Italy’s deepfake law 132/2025: what changed after the Meloni case
On 6 May 2026 Italy's Data Protection Authority asked Parliament for the power to block, from Italy, access to platforms generating non-consensual deepfakes, naming Grok, ChatGPT and Clothoff in the public statement (ANSA, 6 May 2026). The request followed the viral diffusion of a synthetic image portraying Italian Prime Minister Giorgia Meloni, generated with consumer-grade generative AI tools.
The legal framework is not starting from scratch. Italy's Law 132/2025, in force since 10 October 2025, has already introduced a new criminal offence for the unlawful diffusion of content generated or altered with artificial intelligence systems. The provision punishes with imprisonment of one to five years anyone who distributes, without consent, synthetic images, videos or voice clones capable of deceiving an observer about their authenticity. The Meloni case has put the operational limits of that framework under public scrutiny.
The thesis of this article is straightforward: in a context where deepfakes are produced in seconds using publicly accessible tools and spread within hours, defence based on detection is structurally late. The only practicable strategy for exposed organisations, public authorities and individuals is to invert the paradigm: certify the authenticity of genuine content at the source, before the fake enters circulation. Law 132/2025 punishes harm that has already materialised; preventive certification prevents the harm from forming in the first place.
The Meloni case and the Authority's request: what happened in May 2026
On 6 May 2026 the Italian Data Protection Authority published a statement asking Parliament for stronger intervention powers on generative AI platforms. The request came days after a synthetic image of the Italian Prime Minister was generated and shared across multiple channels in a matter of hours.
The Authority named three platforms explicitly: Grok (xAI), ChatGPT (OpenAI) and Clothoff. The last one had already been the target of a blocking order in October 2025 for producing non-consensual nude content. The request now aims to obtain the power to interdict, from Italy, access to services that allow generation of synthetic content from real images or voices of identifiable persons.
Why blocking platforms does not solve the problem
The Authority itself acknowledged a structural limit: blocking a single platform shifts production to alternative services, often hosted in non-cooperating jurisdictions. Between November 2025 and April 2026 dozens of new services similar to Clothoff appeared online. Blocking remains a necessary but reactive instrument: it arrives after the fake has been produced and rarely before its viral diffusion.
The operational point: speed of reaction
When a deepfake gets published, the useful window to contain harm is measured in hours, not days. The Authority stressed that speed of reaction is not a procedural detail: it is the condition that distinguishes an effective intervention from a late one. For the person portrayed, obtaining the removal of content already seen by hundreds of thousands of users means acting on harm that is already consolidated.
Italy's deepfake law: what the new criminal offence covers
Law 132/2025 introduced article 612-quater in the Italian Criminal Code, titled "Unlawful diffusion of content generated or altered with artificial intelligence systems". The provision has been in force since 10 October 2025 and creates an autonomous offence, distinct from defamation and from the existing offence of non-consensual sharing of sexually explicit images (art. 612-ter, the so-called "revenge porn" provision).
The offence punishes anyone who causes unjust harm to a person by transferring, publishing or otherwise distributing, without their consent, images, videos or voices falsified or altered through artificial intelligence systems and capable of misleading about their genuineness. The penalty is imprisonment of one to five years.
Two core elements: unjust harm and capacity to deceive
Two concurrent elements are required for the offence to apply. The first is unjust harm: mere distribution is not enough, the person portrayed must suffer a concrete injury to a protected right (reputation, dignity, privacy, personal identity). The second is the capacity to deceive an average observer about the content's authenticity: the deepfake must be realistic enough to mislead, even if a trained eye could spot manipulation cues.
Prosecution by complaint and ex officio
The general rule is prosecution upon complaint by the injured party, within a six-month window. Two exceptions trigger ex officio prosecution: when the victim is unable to consent due to age or infirmity, and when the offence is committed against a public authority because of the functions exercised. The latter scenario is the one potentially applicable to the Meloni case, although qualification is for the judiciary to determine.
Labelling and disclosure obligations
Law 132/2025 goes beyond criminal law. It transposes and integrates Regulation (EU) 2024/1689 (the AI Act) by requiring that any content created or modified through generative AI tools be clearly and visibly labelled as such. Failure to label does not by itself trigger article 612-quater, but it can be relevant in establishing the wilful intent and awareness of the person distributing the content.
The European framework: AI Act, GDPR and Digital Services Act
Italian law does not operate in isolation. It sits on top of three European pillars that together draw a multi-layer framework relevant to any organisation publishing or moderating digital content.
The EU AI Act (Regulation 2024/1689) classifies generative AI systems as limited-risk technologies but imposes specific transparency obligations for synthetic content: anyone producing or distributing deepfakes must declare their artificial nature. The GDPR, applicable since 2018, protects "image" and "voice" personal data as biometric data when they identify a natural person, and provides the legal basis for Data Protection Authority measures.
The Digital Services Act imposes on intermediary platforms obligations of rapid removal of illicit content and transparency on moderation mechanisms. Large platforms (VLOPs) have reinforced obligations, including a systemic risk assessment for the diffusion of manipulated content.
How the legal layers apply to a single deepfake
| Norm | Scope | Penalty |
|---|---|---|
| Italian Criminal Code art. 612-quater (Law 132/2025) | Diffusion of harmful deepfakes without consent | Imprisonment 1-5 years |
| Italian Criminal Code art. 612-ter | Diffusion of sexually explicit images | Imprisonment 1-6 years |
| GDPR art. 5, 6, 9 | Unlawful processing of image and voice | Fines up to 20M EUR or 4% turnover |
| AI Act art. 50 | Labelling obligation for synthetic content | Fines up to 15M EUR or 3% turnover |
| Digital Services Act art. 16, 23 | Removal and transparency obligations for platforms | Fines up to 6% global turnover |
The corporate impact: beyond reputational damage
The Meloni case drew media attention to public figures, but the operational risk for companies is equally concrete and far less reported. Organisations are exposed on four specific fronts.
Replicated executive identities
Synthetic replication of voice and image of CEOs, CFOs and corporate spokespersons has become a standard tool of next-generation BEC (Business Email Compromise) fraud. In 2024 a multinational engineering firm transferred 25.6 million USD after a video conference with a fake CFO reconstructed in deepfake (CNN, February 2024). The critical point is not the quality of the fake: it is the absence of a verifiable channel to authenticate genuine communications.
Official communications and documentary litigation
A press release, an internal statement, an institutional video can be replicated or altered for market manipulation, reputational attacks or legal disputes. When a company has to prove in court that a particular statement is its own and not a manipulated version, it needs technical evidence of provenance that exists before the incident.
Fraud on documentary evidence
Regulated sectors like banking, insurance, healthcare and public administration handle digital evidence every day: photos of insurance claims, telemedicine videos, screenshots of transactions, audio recordings of advisory calls. All this content is replicable with generative tools. The risk is not just being the target of a deepfake: it is being unable to distinguish genuine from fake when the counterparty produces one.
Liability chain under the DSA and the AI Act
Platforms hosting or distributing third-party content are liable for illicit content they fail to remove in a timely manner. Failure to remove a harmful deepfake after notification exposes the provider to administrative sanctions and to civil claims from the injured party. For companies running communities, reviews and user-generated content, this translates into reinforced moderation obligations and growing compliance costs.
Why detection-based defence is structurally late
Public debate often centres on deepfake detection: AI tools that, by analysing a suspect file, should determine whether it is genuine or manipulated. Three data points make the limits evident, as discussed in detail in TrueScreen's complete deepfake guide.
First, the arms race. Every improvement of detectors is followed, within months, by new generative models producing content immune to that specific analytical technique. A 2025 study from the University of Edinburgh showed that the statistical fingerprints used by neural-network detectors erode predictably with each new generation of models.
Second, the timing. Even assuming a perfect detector, its usefulness arrives after the content has been seen. For Giorgia Meloni the synthetic image was already viral before any analytical system entered the picture. Social media diffusion speed makes post-hoc analysis a dead end.
Third, the evidentiary asymmetry in court. Detection produces a probabilistic judgement ("the content is fake at 92%"). A probability is not technical evidence with legal value: it is an expert assessment that opposing parties can contest. What makes the difference in court is evidence of provenance, not an estimate of falsity. The Digital Provenance approach inverts the logic.
What preventive authenticity certification is and why it changes the problem
Preventive certification is the opposite paradigm to detection. Instead of asking "is this content fake?" after publication, it fixes the authenticity of the genuine content at the moment of creation, with qualified timestamp, eIDAS-grade electronic seal and forensic chain of custody. When a party needs to prove that a document, audio or video is genuine, they produce the certification. The fake, by definition, cannot produce one.
TrueScreen is the Data Authenticity Platform that operationalises this logic as a service. It does not detect deepfakes and does not issue qualified certificates directly: it integrates a qualified QTSP's seal via API, applies qualified timestamp and forensic chain of custody at the moment of content creation, and produces a certified file that holds in court as pre-incident provenance evidence. The operational model is acquisition plus certification, not just sealing pre-existing data.
Certified acquisition from app, browser and extension
Certification begins at the exact moment of creation. The TrueScreen mobile app lets a responsible operator capture photos, videos and audio directly from a device, applying seal and timestamp at the source. The browser extension and the Forensic Browser do the same for webpage screenshots, video call recordings and online documents.
eIDAS-grade seal and qualified timestamp via integrated QTSP
Every acquired content is sealed with an electronic certificate issued by a third-party Qualified Trust Service Provider integrated into the platform. The qualified timestamp establishes the exact moment of certification with legal value under the eIDAS Regulation. The chain of custody documents every step: who acquired, from which device, at which moment, with which metadata.
Independent public verification
Anyone can verify the authenticity of a TrueScreen-certified file through the public portal, without an account and without depending on the platform itself. Verification returns in real time the timestamp, the QTSP identity that applied the seal, the content hash and the chain of custody. If the file has been modified by even a single bit after certification, verification fails.
Micro-case: a certified press release
A listed company publishes a press release with quarterly earnings guidance. Days later a manipulated version circulates on social channels with a halved revenue figure, falsely attributed to the CFO. The stock drops 4%. Without preventive certification, the company would need to produce an expert analysis to demonstrate that the genuine release is a different one. With preventive certification, the company presents the original certified file: timestamp at the moment of release, QTSP seal, verifiable hash. Provenance evidence neutralises the manipulated version.
When preventive certification is the only practicable defence
Three categories of scenarios make preventive certification not an option, but the only defence that actually works.
The first: high-value official communications. Public statements by executives, price-sensitive disclosures, institutional videos. In these cases the damage from manipulation is measured in market capitalisation points or in multi-million legal claims. Certifying the genuine content at issue costs negligibly compared to the risk.
The second: documentary evidence in regulated sectors. Photos of insurance claims, telemedicine videos, audio recordings of financial advisory, screenshots of banking operations. When the content serves as evidence in court or in disciplinary proceedings, preventive certification turns a potentially contestable file into technical evidence with legal value.
The third: judicial and investigative context. Public administrations, law enforcement, legal professionals producing or receiving digital content destined for formal proceedings. Having a seal applied at the source makes content admissible in court without the need for additional technical consultancy.
