AI, Responsibility, and Governance: What Companies Need to Know About Italian Law No. 132/2025

Although the law aims to align with the EU regulatory framework, it introduces legal and constitutional principles that are typically Italian, such as the explicit protection of democratic integrity.

The foundation of the new law promotes a human-centered and anthropocentric view of AI. This stance directly impacts the greatest challenge facing companies today: the intellectual property barrier to generative AI content.

The Intellectual Property Barrier: When Is AI-Generated Content Truly a “Work”?

The most significant development for companies leveraging new technologies is the amendment to the Italian Copyright Act (Law No. 633 of 1941). This provision definitively addresses the ambiguous legal status of content generated by generative AI.

The law confirms that a work created “with the aid of artificial intelligence tools” is protected only if it is “the result of human creativity and reflects the author’s intellectual effort.”

-> This legal clarification imposes a fundamental burden of proof on all users of AI systems. Content generated by an AI model operating autonomously will not be eligible for copyright protection under Italian law. In this context, “autonomous” refers to a situation in which human involvement is limited to a mere suggestion. The human contribution must be substantial and creative.

The risk of creating commercially valuable content that is not legally protected—and therefore cannot be licensed or defended—is now immediate and profound.

The New Due Diligence: A Mandate for Corporate Governance

The human-centered approach directly translates into greater obligations for corporate governance and business risk management.

Business risk

The principle of “human oversight” is fundamental. The law clearly states that AI cannot replace the individual’s final decision-making authority. This is a critical factor in managing administrative liability under Legislative Decree No. 231/2001 (Model 231).

Companies must establish and document a Human Authorhip Protocol (HAP). This protocol must verifiably trace the creative role of a human editor or prompt in the final AI-assisted output. Failure to demonstrate this process means that the company does not have protected intellectual property, potentially exposing it to liability and commercial failure.

Contract review

A change in intellectual property status requires a review of all related business documentation.

• Assignment and licensing of intellectual property: Existing commercial contracts must be updated immediately. They must now explicitly define and require documentation of the “human intellectual work” that transforms a GenAI output into a protected asset.

• Professional services: For the liberal professions, the use of AI is limited to instrumental and support activities. Professionals must also inform their clients about which AI systems are being used, in a clear and understandable manner.

Sector-specific characteristics and future implementation

Law No. 132/2025 also introduces specific sector-based provisions that point to future areas of regulatory focus, although some key provisions remain subject to future implementing decrees.

• Finance and insurance: The law grants the government the authority to issue decrees that will establish the legal framework for the use of data and algorithms in the finance and insurance sectors. This will require institutions to establish robust governance, audit, and testing procedures for AI systems.

• Employment: Employers must adhere to strict principles of safety, reliability, and transparency when implementing AI systems in the workplace and are required to inform employees of their use.

Next steps

The new Italian law confirms that the adoption of AI must be strategic, verifiable, and compliant. The era of passive use of GenAI tools is over; the focus is now on governance, transparency, and traceability.