The Complete Guide to Using AI in the Government Industry in Italy in 2025

AI is reshaping how public services are delivered in Italy in 2025: the EU AI Act sets the new baseline while a national AI Bill - advanced through a Senate first reading in March and a Chamber approval in June - seeks to tailor rules for healthcare, justice, labour and public administration, designate AgID and the National Cybersecurity Agency as key authorities, and push for data localisation and stronger cybersecurity safeguards; see AgID Italian Strategy for Artificial Intelligence 2024–2026 for targets (150 launched innovation projects in 2025) and practical guidance, and read the Lexology: Italy AI Bill parliamentary coverage for the latest parliamentary milestones.

For public administrations racing to comply and modernise, workforce reskilling is urgent - practical courses like Nucamp's Nucamp AI Essentials for Work bootcamp (AI skills for the workplace) teach usable AI tools, prompt-writing and project-based skills that help IT and policy teams turn regulation into safe, citizen-focused services.

Bootcamp	Length	Early Bird Cost	Register
AI Essentials for Work	15 Weeks	$3,582	Register for Nucamp AI Essentials for Work bootcamp

"the greatest revolution of our time." - Prime Minister Meloni

Italy's 2025 AI moment is unmistakable: a coordinated rush to sovereign infrastructure and home‑grown models that put government IT squarely in the spotlight.

Telecom and cloud players have moved first - Fastweb+Vodafone unveiled the FastwebAI Suite and a NeXXt AI Factory built on an in‑country NVIDIA DGX SuperPOD and the Italian MIIA LLM to offer regulation‑aware GenAI services for public administrations (early adopters include the Senate and ISTAT) - read the Fastweb+Vodafone press release for details.

At national scale, CINECA's IT4LIA AI Factory (an EuroHPC selection) and major initiatives such as Domyn/iGenius's Colosseum - a DGX SuperPOD planned to deliver up to 115 exaflops and run on Italian renewable energy - signal a new era of sovereign compute for regulated workloads in finance, healthcare and government; the ACN overview explains IT4LIA's €430M co‑funded scope and sector focus.

Together these milestones (national AI factories, telco sovereign platforms, and university–industry upskilling) create a practical pathway for public IT teams to adopt compliant, locally hosted AI while keeping data control and cybersecurity front and center; for a vendor perspective see NVIDIA's write‑up on Italy's sovereign AI push.

“Colosseum provides organizations with one of the world's greatest arenas for establishing new standards for innovation and speed in AI for regulated industries.”

Italy's 2025 AI strategy is pragmatic and heavily finance‑led: the government is steering a €1 billion CDP Venture Capital fund to seed startups, commercialise university research and even back an “Italian large language model” so sensitive public workloads can stay under domestic control - see the Rome €1 billion AI boost coverage - while national planners align spending with Europe's bigger infrastructure push through the EU InvestAI facility and AI Factories programme overview to secure compute, data and skills at scale.

Priorities are clear for IT teams in government: channel public money into research‑to‑market pipelines, favour locally hosted models and sovereign compute, tighten data governance for regulated sectors, and invest in workforce reskilling so departments can both procure and operate compliant systems; the EU's AI Factories programme and InvestAI facility create complementary funding and procurement opportunities that Italy is explicitly tapping into.

The strategy also expects a multiplier effect - public seed capital intended to attract roughly another €2 billion of private investment - turning policy into industrial scale and offering concrete project funding paths for public IT modernization projects.

Program	Amount	Purpose
CDP Venture Capital €1B AI fund announcement (Rome unveils €1B AI boost)	€1 billion	Seed startups, tech transfer, build Italian LLM / national champion
EU InvestAI facility and AI Factories programme policy page (InvestAI overview)	InvestAI facility: €20 billion (part of €200B Action Plan)	Gigafactories, AI Factories, pan‑EU compute & infrastructure

“We are convinced that there can and must be an Italian way to artificial intelligence.”

Italy's 2025 legal landscape for government IT is now anchored to the EU's risk‑based AI Act, which put immediate meat on the bones of compliance: from 2 February 2025 Member States and providers had to remove prohibited AI practices and ensure basic AI literacy for staff, and by 2 August 2025 the bloc's governance pillars - the AI Office and GPAI obligations - became operational, creating concrete duties that matter for public IT teams (technical documentation, copyright policies and published training‑data summaries for general‑purpose models).

At the national level Italy's draft implementation assigns the Agenzia per la Cybersicurezza Nazionale (ACN) and Agenzia per l'Italia Digitale (AgID) key market‑surveillance and notifying roles, so procurement, hosting and logging rules will be checked locally as well as at EU level; see the overview of national implementation plans for details.

For IT leaders the takeaway is immediate and practical: treat transparency, incident reporting, cybersecurity hardening and staff reskilling as procurement prerequisites, and prepare for enforcement - the AI Act's sanctions framework (fines up to €35 million or 7% of global turnover for the gravest breaches) already looms - while using the Commission's GPAI guidelines and the EU Code of Practice as the pragmatic playbook for compliant deployments.

Date	Key legal trigger
2 Feb 2025	First AI Act obligations take effect: prohibited practices removed; AI literacy required (DLA Piper summary of the EU AI Act obligations (August 2025))
2 Aug 2025	GPAI obligations and foundational governance (AI Office operational); penalties regime enters application (European Commission GPAI guidelines for general-purpose AI models under the AI Act)
By 2 Aug 2025	Member States must designate national competent authorities (Italy proposal: ACN as market surveillance, AgID as notifying authority) (Overview of national implementation plans for the EU AI Act)

Governance for AI in Italy now carries real teeth: under the Crisis and Insolvency Code and the amended Article 2086 directors and senior managers must put in place an

adequate organisational, administrative and accounting structure

- think KPIs, cash‑flow forecasts, early‑warning monitoring and documented decision trails - so that any emerging crisis is detected and acted on without delay (Analysis of Article 2086 of the Italian Civil Code (Portolano)); Italian courts accept the business‑judgement rule as a shield if choices were diligent and rational, but they will strip that protection away where there was no adequate structure or unreasonable inaction (Business Judgement Rule in Italy - IBA analysis).

For IT teams running government AI projects this translates into governance obligations as operational as a dashboard: log data provenance, run periodic stress tests, document procurement and incident responses, and keep minutes that show reasoned choices.

Liability is not theoretical - case law and recent commentary make clear directors (including in S.r.l. contexts) can face joint and even direct claims from creditors, removal from office, and exposure that may reach personal and family assets - so D&O cover, clear escalation paths and timely engagement with unions and workforce processes (where required) are essential risk controls rather than optional extras (Directors' liability and asset protection for Italian S.r.l. - SIFIR analysis).

Public administrations in Italy are moving from pilots to production with concrete, citizen-facing AI: INPS's in‑house BERT classifier now automatically sorts Certified Emails (CEs), scaling a channel that jumped from about 3 million messages in 2019 to over 6 million in 2023 and already classifying more than 2 million emails with reported accuracy above 80%, which frees clerks to focus on complex cases and is expected to save some 30,000–40,000 working days per year - see the interoperable Europe case study on INPS's CE sorter for implementation and impact details.

At the same time, INPS is testing a personalised virtual assistant to improve search and help users with specific services (beta support for “Opzione Donna”), reflecting a push toward generative and conversational tools that shorten user journeys on public portals (OECD policy entry).

Conversational AI has also modernised contact centres: Interactive Media's virtual agents replaced brittle IVR trees, yielding intent‑identification accuracy around 98%, faster call routing, appointment booking automation, lower operating costs and high citizen satisfaction - useful patterns for IT teams planning compliant, locally hosted deployments.

These use cases show a common recipe for government IT: pair targeted NLP or virtual assistants with local hosting and continuous monitoring, cluster offices by service similarity to maintain accuracy, and design staff retraining so automation translates into better service rather than deskilling; for citizen chatbot examples and plain‑language rewrites see Nucamp's practical resources on chatbot citizen services and multilingual rewrites.

Metric	Value
Certified Emails processed (since deployment)	>2,000,000
CE sorter accuracy	>80%
Estimated annual working days saved	30,000–40,000
Call‑routing intent accuracy (Interactive Media)	~98%
Citizen satisfaction (virtual agents)	85%
Project timeframe	2021–2023 (implemented)

“Interactive Media has been very quick and effective in implementing this new service. In fact, this new service was deployed by Interactive Media in just two weeks and was ready on time to serve the peak of incoming requests.” - Guido Ceccarelli, Head of Customer Services and E‑Collaboration, INPS IT Department

Italy's sovereign AI push in 2025 has crystallised into a concrete stack that government IT teams can actually use: national supercomputing centres and telcos are building local AI factories, Fastweb and partners have deployed in‑country NVIDIA DGX H100 systems to train Italian language models, CINECA and EuroHPC are upgrading Leonardo with a dedicated LISA AI partition (adding 1,328 NVIDIA H100/Hopper GPUs) to host the IT4LIA AI Factory, and Domyn's Colosseum project aims to supply massive capacity (thousands of Grace Blackwell GPUs) for regulated workloads - together these moves create a pathway to train, host and audit LLMs on domestic infrastructure rather than relying on foreign cloud providers.

For IT leaders this means procurement can prioritise in‑nation compute and clear data‑sovereignty controls, while operations teams must plan for secure enclaves, high‑bandwidth networking and workforce skills to run and monitor models; see the detailed overview from NVIDIA on Italy's sovereign AI development and the EuroHPC LISA procurement page for the upgrade timetable and specs.

The practical upshot: with over a thousand dedicated GPUs arriving at Leonardo and modular Colosseum data centres promising rapid deployment, government projects can aim to keep sensitive services and citizen data on home soil without sacrificing the scale needed for modern generative AI.

Initiative	Key figures
Domyn Colosseum / Domyn supercomputer - NVIDIA coverage of planned Domyn Colosseum build	Planned multi‑thousand GPU build (Domyn: 5,760 Grace Blackwell GPUs referenced)
EuroHPC LISA upgrade procurement page - Leonardo upgrade contract and specs	Contract €28,167,942; 1,328 NVIDIA H100 (Hopper) GPUs; delivery Apr–Jul 2025
Fastweb and NVIDIA DGX H100 deployments - in‑country DGX H100 systems for Italian LLMs	In‑country DGX H100 systems for Italian LLMs and generative AI

“This agreement represents a fundamental step towards strengthening Italy's technological sovereignty, ensuring our companies secure and competitive access to data management.” - Adolfo Urso, Minister of Enterprise and Made in Italy

Italy's AI market is entering a scaling phase that matters directly for government IT: according to the Anitec‑Assinform analysis, market value rose to €909 million in 2024 and is projected to nearly double to about €1.802 billion by 2027, with banking and telecommunications leading investments and manufacturing gaining fast momentum (see the Anitec‑Assinform overview).

That surge coexists with a clear adoption gap - large enterprises adopt AI at roughly 24.1% while SMEs sit near 7–8% - and a persistent skills shortage (roughly 3.7 million workers lack basic digital skills and Italy needs tens of thousands more ICT graduates), so public IT teams should prioritise workforce reskilling, public‑private partnerships and regulatory sandboxes to help smaller municipalities and agencies catch up; a broader market review highlights how indigenous models and generative systems (the generative AI market is forecast to expand rapidly) will create procurement opportunities but also demand new ops skills for model governance.

The practical implication for government IT: treat talent development, SME enablement and partnerships with national AI factories as procurement priorities so services scale without sacrificing compliance or citizen trust - after all, the productivity upside is concrete (estimates suggest up to an 18% productivity gain and roughly 5.4 billion hours saved, about the annual work of 3.2 million people) and that frames the “so what?” for every IT roadmap.

Metric	Value / Source
2024 market size	€909 million (Anitec‑Assinform via rinnovabili.net)
2027 projection	€1.802 billion (Anitec‑Assinform / university‑365)
Large enterprise AI adoption	~24.1% (rinnovabili)
SME AI adoption	~7–8% (rinnovabili / itsprodigy)
AI companies (digital enabler sector)	301 (47% of total) (university‑365)
Skills gap	~3.7 million workers lack basic digital skills; ~137,000 ICT grads needed (university‑365)
Estimated productivity impact	Up to 18% productivity gain; ~5.4 billion hours saved (~3.2M worker‑years) (university‑365)

“Our goal is to amplify the voice of ICT companies that face market challenges daily. Their perspectives on frontier digital technologies, supported by data and empirical evidence, are a valuable asset for the entire country.” - Massimo Dal Checco, president of Anitec‑Assinform

Italy's enforcement landscape in 2025 is a live risk map for government IT: data‑protection authorities are already flagging concrete harms (the Garante's July 30, 2025 statement warns about citizens uploading X‑rays and medical reports to generative platforms and stresses the need for human clinical oversight and clear deletion policies - see the Garante advisory on health data and AI (30 Jul 2025)), regulators are tough on sloppy “anonymisation” (a EUR 9,000 fine to AMAT - a Milan municipal company - shows that blurred faces and plates can still amount to personal data), and the NIS2 transposition means ACN will expect documented incident reporting, board‑level accountability and fast portal registration with deadlines that expose public bodies to binding orders and fines if ignored (see the Italian NIS2 legislative decree overview - Advisera).

At the same time, competition and IP risks are front‑and‑centre: national guidance and the EU AI Act's market‑surveillance regime let authorities request training/validation datasets and model documentation under Article 74, while antitrust scrutiny focuses on vertical stack power, tying and data portability that can lock public purchasers into specific cloud or model providers (see the Italy AI regulatory tracker - Global Legal Insights).

For IT teams the checklist is practical and short: prove true anonymisation, keep the DPO independent from operational roles, document DPIAs and human‑in‑the‑loop safeguards for health or high‑risk systems, register and harden NIS2 controls early, and assume authorities can demand model artefacts during market checks - treat governance, logging and contractual data‑use limits as first‑line defences against both regulatory and antitrust exposure.

Enforcement item	Detail / Amount	Source
Garante action - health data warning	Statement on risks of uploading medical analyses to generative AI; call for human oversight	Garante advisory on health data and AI (30 Jul 2025) - InsidePrivacy
Privacy fine (AMAT)	EUR 9,000 for ineffective anonymisation and governance failures	AMAT privacy fine and anonymization risks (Apr 10, 2025) - DLA Piper
NIS2 fines / penalties	Up to EUR 10M or 2% turnover (essential entities); up to EUR 7M or 1.4% (important entities); lower caps for public bodies	Italian NIS2 Legislative Decree overview - Advisera
AI market surveillance powers	Authorities may access documentation, training/validation/test data and model material under Article 74	Italy AI regulatory tracker: market surveillance and Article 74 - Global Legal Insights

"On July 30, 2025, the Italian Data Protection Authority (“Garante”) released a statement addressing the risks of using AI to interpret medical data."

Conclusion: practical, testable steps for IT teams deploying AI across Italian public bodies - start procurement with the Code: design tenders that follow Legislative Decree No.

36/2023 (value‑for‑money, transparency and market access) and use the ICLG public procurement guide to pick the right award procedure and lotting strategy; bake cybersecurity into specifications - the 30 April 2025 DPCM sets default‑secure configs, update mechanisms and a

“trustworthiness” preference for EU/Italian suppliers

so bids that skimp on security are screened out early - remember procurement rules now cap economic scoring for computer goods to favour cybersecurity and best‑value criteria; treat vendor selection as a governance checkpoint (DPIAs, logging, explainability, NIS2 readiness) and reserve an innovation‑partnership lane for bespoke sovereign AI work with national supercomputing centres; and finally invest in people so automation improves service rather than stripping skills - practical reskilling options like the Nucamp AI Essentials for Work bootcamp teach promptcraft, tool use and project workflows that make compliance operational.

These steps turn legal and technical obligations into a straight roadmap for safe, sovereign deployments that protect citizens while unlocking real productivity gains.

Checklist item	Action / Reference
Align tenders with the Procurement Code	ICLG Italy public procurement guide for Legislative Decree No. 36/2023
Mandate cybersecurity & trusted sourcing	Italian DPCM cybersecurity guidelines - 30 April 2025
Reskill operational teams	Nucamp AI Essentials for Work bootcamp - registration and syllabus