Artificial intelligence and work: automated decisions are invalid
Rules for AI: the Digital Agency and the Cybersecurity Agency will have the power to impose sanctions across all sectors. Fair remuneration for professionals. Approval for pilot schemes that deviate from the regulations
The first set of Italian regulations on artificial intelligence is taking shape. The Council of Ministers has given preliminary approval to two legislative decrees implementing Law 132/2025, covering governance, experimentation, employment, education and universities, policing, and civil and criminal liability (see the other articles on pages 4 and 5), whilst other decrees, particularly on health and justice issues, will subsequently complete the framework.
The text specifies that decisions concerning employment relationships, including dismissals, taken solely on the basis of automated processing carried out using artificial intelligence systems, are null and void. With regard to safety, it is established that AI systems must be included within the scope of the risk assessment provided for in the Consolidated Law on Occupational Safety. Article 48 of the Legislative Decree, on the other hand, guarantees fair remuneration for professional services involving the use of AI systems, with a scale linked to the risk classification under the European AI Act. However, the increase is included as an option and is subject to an update, within 12 months, of the decrees on the parameters for the payment of professional fees. There are also new developments in the field of industrial property: algorithms used for training AI systems will be protectable as trade secrets.
Under the AI Act, Italian law applies to suppliers; users established in the EU, defined as natural or legal persons, including public authorities; and manufacturers of products that put an AI system into service alongside their product. In this context, governance will revolve around two agencies, the Agency for Digital Innovation (AGID) and the Agency for Cybersecurity (ACN), according to a framework drawn up by the Department for Digital Transformation, which reports to the Undersecretary for Innovation, Alessio Butti.
AGID, in particular, will act as the national notifying authority: responsible for the assessment, designation and notification of conformity assessment bodies. ACN, on the other hand, will be the general market surveillance authority, but supported by the Bank of Italia, Consob and Ivass, which retain jurisdiction in cases where – for matters concerning the banking, financial and insurance sectors respectively – high-risk systems, as classified under the AI Act, are put into service or used. Both AGID and the ACN will have the power to impose the administrative fines provided for in Article 99 of the AI Act in the event of a breach of the prohibition on unlawful practices: up to €35 million or, in the case of a company, up to 7% of the total annual worldwide turnover of the previous financial year, whichever is higher.
The text also sets out the arrangements for cooperation with the Guardia di Finanza and the possible agreements, memoranda of understanding and cooperation between the various authorities; however, as evidence that this framework could also give rise to disagreements and overlaps, provision is also made for a Coordination Committee within the Prime Minister’s Office and a technical working group within the Ministry of Enterprise to be activated in the event of conflicts of jurisdiction. And the difficulty of striking a balance between administrations has also characterised the drafting of the measure on regulatory sandboxes. It will be possible to conduct the testing and validation of AI systems in derogation from regulations and authorisation regimes, under controlled conditions and under the supervision of AGID and ACN; however, the text was fine-tuned right up to the end to ensure coordination with the fintech testing programme overseen by the Ministry of the Economy.
