The escalation of tension between Rome and San Francisco is reaching unprecedented proportions. Cloudflare, the US network infrastructure giant, is considering drastic steps, including the complete withdrawal of servers from Italy. This is in direct response to the €14 million fine imposed by regulator AGCOM and demands to censor the internet, which the company considers technically dangerous and extraterritorial.
At the heart of the dispute is Italy’s ‘Piracy Shield’ mechanism, introduced at the insistence of sports broadcasters, including those with links to Italian football. This regulation requires DNS providers to block designated IP addresses within just thirty minutes of being reported. Significantly, this process takes place without prior judicial review, giving rights holders a powerful tool to act immediately. Cloudflare, however, has refused to implement these blocking measures in its public DNS resolver (1.1.1.1), arguing that there is a lack of transparency and a demand from the Italian side that the blocking should apply globally, not just locally.
The US company’s concerns are confirmed by recent incidents. The 2024 deployment of the system led to the mistaken blocking of Google Drive, which, according to the Computer & Communications Industry Association (CCIA), caused a service blackout of several hours for thousands of Italian users and businesses. Research by RIPE Labs also found that hundreds of legitimate sites fell victim to the ‘Shield’, blocked without their owners’ knowledge and without a clear redress path. For Cloudflare to comply would mean not only an increase in network latency, but above all an acceptance of censorship based on error-prone automation.
The response from Matthew Prince and the Cloudflare board has been firm. The company has announced that it will halt all investment plans in Italy and remove its servers from Italian cities if regulatory pressure continues. What’s more, it has threatened to withdraw millions of dollars worth of cyber security services provided pro bono for the upcoming Milan-Cortina Winter Olympics.
The issue has already gone beyond a local administrative dispute. Cloudflare intends to raise the issue with the US government, pointing to Italian regulations as an example of unjustified barriers to US business in Europe. At a time when the European Union is seeking to enforce the Digital Services and Markets Acts (DSA/DMA), Italy’s unilateral and aggressive actions could become a staging ground for a wider transatlantic conflict.
