top of page

Title: Italian Regulator Deems Apple's ATT Feature as Limiting Competition

  • Dec 24, 2025
  • 2 min read

Key Findings


  • Italy's antitrust authority (AGCM) fined Apple €98.6 million for abusing its dominant position in the App Store market through its App Tracking Transparency (ATT) framework.

  • The AGCM found that Apple's ATT policy, which requires a double consent prompt for developers to access user data for advertising, is disproportionate and limits competition.

  • Apple's own apps and services can obtain user consent for data collection and personalized ads in a single tap, giving them an unfair advantage over third-party developers.

  • The AGCM criticized the double consent requirement as excessively burdensome for developers, while stating that Apple could have achieved the same level of privacy protection through less restrictive means.

  • Apple plans to appeal the AGCM's ruling, reaffirming its commitment to strong privacy protections and stating that the ATT rules apply equally to all developers.


Background


  • Apple introduced the ATT feature with iOS 14.5 in 2021, which requires apps to obtain user consent to access the Identifier for Advertisers (IDFA) for tracking and targeted advertising.

  • The Identifier for Advertisers (IDFA) is a unique, random identifier assigned by Apple to a user's device, allowing advertisers to track user activity across apps and websites for targeted ads while maintaining user anonymity.

  • Users can reset or disable IDFA through their device's privacy settings.


App Tracking Transparency (ATT) Controversy


  • The AGCM found that Apple's dominant position in the App Store market allowed it to "unilaterally impose" the ATT rules on third-party developers without prior consultation.

  • The authority criticized the double consent prompts required for developers to obtain user permission for data collection and personalized ads, stating that this is "disproportionate" and "burdensome" for third-party developers.

  • In contrast, Apple's own apps and services can obtain user consent in a single tap, giving them an unfair advantage over third-party developers who rely on advertising revenue.

  • The AGCM said that Apple could have achieved the same level of privacy protection through less restrictive means, such as allowing developers to obtain consent in a single "Personalized Advertising" prompt.


Apple's Response and Ongoing Investigations


  • Apple stated that it will appeal the AGCM's ruling, reaffirming its commitment to strong privacy protections and asserting that the ATT rules apply equally to all developers.

  • This is not the first time Apple's ATT framework has faced scrutiny from competition authorities. In 2025, France's Autorité de la concurrence fined the company €150 million for abusing its dominance in ATT consent practices.

  • Apple is also facing similar probes in Poland and Romania, and Germany's antitrust authority is currently testing proposed changes to the ATT consent prompt.


Sources


  • https://securityaffairs.com/186070/laws-and-regulations/italian-regulator-rules-apples-att-feature-limits-competition.html

  • https://thehackernews.com/2025/12/italy-fines-apple-986-million-over-att.html

Recent Posts

See All
Defeating AI with AI

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profil

 
 
 

Comments


  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page