Italy has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

Italy has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbour. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.
Legislative Decree 09/04/2003 No. 70 transposes Directive 2000/31/EC in Italy.

It is reported that Italy imposes an identity requirement for SIM registration. Anyone wanting to purchase a SIM card has to provide their national ID card or a passport in case of foreigners to activate a new prepaid SIM card.

Art. 17 of Directive 2019/790 on Copyright in the Digital Single Market (DSM Directive) mandates that providers of content-sharing services seek authorisation from rights holders and implement technical solutions to remove and prevent unauthorised uploads by their users (so-called upload filters), under penalty of losing their liability safe harbour. Further arrangements are envisaged for complaints and dispute resolution mechanisms. Such upload filters are reported to be a significant cost for online platforms. Graduated exemptions are expected to be put in place for new providers active in the EU for less than three years with a turnover under EUR 10 million, and with fewer than five million users. The provision is subject to a challenge in the Court of Justice by Poland (C-401/19).
To implement Directive 2019/790, the President has promulgated Legislative Decree No. 177, therefore making online content-sharing service providers partially liable for copyright violations on their platforms.

It is reported that in late March 2023, the Italian data protection authority ordered a temporary ban on ChatGPT in Italy. This ban was implemented due to concerns about data privacy, age verification, accuracy of information, and transparency. The authority questioned how OpenAI was collecting and processing personal data and raised concerns about the lack of robust age verification measures to prevent minors from accessing the service. Additionally, there were worries about the potential spread of misinformation through the AI system and a lack of clarity about how OpenAI was using the data it collected.
The ban lasted for about three weeks. During this time, OpenAI worked with the Italian authorities to address these concerns. By late April 2023, ChatGPT was allowed to resume operations in Italy after OpenAI implemented several changes. These changes included providing more transparent information about data processing, introducing an age verification system, allowing users to object to their personal data being used for training the AI and giving European users the right to request corrections of inaccurate personal information.

The EU Directive on Audiovisual Media Services (AVMS) covers traditional broadcasting services as well as audiovisual media services provided on-demand, including via the Internet. Art. 13.1 provides for Member States to secure a minimum 30% share of European works in the catalogues as well as "ensuring prominence" of those works. "Prominence" involves promoting European works by facilitating access to such works using any appropriate means to ensure their prominence. The Directive has been implemented by Member States in different ways, ranging from very extensive and detailed measures to a mere reference to the general obligation to promote European works.
In Italy, the EU Directive was transposed into domestic law through Legislative Decree No. 208. According to Art. 55 of the Decree, catalogues of on-demand audiovisual media service providers under Italian jurisdiction must prominently feature at least 30% European works. Providers are required to ensure that, over the past five years, at least 30% of their catalogue consists of European audiovisual works, excluding those that charge a specific fee for individual programmes. Additionally, at least 50% of the European works quota must be reserved for original Italian works produced by independent producers within the last five years. The regulations referred to in Art. 57 shall stipulate that at least one-fifth of the sub-quota of investment must be reserved for cinematographic works of original Italian expression produced by independent producers in the last five years, regardless of where they were made.

It is reported that Italy does not mandate functional separation for operators with significant market power (SMP) in the telecom market. However, accounting separation is required by law.

It is reported that the Autorita per le Garanzie Nelle Comunicazioni (AGCOM), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.

Art. 39 of the Presidential Decree No. 633 of 1972 states that electric archives related to accounting data for VAT declarations may be kept in a foreign country only if some kind of convention has been concluded between Italy and the receiving country governing the exchange of information in the field of direct taxation. Therefore, such limitation does not apply intra-EU.

The European Union General Data Protection Regulation (GDPR) provides a comprehensive framework for data protection that applies to all EU Member States. Italy implemented the GDPR by means of the Personal Data Protection Code.

Under the EU Directive on Data Retention, operators were required to retain certain categories of traffic and location data (excluding the content of those communications) for a period between six months and two years and to make them available, on request, to law enforcement authorities for the purposes of investigating, detecting and prosecuting serious crime and terrorism. On 8 April 2014, the Court of Justice of the European Union declared the Directive invalid. However, not all national laws that implemented the Directive have been overturned.
In Italy, the Directive has been implemented through an amendment to the Privacy Code effective as of August 2009 and still applies today. Under the Privacy Code, providers of a public communications network or a publicly available electronic communications service must retain "telephone traffic data" and "electronic communications traffic data" for 24 months or 12 months, respectively, for law enforcement purposes. A 30-day retention period applies in case data related to unsuccessful calls are processed on a provisional basis.

In Italy, operators are obliged to retain data for extended periods on the basis of that Anti-Terrorism Decree. As a result of the amendment to the Anti-Terrorism Decree through Law No. 167 of 2017, companies under the scope of the Anti-Terrorism Decree to this end shall set a retention period of 72 months (6 years) for both telephone and traffic data.

The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbour. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.
Legislative Decree 09/04/2003 No. 70 transposes Directive 2000/31/EC in Italy.

The Directive 2016/943 on the protection of undisclosed know-how and business information (trade secrets) is key in harmonising national laws concerning trade secrets. Italy transposed the Directive through the Implementation of Directive (EU) 2016/943 of the European Parliament and of the Council of 8 June 2016 on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition and disclosure (Official Gazette of the Italian Republic; Number: 130)