannot be the sole basis for dismissal under the law. This aligns with the principle in the EU AI Act that high-risk systems in employment contexts (Annex III, paragraph 4 covers AI systems used for recruitment, performance assessment, promotion, and dismissal) require meaningful human oversight under Article 14.

Algorithmic management systems used in platform work (delivery, ride-hailing, and similar gig-economy contexts) are specifically addressed: Law 132/2025 confirms that Italian workers engaged via digital platforms retain the Article 4 protections regardless of their classification as employees or independent contractors under Italian labour law.

Healthcare, research, and professional services

Law 132/2025 does not create new clinical approval requirements for AI medical devices, which remain governed by EU Medical Device Regulation (EU) 2017/745 and the related guidance from the Italian Medicines Agency (AIFA). What the law adds is a transparency obligation: AI systems used in diagnostic, therapeutic, or care pathway decisions must be disclosed to the patient, including disclosure of the fact that an AI system contributed to the recommendation or decision. This overlaps with Article 50 of the EU AI Act on transparency, but the Italian national provision is broader in its clinical application scope.

For research, Law 132/2025 requires that AI-assisted research outputs (publications, grant applications, evidence submissions) disclose AI involvement in their production. Italian universities and research institutions are required to adopt internal policies governing AI use in academic work. The legislation tasks the Ministry of University and Research with issuing guidance on AI literacy standards in higher education, which intersects with Article 4 of the EU AI Act.

Professional services pose a specific challenge under Italian law because several liberal professions (avvocati, commercialisti, ingegneri, medici) are regulated by professional orders (ordini professionali) with disciplinary powers. Law 132/2025 gives the professional orders a mandate to issue guidance on AI use within their respective professions. Where AI is used to generate advice, assessments, or documents that are then presented to clients under a professional's name, the professional retains full liability for the output. An error in AI-generated legal advice, tax analysis, or engineering assessment remains an error attributable to the professional, not to the AI system or its developer, for purposes of professional disciplinary proceedings and civil liability.

Judicial use and the integrity of proceedings

Italy has been cautious about AI in judicial proceedings, and Law 132/2025 reflects that caution. The law prohibits AI from being used as the sole or decisive basis for judicial decisions, including decisions by courts, administrative tribunals, and prosecutorial offices. AI tools may be used to support case research, document analysis, translation, and evidence organisation, but the judicial decision must be the product of human deliberation. The presiding judge must be able to explain the reasoning of a decision in terms that do not depend on an AI output that the parties cannot inspect.

This provision is important for legal tech operators providing AI research tools, document review platforms, or case management systems to the Italian judiciary or to law firms. Systems that produce outputs feeding into judicial decisions must be designed to remain interpretable and must be positioned as support tools rather than decision-makers. The liability exposure for a legal tech operator whose system produces an erroneous output that influences a judicial decision is substantial: professional indemnity coverage for the operator should be reviewed in light of the Italian professional liability standard and the terms of Law 132/2025.

The Italian case law context is relevant here. The Mata v. Avianca (2023, SDNY) decision, in which sanctions were imposed on lawyers for relying on AI-generated case citations that did not exist, is the international reference point for AI-hallucination liability in legal proceedings. Italian courts will apply analogous standards under domestic professional responsibility rules and the general provisions of the Italian Civil Code on professional negligence.

Criminal liability for deepfakes

Law 132/2025 introduced criminal provisions targeting the production and distribution of realistic synthetic media, broadly, deepfakes. The criminal offence is engaged where:

• a person creates or distributes realistic AI-generated or AI-manipulated media depicting a real, identifiable person;
• the depicted person did not consent to the creation or distribution of that media;
• the purpose or foreseeable effect is to damage the person's reputation, deceive the public, or cause harm to the depicted person.

The law builds on existing provisions in the Italian Penal Code covering defamation (Articles 595-596 c.p.), image rights, and identity fraud. The new provisions introduce AI-specific aggravating circumstances and extend to platforms and intermediaries that knowingly host or distribute synthetic media covered by the prohibition.

For operators running generative AI platforms, content creation tools, or social media services accessible in Italy, the criminal provisions of Law 132/2025 interact with the Article 50 transparency obligations under the EU AI Act, which apply from 2 August 2026 and require that AI-generated content be labelled and, where technically feasible, machine-readable watermarked. An operator whose platform enables the creation of non-consensual synthetic media depicting real people and fails to implement the required labelling faces both criminal exposure under Italian law and administrative sanction under the EU AI Act from August 2026.

EU AI Act obligations in force for Italian operators

The EU AI Act (Regulation (EU) 2024/1689) entered into force on 1 August 2024 and applies directly in Italy. The current state of obligations as of June 2026 is as follows.

In force and binding now

Article 5 (prohibited practices). In force since 2 February 2025. The prohibitions on subliminal manipulation, exploitation of vulnerabilities, social scoring by public authorities, most biometric categorisation applications, and most real-time remote biometric identification in public spaces apply today. Any Italian operator deploying a system that may fall into a prohibited category should treat this as a live compliance requirement, not a future deadline.

Article 4 (AI literacy). In force since 2 February 2025. Providers and deployers must ensure sufficient AI literacy among staff and others operating AI on their behalf. The level required is proportionate to the system's risk and the operator's role. Documented training records are the standard evidence of compliance. A proposed softening of this obligation under the Digital Omnibus is not yet in force.

GPAI model obligations (Chapter V, Articles 51-56). In force since 2 August 2025. If an Italian operator develops or fine-tunes a general-purpose AI model, obligations apply: technical documentation, copyright policy, summary of training content, and, for systemic-risk models, more demanding requirements including adversarial testing and incident reporting. Providers of GPAI models already on the market before 2 August 2025 had to bring their models into compliance.

Penalties framework (Article 99). In force since 2 August 2025. Maximum fines: up to EUR 35 million or 7% of global annual turnover for prohibited-practice violations; up to EUR 15 million or 3% for other obligation breaches; up to EUR 7.5 million or 1% for supplying incorrect or misleading information. These are EU-level maxima. Italy's enforcement of these penalties through AgID and ACN operates within this framework.

Applying from 2 August 2026

Article 50 (transparency obligations). Operators of chatbots and conversational AI must inform users that they are interacting with an AI system. Providers of emotion-recognition or biometric-categorisation systems must notify the persons subjected to them. AI-generated or AI-manipulated content must be labelled. For synthetic media (deepfakes), machine-readable watermarking is required; a narrow grace period to 2 December 2026 is proposed for pre-existing systems already on the market, but this grace period is not yet formally adopted. The core disclosure obligations apply from 2 August 2026 regardless of the Omnibus outcome.

High-risk system obligations (Annex III standalone systems). The legally binding deadline for Annex III standalone high-risk systems is 2 August 2026. These include AI systems used in employment and workers management (Annex III, paragraph 4), access to essential public services (paragraph 5), law enforcement (paragraph 6), migration and border management (paragraph 7), and administration of justice (paragraph 8). A provisional political agreement under the Digital Omnibus package reached on 7 May 2026 would defer this to 2 December 2027, but that agreement is not yet formally adopted by the Council and Parliament, not published in the Official Journal, and therefore not yet law. Operators should not plan their compliance programme on the assumption that the deferral will be enacted before 2 August 2026, even if that outcome appears likely.

Applying from 9 December 2026

Revised Product Liability Directive (EU) 2024/2853. Adopted November 2024, it applies to products placed on the market after 9 December 2026. Italy must transpose it by that date. AI software is expressly a product under the directive. Rebuttable presumptions of defectiveness ease the claimant's burden of proof. Damage coverage is expanded to include data loss and medically recognised psychological harm. For AI operators in Italy, this creates a direct product liability exposure for AI software that generates erroneous outputs causing damage, even where the underlying defect is in training data or model architecture rather than in a traditional manufacturing sense.

Insurance and liability implications

The intersection of Law 132/2025 and the EU AI Act creates a liability exposure profile that most standard Italian commercial policies were not designed to cover. Several categories deserve specific attention.

Professional indemnity

Italian professional indemnity policies for legal, medical, engineering, and accounting professionals typically cover negligence in the exercise of the professional's own judgment. Where AI-generated advice is presented to a client under the professional's name, the professional remains liable for it. The policy must cover AI-assisted output errors. Professionals and their insurers should verify that policy exclusions do not create a gap where the professional argues the error originated in the AI system and the insurer argues the error was not a professional act.

Workplace AI liability

If a trade union or worker challenges an automated employment decision and succeeds, the employer may face reinstatement orders, back pay, and damages. Whether employer liability insurance covers employment-law claims arising from AI-assisted management decisions depends on policy language that was generally written before Law 132/2025 existed. Employment practices liability coverage should be reviewed.

Deepfake criminal liability

Criminal liability under Law 132/2025 is personal. Directors and officers of a platform company may face personal criminal exposure if the platform knowingly hosts prohibited synthetic media. Directors and officers liability cover and criminal defence coverage should be reviewed in light of the new provisions.

Product liability from December 2026

The revised Product Liability Directive, once transposed by Italy, will allow claimants to bring defective-product claims against AI software developers and, in some circumstances, against importers or distributors. Italian operators who develop AI software for the market, or who import and distribute non-EU AI software in Italy, should review their product liability coverage ahead of the 9 December 2026 application date.

Market instruments for AI-specific coverage

The European AI insurance market is developing specific products for these gaps. Munich Re aiSure offers parametric AI performance coverage that settles based on measurable performance data rather than contested claim adjudication. Armilla, a Lloyd's coverholder, provides AI liability and performance cover and works with operators on governance evaluation; European availability should be confirmed directly with the underwriter [VERIFY current Italian or EU availability and policy limits]. The ElevenLabs AIUC-1 policy announced in February 2026 is the first AI agent insurance policy of its type and reflects the AIUC-1 certification standard covering data and privacy, safety, security, reliability, accountability, and societal impact; it illustrates the direction of the specialist market. HSB (Hartford Steam Boiler, Munich Re group) has offered early AI and algorithmic-risk affirmative cover, primarily for the US market [VERIFY European availability].

Italian operators should discuss with their broker which of these instruments are available in the Italian market and what the interaction is with their existing CGL, professional indemnity, and cyber policies.

Practical compliance priorities for Italian operators in 2026

The following priorities reflect the current regulatory state. They are ordered by the urgency of the applicable deadline, not by estimated effort.

Immediate (obligations already in force). Complete an Article 5 prohibited-practices audit. Confirm that no deployed system falls into a prohibited category under the EU AI Act. Review AI literacy documentation and confirm that affected staff have received proportionate training consistent with Article 4. If you develop or distribute a GPAI model, confirm that GPAI model obligations under Chapter V have been met or that your provider has confirmed compliance.

Under Law 132/2025, if you employ workers in Italy and use AI for management, monitoring, or performance assessment, confirm that required trade union notification procedures are in place. If AI decisions affect employment conditions, confirm that a human review mechanism is available to the affected worker on request.

Before 2 August 2026. Prepare Article 50 compliance: deploy user-facing disclosures for chatbots, confirm labelling procedures for AI-generated content, and prepare watermarking for synthetic media if applicable. If your systems potentially qualify as high-risk under Annex III, do not wait for the Digital Omnibus deferral to be formally enacted; begin documentation, risk management system, and technical documentation work now and treat the deferral as potential upside rather than a planning assumption.

Before 9 December 2026. Audit product liability coverage for AI software exposure. Review existing commercial general liability and professional indemnity policies for AI output error and deepfake liability gaps. Discuss AI-specific endorsements with your broker.

Frequently asked questions