Platform and Intermediary Liability for AI, Streaming, and Online Infringement: A Modern Compliance Guide

Forty years after the US Supreme Court’s Sony Betamax decision established the foundational doctrine of “secondary liability” for technology providers, the legal framework for intermediary liability has evolved dramatically. The Sony “substantial non-infringing uses” test that protected VCR manufacturers in 1984 is now largely a historical reference — superseded by a layered modern framework combining the EU Digital Services Act (DSA), DSM Directive Article 17, the EU AI Act, Italian Law 132/2025, and platform-specific compliance frameworks. For platforms, marketplaces, AI companies, and streaming services operating in Italy and the EU, the compliance landscape is materially different from anything previously known.

This guide explains the current operational framework for intermediary and platform liability. For the theoretical EU framework (McFadden CJEU + DSM Directive structure), see our internet intermediary liability guide. For the broader copyright framework, see our master pillar guide to copyright law in Italy and Europe.

From Sony to today: a brief history

The US Supreme Court’s 1984 decision in Sony Corp. v. Universal City Studios established that manufacturers of technology with “substantial non-infringing uses” are not liable for users’ infringing conduct. The doctrine governed analogue and early digital technology liability for decades — protecting VCRs, photocopiers, and later peer-to-peer file-sharing platforms. Subsequent US developments (MGM v. Grokster, 2005, on inducement liability; YouTube v. Viacom, 2012, on DMCA safe harbour) refined but did not replace the framework.

The European Union took a fundamentally different path. The e-Commerce Directive 2000/31/EC established safe harbours for mere conduit, caching, and hosting services. The CJEU’s 2016 decision in McFadden (C-484/14) confirmed the framework for open Wi-Fi providers. But the 2018-2024 wave of EU legislation — DSM Directive, Digital Services Act, AI Act — has substantially expanded the scope of platform direct liability, particularly for content-sharing platforms, AI providers, and very large platforms. The “Sony era” of broad immunity for technology providers is, in the EU, definitively over.

The DSA framework

The Digital Services Act (Regulation 2022/2065), fully applicable since 17 February 2024, applies to a layered range of online services with intensified obligations for very large online platforms (VLOPs) and search engines (VLOSEs). Key obligations:

• Notice-and-action mechanisms: platforms must provide accessible procedures for rights holders to report infringement and obtain rapid response;
• Statement of reasons: platforms must justify content moderation decisions with detailed reasoning;
• Transparency reporting: detailed reporting on content takedowns, restrictions, and algorithmic decisions;
• Risk assessment: VLOPs/VLOSEs must assess and mitigate systemic risks including IP infringement risks;
• Recommender system transparency: algorithmic transparency requirements;
• Researcher data access: vetted researcher access to platform data;
• Internal complaint handling: structured appeals mechanisms.

For platforms operating in Italy, DSA compliance is supervised by AGCOM in coordination with the European Commission. Non-compliance can trigger fines up to 6% of global turnover for very serious violations.

AI training liability

One of the most contested current legal frontiers: liability of AI companies for training on copyrighted content. The framework combines:

• DSM Articles 3-4 (text and data mining): TDM is permitted for scientific research (Article 3, no opt-out) and for general AI training (Article 4, with rights holder opt-out);
• Italian transposition: Articles 70-ter and 70-quater LDA;
• Opt-out mechanisms: rights holders must signal opt-out in machine-readable form (robots.txt, metadata, platform policies);
• EU AI Act Article 53: foundation model providers must publish training data summaries and respect EU copyright;
• Output liability: where AI generates output infringing specific copyrighted works, AI providers and users face direct copyright liability.

Major ongoing litigation (NY Times v. OpenAI, Getty Images v. Stability AI, multiple music industry cases) tests these boundaries. For Italian AI companies and AI-using businesses, compliance requires: training data documentation, opt-out respect, output filtering, transparency disclosure. See our OpenAI Sora analysis and AI photography guide for related frameworks.

Streaming platform liability

Under DSM Directive Article 17 (Italian Article 102-sexies LDA), online content-sharing service providers (OCSSPs) — including video-sharing platforms, social media with substantial UGC, and streaming services with user content — face direct copyright liability. Key obligations:

• Authorisation: OCSSPs must obtain authorisation (typically licences) from rights holders;
• Best efforts to obtain licences: where authorisation is not obtained, demonstrate best efforts;
• Best efforts to ensure unavailability: implement detection systems (e.g., Content ID) for content for which rights holders have provided relevant information;
• Notice-and-stay-down: expeditious removal of notified content plus measures to prevent re-upload;
• User redress: users must have appeals mechanisms against erroneous removals.

For Italian streaming and content-sharing services (including platforms producing original content), licensing arrangements with major rights holders (collecting societies, music publishers, film studios) have become essentially mandatory rather than optional.

Marketplace and counterfeit liability

Online marketplaces (Amazon, eBay, Etsy, Alibaba, AliExpress) face specific liability questions for third-party seller listings:

• Active vs passive role: marketplaces actively involved in listing curation, recommendation, and fulfillment face higher liability exposure than purely passive intermediaries;
• CJEU framework: cases including L’Oréal v. eBay (C-324/09, 2011) and subsequent decisions establish principles for marketplace liability;
• Platform-specific programmes: Amazon Brand Registry, eBay VeRO, Alibaba IPP, Etsy IP — provide rights holder enforcement mechanisms;
• DSA notice-and-action: standardised mechanisms across EU marketplaces;
• Italian enforcement: combination of platform takedowns, AGCOM proceedings, customs intervention, and civil action.

For Italian luxury brands experiencing counterfeit listings, coordinated multi-channel enforcement is the typical strategy — see our trademark enforcement remedies guide.

Deepfake and synthetic content liability

AI-generated deepfake content engages multiple liability frameworks simultaneously:

• EU AI Act Article 50: AI-generated content depicting identifiable persons requires transparency labelling;
• Italian Law 132/2025: specific personality rights protections against unauthorised AI use of likenesses;
• Article 10 Italian Civil Code + Articles 96-97 LDA: traditional image rights framework applies — see our right to image guide;
• GDPR Article 6: image is personal data, requires legal basis for processing;
• Defamation: deepfakes presenting identifiable persons in compromising contexts engage Italian Civil Code defamation provisions;
• Platform liability: under DSA, platforms hosting deepfake content face takedown obligations and risk assessment requirements.

Italian audiovisual productions accessing the cinema tax credit must comply with the mandatory AI clause under Article 7 paragraph 6 D.I. 225/2024 — see our tax credit guide.

Italian enforcement: AGCOM and Piracy Shield

Italy operates one of the most active national enforcement frameworks in the EU:

• AGCOM: administrative procedures for online IP infringement, including rapid takedown procedures under Regulation 680/13/CONS and subsequent updates;
• Piracy Shield: Italian system for rapid blocking of infringing streaming domains, particularly for live sports and premium content. Operational since 2024 with substantial blocking volumes;
• Specialised IP chambers: judicial enforcement through specialised chambers in major Italian courts;
• Criminal enforcement: serious copyright infringement engages Italian Criminal Code provisions with imprisonment up to 4 years;
• Cross-border coordination: through EU framework and bilateral cooperation arrangements.

How DANDI supports platforms and AI companies

DANDI.media advises platforms, AI companies, streaming services, marketplaces, and content businesses on intermediary liability compliance:

• DSA compliance audit and implementation;
• DSM Article 17 licensing strategy and Content ID implementation;
• AI Act compliance: foundation model obligations, training data documentation, output filtering;
• AI training opt-out implementation and respect;
• Marketplace counterfeit response programmes;
• Deepfake and synthetic content compliance;
• AGCOM proceedings and Piracy Shield coordination;
• Cross-border enforcement coordination;
• Crisis response for major IP enforcement events.

For consultation, book directly with Avv. Claudia Roggero or Avv. Donato Di Pelino.

Related guides

Dandi Law Firm provides legal assistance in several Practice Areas. Check out our Services or contact Us!