Law No. 132 (Italian Artificial Intelligence Law) entered into force on October 10, 2025.1 Under Italy’s AI law, at least one implementing decree defining an “organic framework” for data, algorithms and artificial intelligence (AI) training methods is expected to be enacted by October 2026. Italy is the first EU member state to pass a comprehensive national AI framework, and this law marks a turning point for employers operating in Italy. Now that the law has been fully implemented, employers are moving from regulatory preparation to specific compliance and governance decisions regarding the use of AI in the workplace.
Under EU AI law (Regulation (EU) 2024/1689),2 AI systems intended for employment decisions are automatically classified as “high risk” under Article 6 and Annex III. This classification imposes comprehensive obligations such as risk management, data quality control, technical documentation, record-keeping, transparency to users, and meaningful human oversight.
Consistent with EU AI law, Italian AI law puts the protection of fundamental rights at the heart of innovation. Transparency, data protection, gender equality, cybersecurity and accessibility are no longer aspirational principles, but binding requirements shaping how AI is implemented in Italian workplaces.
What this means for employers
Read in conjunction with the Transparency Decree (Decree No. 104/2022):3 Italy’s AI law significantly expands employers’ compliance obligations when AI systems are used in human resources and workforce management processes, such as recruitment, performance evaluation, task assignment, and termination decisions.
Under the law, employers are required to:
- Provide employees with clear and comprehensive information upfront about the capabilities of your AI tools and the data used.
- We will promptly update such information and provide at least 24 hours’ advance notice of any material system changes.
- Share relevant disclosure information with labor union representatives.
- Ensure effective human oversight of automated decision-making. and
- We ensure that our AI systems respect the fundamental rights of our employees and operate without discrimination of any kind.
From disclosure to explanation
The law goes a step further by requiring information to be communicated in plain and accessible language to ensure employees understand how automated decision-making works, the risks associated with AI tools, and the impacts the tools may create. Employees must also have the opportunity to seek clarification and human review of AI-driven decisions.
So compliance is no longer just a problem informis to explain.
sanctions and enforcement
Failure to comply with Italian AI law carries concrete financial risks. Administrative fines of up to €1,500 per employee may be imposed, increasing monthly and with further fines for failure to notify the trade union.
New oversight at the organizational level
Italy’s AI law also establishes a specialized oversight committee for the implementation of AI systems in the workplace within the Ministry of Labor and Social Policy. The Oversight Commission will monitor the employment impact of AI, develop regulatory strategies, identify sectors most affected by digital transformation, and foreshadow increased institutional oversight in the coming years.
Impact on regulated occupations
Professionals are not exempt either. The new law explicitly prohibits the full delegation of professional services to AI systems and requires transparent and understandable disclosure of the use of AI in professional activities.
data protection
If your AI system involves the processing of personal data, the General Data Protection Regulation (GDPR)4 Fully applicable.
Employers should therefore identify valid legal grounds for processing, ensure compliance with the principles of data minimization and purpose limitation, carry out data protection impact assessments where applicable, especially where AI systems are used for systematic evaluation or decision-making affecting employees, and ensure the right to obtain human intervention to express their views and contest decisions where decisions based solely on automated processing produce legal or similar significant effects.
Italy’s AI law strengthens these GDPR obligations. Article 4 of the new Regulation reaffirms that personal data processed through AI systems must be treated lawfully, fairly and transparently, in line with the original purpose for which the data was collected and in full compliance with European Union law.
What companies should do now
Companies operating in Italy must promptly:
- Evaluate the AI systems currently in use.
- Update disclosure notices and internal documents.
- Implement a robust internal policy and governance framework that aligns with new standards of transparency and algorithmic accountability.
- Compliant with GDPR.
- Monitor the enforcement of laws and regulations. and
- Consult with an attorney to ensure compliance.
Italy’s AI law has come into force, and the current stage is an important window for employers to align AI implementation with binding legal requirements, ahead of further regulatory guidance and increased institutional oversight.
