8 min read

THE ONLINE REGULATION SERIES 2021 | ITALY

THE ONLINE REGULATION SERIES 2021 | ITALY

The regulatory regime established in Italy to counter terrorist and violent extremist content online is largely
derived from the Anti-terrorism Decree No. 7 of February 2015, which amended the Criminal Code with respect to
terrorist offences. The first articles of the decree amend various provisions of the Criminal Code concerning
terrorist offences such as the recruitment of terrorists, and the endorsement or incitement of terrorism,
particularly if “committed by means of computer or telematic tools.” It also makes provisions for the blocking and
taking down of terrorism-related websites. Italy has also recently introduced additional provisions on cyberbullying
as well as online hate speech.

Italy’s regulatory framework:

  • Decree-Law
    No. 7 of February 18, 2015
    ,[1] also known as Italy’s Anti-Terrorism
    Decree, entered into force in
    February 2015 to amend the Criminal Code with respect to fighting terrorism. href="#_ftn2">[2] The amendment supplements the
    established criminal law by identifying the use of IT as an aggravating circumstance of offences committed
    in relation to terrorism or the incitement to terrorism.[3]

  • Legislative
    Decree No. 259/2003
    , the Electronic Communications Code, which establishes the rules governing
    both public and private telecommunications services, as well as the provision of internet-based services. href="#_ftn4">[4]
    This Code implements the regulatory framework for electronic communications networks and services adopted in
    2002 at the EU level, including the Framework Directive[5] (2002/21/EC),
    Authorisation Directive (2002/20/EC),
    Access Directive (2002/19/EC) and Universal Service Directives (2002/22/EC). In 2009, further Directives
    were adopted to improve and update the 2002 regulatory framework, and the Code was amended accordingly. href="#_ftn6">[6]

  • Legislative Decree No. 70/2003, the
    Implementation of EU Directive 2000/31/EC on Certain Legal Aspects of
    Information Society Services in the Internal Market, with particular reference to E-Commerce (E-Commerce
    Act), which is the main framework for contractual relations established online, href="#_ftn7">[7] regulating both
    business-to-business and business-to-consumer transactions (also known as the E-Commerce Law). href="#_ftn8">[8] This decree
    establishes the liability of Internet Service Providers (ISPs) for illegal content.

  • Law No. 71/2017, a regulation
    for the safeguarding of minors and the prevention and tackling of cyberbullying which constitutes the first
    specific law in Italy to target cyberbullying and introduces measures to prevent it.

  • The href="https://www.agcom.it/documents/10179/13511391/Allegato+23-5-2019+1558628852738/5908b34f-8c29-463c-a7b5-7912869ab367?version=1.0">Regulation
    containing provisions on respect for human dignity and the principle of non-discrimination against hate
    speech, contained in href="https://www.agcom.it/documents/10179/13511391/Delibera+157-19-CONS/568d8b16-6cb6-4ea1-b58c-c171c2e24367?version=1.0">Resolution
    157/19 / CONS, was approved in 2019 by AGCOM.[9] The Regulation
    establishes the principles to which audiovisual and radio media service providers under Italian jurisdiction
    must conform in information and entertainment programmes to ensure respect for human dignity and the fight
    against hate speech.[10] The Law additionally contains specific rules for
    providers of video-sharing platforms.

Main regulatory bodies

  • Authority for Communications Guarantees, or Autorità per le Garanzie nelle Comunicazioni (AGCOM)
    established by Law No. 249/1997, is an independent administrative body empowered to regulate and supervise
    electronic communications, broadcasting, and publishing in Italy.[11]

  • The Ministry of the Interior is empowered through the Criminal Code Anti-Terrorism Decree to maintain a
    list of the websites that are utilised for terrorist recruiting activities. The authorities may instruct
    Internet Service Providers to immediately block access to such websites identified by the authorities.[12]

Key takeaways for tech companies

Anti-Terrorism Decree-Law No. 7 of February 18, 2015

  • To protect national security, the Law introduces measures to counter proselytisation orchestrated online.
    The use of IT tools is considered an aggravating circumstance for offences related to terrorism or
    incitement to terrorism committed.

  • The Law also stipulates that the Italian Postal and Communications Police must constantly update a blacklist
    of websites being used for terrorist purposes in order to facilitate any police investigation. href="#_ftn13">[13]

  • Persons who are recruited by others to commit acts of terrorism are subject to an increased prison term of
    a minimum of three and a maximum of six years upon conviction. Penalties are increased when the acts are
    performed through digital or telecommunications instruments:[14]

    • Article 302 of the Criminal Code, concerning the incitement to commit terrorist offences, punishes
      with from one up to eight years’ imprisonment “[w]hoever incites another person to commit one of the
      intentional [terrorist] offences, for which the law provides for life imprisonment or a prison
      sentence, if the incitement is unsuccessful, or if the incitement is successful, but the offence is
      not committed. The punishment shall be increased by up to two thirds if the act is committed through
      internet or electronic tools”;[15]

    • Article 414, paragraph 1 of the Criminal Code punishes the public incitement to commit crimes with
      up to five years’ imprisonment. The same punishment shall apply also to those who publicly glorify
      one or more criminal offences. The punishment shall be increased if the offence is committed through
      electronic tools” and if the glorification and incitement relate to terrorist offences; href="#_ftn16">[16]

  • Paragraphs 2, 3 and 4 of Article 2 provide measures for the blocking and taking down of terrorism-related
    websites. A unit of the Ministry of the Interior is empowered to generate and update a list of websites used
    for “subversive” and “terrorist” activities, with powers similar to those already provided in respect of
    child abuse websites. href="#_ftn17">[17] In addition, Internet Service Providers (ISPs) can be requested to filter or to take
    down the websites on the list if asked to do so by a Public Prosecutor. href="#_ftn18">[18]

Legislative Decree No. 70/2003

  • Internet Service Providers are not generally liable for illegal third-party content; however, they may face
    civil penalties if they fail to remove illegal content or disable access to such content following a request
    to do so made by the competent authority.[19]

  • According to Article 17, ISPs are not subject to a general monitoring obligation with regard to content
    uploaded by their users that ISPs might transmit or store; nor are they subject to a general obligation to
    actively seek facts or circumstances indicating illegal activity. However, when informed of any unlawful
    conduct or information provided by users of their service, ISPs must promptly inform the competent judicial
    or administrative authority.

  • In addition, upon request by the authorities, ISPs must prohibit access to illegal content. Failure to
    comply with this requirement may result in civil liability. [20]

Law No. 71/2017

  • Section 1(2) of the Law defines “cyberbullying” as any form of pressure, aggression, harassment, defamation,
    identity theft, manipulation, illicit data processing of personal data [or] harm [which affects a] minor.
    The section also condemns the diffusion of online material regarding one or more members of a minor's family
    with the intention of causing harm to one or more minors.[21]

  • This Law grants to the victim of cyberbullying and to their parents the right to request that the data
    controller or the Website Manager[22] (in which cyberbullying activities
    have occurred) remove or block abusive
    content within 48 hours of receiving the request. Once the 48 hours have expired without any intervention
    from the responsible entity, or should the data controller or Website Manager not be identifiable, the
    individual can lodge a complaint with the Italian Data Protection Authority.

  • • Within 48 hours from the receipt of this request, the Authority will take action according to the
    provisions of Sections 143 and 144 of Italian Personal Data Protection Code, which can order the damaging
    content to be blocked or taken down.[23]

Regulation containing provisions on respect for human dignity and the principle of non-discrimination against hate speech (Resolution 157/19 / CONS)


  • This Regulation establishes the principles to which audiovisual and radio media service providers under
    Italian jurisdiction must conform in information and entertainment programmes to ensure respect for human
    dignity and the fight against hate speech.[25]

  • The Law contains specific rules for providers of video-sharing platforms. In particular, it promotes
    coordinated regulation mechanisms to be adopted by the platforms for hindering the online dissemination, in
    particular on social media, of content that violates human dignity and for the removal of ‘hate content.’
    The Law additionally notes that such measures should include efficient systems for distinguishing and
    flagging unlawful content as well as users uploading it.[26]

Tech Against Terrorism’s Analysis and Commentary

According to Freedom House, some of Italy’s laws “present a threat to internet freedom in the country”. Referring in
particular to the 2015 Anti-terrorism Decree, which expanded language in the criminal code concerning both terrorist
recruitment and the endorsement or incitement of terrorism to include online activities, the criticism adopted by
Freedom House focuses on the risk that “the law could be applied broadly and would sanction legitimate instances of
free expression that fall within international norms on protected speech.”[27]

European Digital Rights (EDRi) has expressed concerns over Italy’s Anti-terrorism Decree, and in particular over
“problematic provisions as regards data retention, blocking measures and data protection issues”. For example, EDRi
discusses the powers for blocking and filtering websites exercised on the request of a Public Prosecutor.

Article 19 submitted comments to the consultation of the Proposal of Resolution No. 157/19/CONS, on combatting ‘hate
speech’ in the country. While Article 19 welcomed the initiative, the organisation voiced concerns about those
aspects of the Law which “fail to adequately safeguard the right to freedom of expression”. Article 19 notes that,
in the Proposal, the Regulation’s rules for providers of platforms for video sharing “refer to the removal of ‘hate
content’ without making the needed distinction among lawful and unlawful content”. Article 19 further notes that the
definition of hate speech “contributes little to the identification of the unlawful conduct to be prohibited by the
new rules” and makes reference to three different definitions provided by both international and national
instruments, which all seem to treat similarly multiple expressions which have different degrees of severity.
Article 19 argues that international freedom of expression standards require a different approach to various types
of ‘hate speech’ based on their severity.[28] Article 19 has therefore recommended that the Law “should include
sufficient guarantees that lawful hate speech is not unduly restricted”.[29]

[1] Urgent Measures for the Fight against Terrorism, Including International Terrorism, as well as Extension of the International Missions of the Armed Forces and Police, Cooperation Initiatives for the Development and Support of Reconstruction Processes, and Participation in Initiatives of International Organizations for the Consolidation of Peace and Stabilization Processes.

[2] Council of Europe (2017), PROFILES ON COUNTER-TERRORISM CAPACITY: Italy

[3] D'Ostuni, Zotta and Tremolada (2021), The Technology, Media and Telecommunications Review: Italy, Cleary Gottlieb Steen & Hamilton LLP

[4] D'Ostuni, Zotta and Tremolada (2021), The Technology, Media and Telecommunications Review: Italy, Cleary Gottlieb Steen & Hamilton LLP

[5] Directive 2009/140/EC, Directive 2009/136/EC and Regulation (EC) No. 1211/2009

[6] D'Ostuni, Zotta and Tremolada (2021), The Technology, Media and Telecommunications Review: Italy, Cleary Gottlieb Steen & Hamilton LLP

[7] ICT Legal Consulting (2019), E-Commerce in Italy, Lexology

[8] Rinaldi, Anselmi and Bresch (2021), Digital business in Italy: overview, Studio legale Bird & Bird, Thomson Reuters Practical Law [1] Parlamento Italiano (2019), Approvato dall'AGCOM il Regolamento per il contrasto alle espressioni d'odio (hate speech)

[9] Parlamento Italiano (2019), Approvato dall'AGCOM il Regolamento per il contrasto alle espressioni d'odio (hate speech)

[10] D'Ostuni, Zotta and Tremolada (2021), The Technology, Media and Telecommunications Review: Italy, Cleary Gottlieb Steen & Hamilton LLP

[11] D'Ostuni, Zotta and Tremolada (2021), The Technology, Media and Telecommunications Review: Italy, Cleary Gottlieb Steen & Hamilton LLP

[12]  Figueroa, Dante (2015), Italy: Updated Legislation on Fight Against Terrorism, Library of Congress

[13] D'Ostuni, Zotta and Tremolada (2021), The Technology, Media and Telecommunications Review: Italy, Cleary Gottlieb Steen & Hamilton LLP

[14] Figueroa, Dante (2015), Italy: Updated Legislation on Fight Against Terrorism, Library of Congress

[15] Council of Europe (2017), PROFILES ON COUNTER-TERRORISM CAPACITY: Italy

[16] Council of Europe (2017), PROFILES ON COUNTER-TERRORISM CAPACITY: Italy

[17] EDRi (2015), Italy: Anti-terrorism decree to strengthen government surveillance

[18] EDRi (2015), Italy: Anti-terrorism decree to strengthen government surveillance

[19] ICT Legal Consulting (2019), E-Commerce in Italy, Lexology

[20] D'Ostuni, Zotta and Tremolada (2021), The Technology, Media and Telecommunications Review: Italy, Cleary Gottlieb Steen & Hamilton LLP

[21] ICT Legal Consulting (2017), Italian Parliament passes landmark law against cyberbullying, Lexology

[22] According the Section 1(3) of the Law the so-called “Website Manager” (the entity which manages the content of a website/social media in which cyberbullying activities may take place) is the main subjects of the obligation to combat cyberbullying. See: ICT Legal Consulting (2017), Italian Parliament passes landmark law against cyberbullying, Lexology

[23] ICT Legal Consulting (2017), Italian Parliament passes landmark law against cyberbullying, Lexology

[24] Parlamento Italiano (2019), Approvato dall'AGCOM il Regolamento per il contrasto alle espressioni d'odio (hate speech)

[25] D'Ostuni, Zotta and Tremolada (2021), The Technology, Media and Telecommunications Review: Italy, Cleary Gottlieb Steen & Hamilton LLP

[26] Article 19 (2019), Article 19 Responds to AGCOM Proposal for Hate Speech Regulation

[27]Freedom House (2021), Freedom on the Net 2021: Italy

[28] Namely, (i) ‘hate speech’ that must be prohibited, including by criminal law (such as incitement to genocide or incitement to violence); (ii) ‘hate speech’ that may be prohibited (such as discriminatory or bias-motivated threats or harassment); and (iii) lawful ‘hate speech,’ which raises concerns in terms of intolerance and discrimination and merits response, but should be protected from restrictions.

[29] Article 19 (2019), Article 19 Responds to AGCOM Proposal for Hate Speech Regulation