Italy Fined Apple €98.6 Million for Its Privacy Feature—Yes, Really

Apple built a feature that asks whether you want apps to track you across the internet. It is a simple question with a simple answer: yes or no. Most people said no. Advertisers lost billions. And now Italy has fined Apple €98.6 million for giving users that choice.

The reasoning? According to Italy's Competition Authority (AGCM), Apple's App Tracking Transparency (ATT) feature is "disproportionate" and "harmful" to app developers and advertisers. The regulator argued that Apple abused its dominant market position by implementing privacy protections.

Read that again. A government fined a company for asking users if they consent to being tracked.

What App Tracking Transparency Actually Does

Since iOS 14.5 in April 2021, Apple has required apps to ask permission before tracking user activity across other apps and websites for advertising. When you open an app that wants to track you, you see a popup explaining what the app wants to do. You can tap "Allow" or "Ask App Not to Track."

The results have been overwhelming. Roughly 75 to 95 percent of users—depending on which study you cite—choose not to be tracked. Meta alone estimates it lost $10 billion in advertising revenue in 2022 because users said no.

The feature does not block advertising. It does not prevent apps from working. It simply gives users informed consent over whether their behavior should be monitored and monetized. That is exactly what privacy advocates have been demanding for years.

The Regulatory Logic

Italy's AGCM identified several concerns with ATT. First, they argued that EU users face a "double consent requirement"—both Apple's ATT prompt and GDPR permission dialogs—creating an undue burden on developers. Second, they claimed Apple's own apps do not show ATT prompts since Apple does not track users across third party platforms, potentially giving Apple an unfair competitive advantage.

The regulator stated that Apple "could have achieved the same level of privacy protection through means less restrictive of competition." In other words, they wanted privacy without the inconvenience of actually asking users what they want.

Apple plans to appeal the decision while emphasizing that ATT provides meaningful privacy protections that users clearly value—as demonstrated by how often they choose to use them.

A Pattern Across Europe

Italy is not alone. France's competition regulator fined Apple €150 million for the same feature. Germany, Poland, and the European Commission have pursued similar enforcement actions. Apple has warned it may be forced to discontinue ATT in the EU entirely due to regulatory pressure.

There is some good news. A Paris court recently ruled that Apple can continue offering ATT in France, rejecting an attempt to suspend the feature. The privacy protection will survive there—for now.

But the broader pattern is troubling. European regulators are simultaneously demanding stronger privacy protections under GDPR while punishing companies that implement them. The message to tech companies is clear: privacy features are legally risky.

Why This Matters for Everyone

You might not care about Apple's bottom line. But consider what happens when privacy features become legal liabilities. Companies with fewer resources than Apple—the ones building privacy focused browsers, encrypted messaging apps, and tracking blockers—cannot afford to fight €100 million fines across multiple jurisdictions.

The precedent is dangerous. If asking for consent is anticompetitive, what about blocking trackers entirely? What about offering end to end encryption that advertisers cannot read? Every privacy feature that reduces advertising revenue could theoretically face the same regulatory logic.

The advertising industry has spent years arguing that privacy and competition are at odds—that protecting users harms the market. These fines prove that argument has found sympathetic regulators.

The Privacy Paradox

Europe claims to be the global leader in privacy protection. GDPR set the standard that other jurisdictions now follow. The EU spent years developing rules requiring informed consent for data collection.

Yet when Apple built a system that delivers exactly that—informed consent, presented clearly, with the power to say no—regulators punished them for it. The crime was not violating privacy. The crime was protecting it too effectively.

This contradiction reveals an uncomfortable truth about privacy regulation. Governments want to look like they are protecting citizens. They do not necessarily want citizens to be protected—not if it disrupts the advertising economy they tax.

What You Can Do

If you use an iPhone, App Tracking Transparency still works. Keep saying no when apps ask to track you. The feature exists because millions of users demanded it, and it continues to exist because millions of users value it.

Beyond your device, pay attention to how regulators frame privacy debates. When they argue that consent requirements are "disproportionate," they are really arguing that your ability to say no is inconvenient for business. That framing should concern you regardless of which company is involved.

Privacy is not a feature that can be balanced against advertising revenue. It is a fundamental right that regulators should protect—not punish. When governments fine companies for asking permission, they are telling you that your consent matters less than their economy.