Italy Italy Garante GDPR AI enforcement

Italy Splits AI Oversight Four Ways — And Hands the Garante the Hardest Sectors

Italy's June 2026 AI decrees give the privacy regulator jurisdiction over policing, justice, borders, and democracy — the sectors most likely to test its capacity.

Italy's AI Oversight Split People of Internet Research · Italy 4 Authorities named AgID, ACN, financial regulators, a… 15 days Biometric ID cap Real-time remote biometric identif… 7 days Unmatched data deletion Biometric data from unmatched real… Oct. 2026 Final adoption deadline The decrees must be finally adopte… peopleofinternet.com
Italy's AI Oversight Split People of Internet Research · Italy 4 Authorities named 15 days Biometric ID cap 7 days Unmatched data deletion Oct. 2026 Final adoption deadline peopleofinternet.com

Key Takeaways

Italy's Council of Ministers gave preliminary approval on June 10, 2026 to two legislative decrees implementing Law 132/2025, the national AI statute that took effect on October 10, 2025 and made Italy the first EU member state with a comprehensive domestic AI framework. The decrees do the work the framework law deferred: they name who actually enforces it. The Council's official communiqué splits supervisory authority four ways — AgID as notifying authority, ACN as market-surveillance authority and single EU contact point, Banca d'Italia/CONSOB/IVASS for financial services, and the Garante per la protezione dei dati personali for high-risk AI used in law enforcement, border management, justice, and democratic processes.

A Deliberately Narrow Mandate — With the Hardest Cases Inside It

The Garante's slice is small by design but heavy by consequence. It does not oversee AI generally, or even most high-risk categories under Regulation (EU) 2024/1689 — those go to AgID and ACN. It gets the sectors where AI intersects with state coercive power and biometric identity: predictive policing tools, facial recognition at borders, algorithmic scoring in judicial contexts, and systems touching electoral or democratic processes. According to reporting from noze.it, the second decree — covering police use of AI and civil/criminal liability — sits alongside a first decree on authority powers, sanctions, and training obligations across education, healthcare, and public administration.

The biometric rules are specific enough to be enforceable, which is itself notable. Per Il Post's reporting, real-time remote biometric identification requires prior judicial authorization, is capped at fifteen days (renewable by reasoned order), and is limited to serious security threats, missing-persons searches, and trafficking-victim identification. Post-event facial recognition is confined to identifying suspects after a crime has occurred. Data from unmatched real-time scans must be deleted within seven days, though audit logs persist for five years. Untargeted, mass web-scraping-based surveillance is explicitly prohibited. The decree also adds Article 437-bis to the criminal code, penalizing the omitted adoption of security measures in high-risk AI systems where doing so creates concrete danger to life, public safety, or state security — with liability extending to corporate entities under the existing Legislative Decree 231/2001 framework, per Il Post.

The Case for Concentrating This Oversight in One Regulator

The strongest argument for routing these four sectors specifically to the Garante, rather than to AgID or ACN, is institutional fit. Predictive policing, border biometrics, and judicial scoring are not primarily AI-accuracy problems — they are personal-data problems wearing an AI label. The Garante already has two decades of GDPR enforcement experience, a body of facial-recognition case law, and standing relationships with the EDPB and G7 data protection authorities. A market-surveillance body built to audit conformity assessments and CE-marking processes is not obviously the right institution to judge whether a fifteen-day biometric authorization was proportionate to an actual security threat. Concentrating rights-sensitive, coercive-power use cases in the regulator whose statutory mission is protecting individuals against the state is, on its face, a sensible division of labor — and one that tracks how GDPR itself already treats law enforcement and judicial data processing as a distinct, more sensitive category.

The Case for Worry

But fit is not the same as capacity, and this is where the decree invites scrutiny rather than applause. The Garante is already stretched: its own 2025 activity report catalogs hundreds of enforcement actions across the entire economy under existing GDPR authority. Layering supervision of live predictive-policing deployments and border biometric systems onto that docket — sectors that demand fast, technically literate judgment calls, often under time pressure — is a real capacity question, not a hypothetical one. Il Post's reporting captured critics making a related point: broad statutory language "capable of various interpretations" risks making the fifteen-day judicial-authorization window a formality rather than a check, and stacking a national layer of rules on top of the EU AI Act's already-detailed Article 5 prohibitions and Annex III high-risk categories may generate interpretive friction rather than clarity for the police and border agencies actually running these systems day to day.

There is also a first-mover cost worth naming plainly, echoed in the same reporting: Italy is legislating specifics — fifteen-day caps, seven-day deletion windows, Article 437-bis criminal exposure — before most EU peers have implementing rules to compare against, and before the European Commission has issued much of the secondary guidance the AI Act anticipates. That is a meaningful bet. If Brussels's eventual harmonized guidance diverges from Rome's choices, Italian police and border agencies absorb the cost of retrofitting compliance twice.

What to Watch

Both decrees remain in preliminary form. Per noze.it and governo.it, they now go to parliamentary committees and the State-Regions Conference for opinions before returning to the Council of Ministers for final adoption — with a hard deadline of October 2026, twelve months after Law 132/2025's delegation clause took effect. The texts can still change. The two things worth tracking between now and final adoption are whether the Garante receives dedicated budget and headcount to match its new caseload, and whether the fifteen-day judicial-authorization mechanism for real-time biometric identification gets tightened or loosened in committee. Both will determine whether this is a genuine rights safeguard or a well-designed rule that nobody has the resources to actually enforce.

Sources & Citations

  1. Council of Ministers Press Release No. 177
  2. Garante Privacy 2025 Activity Report
  3. Cleary Gottlieb: Italy Adopts First National AI Law in Europe
  4. Il Post: Cosa c'è dentro i decreti del governo sull'intelligenza artificiale
  5. noze.it: Italy's Implementing Decrees for Law 132/2025