Italy Fines Apple $116 Million over Consumer Privacy Rules
December 24, 2025
Italy’s competition authority — the Autorità Garante della Concorrenza e del Mercato (AGCM) — has fined Apple €98.6 million ($116 million) for imposing “excessively burdensome” privacy conditions on third-party app developers via its App Tracking Transparency (ATT) framework.
The regulator alleges Apple abused a dominant position with its ATT policy, introduced in 2021 to give users control over tracking for personalized ads.
The policy ended up imposing a “double consent” requirement on third-party developers — forcing them to display both ATT and GDPR consent prompts — while Apple’s own apps avoid the extra layer, the authority said. This disparity inhibits competition, particularly affecting smaller developers that depend on ad revenue, it said.
“The Authority’s findings confirmed the restrictive nature – from a competition-law perspective – of the App Tracking Transparency (“ATT”) policy, i.e. the privacy rules imposed by Apple for iOS devices, as of April 2021, on third-party developers of apps distributed through the App Store,” the AGCM said in a press release.
“In particular, third-party app developers are required to obtain specific consent for the collection and linking of data for advertising purposes through Apple’s ATT prompt,” it added. “However, such prompt does not meet privacy legislation requirements, forcing developers to double the consent request for the same purpose.”
Apple said it will appeal, and defended ATT as a vital privacy tool that applies to all developers equally.
Responding to media inquiries, the tech titan said:
At Apple, we believe privacy is a fundamental human right, and we created App Tracking Transparency to give users a simple way to control whether companies can track their activity across other apps and websites. These rules apply equally to all developers, including Apple, and have been embraced by our customers and praised by privacy advocates and data protection authorities around the world, including the Garante. We strongly disagree with the ICA's decision, which disregards the important privacy protections ATT provides in favor of ad tech companies and data brokers who want unfettered access to users' personal data. We will continue to defend strong privacy protections for our users as we appeal.
Europe’s crackdown on accountability
Italy’s move is the latest in a string of regulatory actions aimed at reigning in market power and increasing platform accountability. Earlier this year, France fined Apple €150 million for similar alleged abuses related to ATT enforcement.
Meanwhile, under the European Union’s Digital Services Act (DSA), the European Commission recently slapped X (formerly Twitter) with a €120 million fine. In that case, regulators targeted opaque verification systems, insufficient advertising transparency, and barriers to research access — violations that can fuel impersonation scams and misinformation.
Authorities are increasingly willing to enforce stringent rules to protect competition, transparency, and ultimately consumer trust in digital services.
Consumer trust in Big Tech
These enforcement actions are part of wider efforts to ensure major platforms don’t introduce asymmetries in how data is collected and used, how competition is structured, or how user identity is communicated. When platforms lack transparency and fairness, it erodes consumer trust in the digital ecosystem.
This erosion is reflected in the results of our 2025 Consumer Cybersecurity Survey based on responses from over 7,000 consumers worldwide. While many consumers rely on major platforms for communication, shopping, and financial services, growing fears around Big Tech's stronghold undermine their trust in digital services.
Source: Bitdefender 2025 Consumer Cybersecurity Survey
Source: Bitdefender 2025 Consumer Cybersecurity Survey
Regulatory actions such as the AGCM’s fine and the first DSA enforcement against X reflect growing recognition that strong oversight can help protect consumers and support fair competition — both of which are essential to consolidating trust in digital services.
But policymakers alone can’t resolve the trust gap. As our survey highlights, consumers also need better cybersecurity habits — from using independent security tools to practicing safer data and privacy behaviors.
You may also want to read:
Europe fines X €120 million in first enforcement of the Digital Services Act
Accept All Cookies? ICO Prompts Top UK Websites to Make It Clear What Data They Collect from Users
Singapore Tells Apple and Google to Block Fake Messages in Crackdown on Scams
tags
Author
Filip has 17 years of experience in technology journalism. In recent years, he has focused on cybersecurity in his role as a Security Analyst at Bitdefender.
View all postsRight now Top posts
How Do You Manage Your Passwords? We Ask Netizens
December 18, 2025
Cybercriminals Use Fake Leonardo DiCaprio Film Torrent to Spread Agent Tesla Malware
December 11, 2025
FOLLOW US ON SOCIAL MEDIA
You might also like
Bookmarks
