What happened
According to the Garante’s December 2024 announcement, Italy’s data protection authority fined OpenAI EUR 15 million after an investigation into ChatGPT, finding that the company had processed users’ personal data to train the model without first identifying an appropriate legal basis, had violated the transparency principle and its information obligations toward users, had no age verification to keep children under 13 away from inappropriate responses, and had failed to notify the authority of a March 2023 breach in which some users could see the titles of other users’ conversations. The decision capped a case that began in March 2023, when the same regulator briefly banned ChatGPT’s processing of Italian users’ data, a suspension lifted within weeks after OpenAI added privacy notices, opt-outs and age gating. Alongside the fine, the Garante ordered OpenAI to run a six-month public information campaign across Italian radio, television, newspapers and the internet, in what the regulator said was the first use of a new power under Italy’s privacy code, to explain to users and non-users how their data is collected for training and how to exercise their rights. OpenAI called the decision disproportionate, said the fine was nearly twenty times the revenue it made in Italy during the same year, and announced an appeal.
The appeal succeeded, but not on the substance. By judgment No. 4153/2026, issued in March 2026 with full reasoning published in May, the Court of Rome annulled the decision in its entirety, both the fine and the campaign order. The court held that once the Irish Data Protection Commission was recognised in February 2024 as OpenAI’s lead supervisory authority in the EU, under the rule that routes supervision of a company to a single lead regulator, the Garante lost the power to decide the case at all, roughly nine months before it issued its decision. The court made no finding that OpenAI’s practices were lawful, and no finding that they were not; nine further grounds of appeal were never examined. The Garante’s own website now carries a notice that the decision has been temporarily removed following the judgment. The ruling is a first-instance judgment that the Garante can still appeal to Italy’s highest court; the authority had not publicly announced a decision on an appeal as of mid-2026. The Garante had already forwarded the file to the Irish regulator, and whether that authority will pursue the substantive allegations remained open as of mid-2026.
What an auditable version would have shown
Strip away the jurisdictional fight and the case was always about questions of record: what personal data went into training, what legal basis had been identified before processing began, what users were actually told, and when the company knew about the breach. Nearly three years after the original ban, none of those questions has an authoritative answer in Europe, because the decision that was meant to answer them was annulled over which regulator had the power to decide it. An auditable version keeps substance and venue apart. Signed records of what data was collected, under which declared legal basis, and what notices users saw at each point in time would exist independently of which regulator holds the file. When supervision moved from Rome to Dublin, the record would have moved with it intact, ready for whichever authority takes the questions up next.
Where the gap was
The Garante’s findings, which now carry no legal force and were never tested on their substance, described processing that ran ahead of its own paperwork: data collected for training before a legal basis was identified, and users informed after the fact, if at all. A ConstraintGate treats the declared legal basis as a standing rule checked before processing begins, not a rationale assembled once a regulator asks; training runs on data with no recorded basis simply do not start. A ConductRecord preserves what was collected, what users were shown, and when the breach was known, in a form any supervisory authority can verify. Under data protection law a company must be able to demonstrate compliance, not merely assert it, and that demonstration is only as good as the records behind it.
What governance should have looked like
A regulator fined a company EUR 15 million, a court erased the fine without touching the question of whether anyone had done anything wrong, and the public is left knowing less than either process promised. That outcome is only possible when the facts live inside the proceeding instead of inside the systems that generated them. Companies deploying models trained on personal data should hold signed, portable records of what was processed and on what basis, so that the answer to “was this lawful” does not depend on which city’s regulator asked first. The jurisdiction can change hands; the record should not have to be rebuilt.
The reference implementation of ConstraintGate and ConductRecord is open source. It lives at github.com/saffronandindia/headlights-oss, Apache 2.0 licensed and free to install. The repository is public now.
Sources
- ChatGPT: Italian DPA fines OpenAI EUR 15 million (Garante press release, with annulment notice)
- Italy’s privacy watchdog fines OpenAI 15 million euros after probe into ChatGPT data collection (Euronews)
- Italian court kills OpenAI’s EUR 15M fine, and it wasn’t even close (PPC Land)