AGCOM, Italy’s telecommunications regulator, has levied a penalty of more than 14 million euros against the company Cloudflare Incl, for noncompliance with an order to disable the DNS resolution of domain names and the routing of network traffic to IP addresses that were reported by rights holders through AGCOM’s Piracy Shield platform.
Alternatively, AGCOM deemed it acceptable to impose technological and organizational countermeasures necessary to make abusive content unusable by end users.
Cloudflare responded quickly. In a posting on X (former Twitter), Cloudflare CEO Matthew Prince “The scheme, which even the EU has called concerning, required us within a mere 30 minutes of notification to fully censor from the Internet any sites a shadowy cabal of European media elites deemed against their interests. No judicial oversight. No due process. No appeal. No transparency.”
Mr. Prince also brought up the inconsistent record of Piracy Shield, which has produced ‘false positives’ that resulted in the cutoff of legitimate sites.
Penalty applied
Even after the notification of the order, AGCOM found that Cloudflare took no measures to counter the use of its services to distribute illegal content. A penalty equal to 1% of the company’s total turnover (revenue) was applied.
Italy’s resolution no. 49/25/CONS of February 18, 2025, the “Piracy Shield law,” provides for a penalty of up to 2% of the revenue realized in the last year ended prior to the notification of the dispute where the non-compliance concerns orders given by the Authority in the exercise of its functions of protection of copyright.
CEO Prince said that it was fined “for failing to go along with (AGCOM’s) scheme to censor the Internet.” Cloudflare “had multiple legal challenges,” he said, “(and will) fight the unjust fine.”
In a prepared statement, the Italian industry advocacy organization FAPAV (Federation for the Protection of the Audiovisual and Multimedia Content Industries) came out in support of AGCOM, citing that the penalty was an “order of an independent authority operating under a law of the Italian Republic unanimously approved by Parliament … (which allows) within 30 minutes, events illegally reproduced on the network.” FAPAV president Federico Bagnoli Rossi said that “CloudFlare is one of the few companies that does not actively cooperate in the fight against piracy.”
Why it matters
This case was one of the first financial penalties in terms of copyright. Cloudflare has been the carrier of a “very large percentage of the sites subject to block by the Authority (AGCOM)…”
AGCOM has authority over “service providers involved in any capacity in the accessibility of the website or illegal services, such as providers of VPN services and those of publicly available DNS, wherever they reside and wherever located, the search engine managers.”
Further reading
Penalty of more than 14 million euros to Cloudflare for violation of anti-piracy rules. Press release. January 8, 2026. AGCOM (Autoirita per le Garanzie Nelle Communicazioni, Italy)
FAPAV’S comment on the AGCOM sanction against Cloudflare. Press release. January 12, 2026. FAPAV (Italy)
Italy: Piracy Shield cited for ‘indiscriminate’ blocking, evasion by pirates using IPv6. Article. October 1, 2025. by Steven Hawley. Piracy Monitor
