Garante Italy: GDPR and PII Technical Compliance
Updated for 2026
Italy's Most Active Privacy Regulator
The Garante per la protezione dei dati personali is Italy's data authority. It is the EU's most active AI regulator.
Two actions define its approach. In March 2023, the Garante told OpenAI to stop ChatGPT for users in Italy. It found no valid legal basis for the data use. It also found no age check for minors. OpenAI added age controls, a training opt-out, and a privacy notice in Italian. Service came back in April 2023.
In December 2024, the authority fined OpenAI €15 million. Three things caused the fine: no valid legal basis, no clear notice about training use, and no age check for minors.
Any AI tool that handles personal data from users in Italy must meet these same standards.
What Failed in the OpenAI Case
The €15 million fine named specific gaps. Each one maps to a missing technical control.
Training data legal basis: The Garante rejected "legitimate interest" as a basis for training on user data. AI training on personal data needs explicit consent or a contract basis. A claim of "legitimate interest" alone does not pass.
Transparency: Users were not told how their data was used for training. They had no clear opt-out.
Age verification: Minors could access ChatGPT with no age check. The Garante treats this as a hard rule for consumer AI tools.
Key implication: Any AI system that takes user input in Italy must have a documented GDPR legal basis. "Legitimate interest" is high risk.
Italian National Identifiers
Italy has unique ID formats. Generic tools often miss them. Your detection stack must cover all three.
Codice Fiscale
The codice fiscale is a 16-character national ID. It encodes surname sounds, given name sounds, birth date, gender, and birth town. The last character is a check digit.
Garante technical analysis from 2024 found that generic NLP tools catch the codice fiscale only 67% of the time. The main failure: tools match the 16-character pattern but skip the check digit logic. They then produce false positives. Tools that skip the name-encoding rules also cannot verify existing codes.
Good detection needs three things:
- Full check character algorithm
- Surname and given-name letter extraction rules
- Testing against real local data
Partita IVA
The partita IVA is Italy's 11-digit business VAT number. The last digit is a check digit. It appears in invoices, contracts, and business letters. Your tool must run the check digit algorithm, not just match an 11-digit pattern.
Tessera Sanitaria
The health card (tessera sanitaria) holds the codice fiscale as a part of its code. Health data is special-category under GDPR Article 9. That raises the required safeguard level.
Garante Requirements for AI Tools
The Garante's guidance covers three areas.
Before AI processing: PII must be found and removed before data enters an AI system. For AI tools used in Italy — including browser extensions and MCP servers — this means stripping codici fiscali, partite IVA, and health data from prompts before they are sent. See our compliance guide for how to record this step.
For AI training: Explicit legal basis is required. Consent is the Garante's preferred basis for training on user content. "Legitimate interest" requires a written balancing test. That test must show the training goal does not override users' data rights.
For AI outputs: Systems that write content about real people must address the risk of false claims. The Garante has named fabricated personal data as a distinct risk that needs a technical fix.
The 63% Enterprise Gap
A 2024 Garante survey found that 63% of Italian firms have no GDPR-aligned AI policy. The authority has made this gap an active audit focus.
A policy without technical controls is hard to defend. The Garante targets firms that rely on staff to self-police data use. Our security overview shows how automated controls back up written policy.
Four Controls for Garante Compliance
1. Pre-submission PII filtering
Strip codice fiscale, partita IVA, and tessera sanitaria data before input reaches any AI model. This is the core technical fix the Garante's case logic demands.
2. Italian-language NER
Use a named entity model trained on Italian text. For example, spaCy it_core_news. Generic English-trained models miss Italian name patterns. See our multilingual PII detection guide for model selection.
3. Legal basis documentation
For each AI tool in use: write down the legal basis. If training is involved, add the balancing test. Store these where auditors can find them fast.
4. Audit trail
Log that filtering ran, which entity types were found, and what was removed. This gives inspectors the evidence they need without a long manual review.