Italy Fines Cloudflare €14 Million for Refusing to Censor the Internet
Italy just fined Cloudflare €14.2 million for refusing to censor the internet.
The crime? Not blocking websites through its popular 1.1.1.1 DNS resolver—a free service used by millions worldwide to browse the internet faster and more privately.
This isn't just about piracy. It's about a government demanding that a global infrastructure provider filter what everyone on Earth can access. And it's already causing collateral damage: in October 2024, Italy's anti-piracy system accidentally blocked Google Drive for hours.
Here's what happened, why it matters, and what this means for internet freedom.
What Happened
On January 9, 2026, the Italian communications authority AGCOM announced a fine of €14,247,698 against Cloudflare. The amount represents 1% of Cloudflare's global annual revenue—the maximum under Italian law is 2%.
The reason: Cloudflare refused to implement website blocking in its 1.1.1.1 public DNS resolver as required by Italy's anti-piracy legislation.
Cloudflare CEO Matthew Prince responded on X:
Yesterday a quasi-judicial body in Italy fined @Cloudflare $17 million for failing to go along with their scheme to censor the Internet. The scheme, which even the EU has called concerning, required us within a mere 30 minutes of notification to fully censor from the Internet any… pic.twitter.com/qZf9UKEAY5
— Matthew Prince 🌥 (@eastdakota) January 9, 2026
Cloudflare has announced it will appeal the fine. The company also threatened to:
- Stop investing in Italy
- Remove all Italian servers
- Discontinue free cybersecurity services for Italian organizations
What is Piracy Shield?
Italy's Piracy Shield is one of the most aggressive anti-piracy systems in the world. Here's how it works:
- Rights holders (like football leagues or movie studios) report a website for hosting pirated content
- The report goes to AGCOM
- Italian ISPs must block the reported IP addresses or domains within 30 minutes
- No court order required. No due process. No time for verification.
The system was designed to combat illegal streaming of Serie A football matches. But 30 minutes isn't enough time to verify whether a block is legitimate—and that's where things go wrong.
The Collateral Damage: Google Drive Blocked
In October 2024, Piracy Shield blocked Google Drive for several hours across Italy.
Why? Someone reported a Google Drive URL that allegedly hosted pirated content. Instead of blocking just that specific file, the system blocked the entire Google Drive domain.
Millions of Italians suddenly couldn't access:
- Their work documents
- School assignments
- Personal backups
- Shared family photos
- Business files
All because of one piracy report and a 30-minute deadline that left no time to think.
This isn't hypothetical. A legitimate service used by billions was blocked in an entire country because an anti-piracy system had no safeguards against false positives. This is what happens when you prioritize speed over accuracy.
Why DNS Blocking is Particularly Dangerous
AGCOM didn't just ask Italian ISPs to block sites—they demanded that Cloudflare's global DNS service (1.1.1.1) implement the same blocks.
This is fundamentally different, and here's why it's problematic:
1. DNS is Global Infrastructure
When you type "google.com" in your browser, a DNS resolver translates that to an IP address (like 142.250.185.46). Cloudflare's 1.1.1.1 serves users in every country on Earth.
If Cloudflare blocks a domain for Italy, how do they prevent that block from affecting users in Germany, Brazil, or Japan? The technical answer: they can't easily do so without significant infrastructure changes.
2. It Sets a Precedent for Every Country
If Cloudflare complies with Italy's blocking demands, what happens when:
- China demands blocks on Tibetan news sites?
- Russia demands blocks on Ukrainian media?
- Saudi Arabia demands blocks on LGBTQ+ resources?
- Any authoritarian regime demands blocks on political opposition?
Once you establish that DNS providers must comply with national censorship demands, every country will want their own blocklist. The internet fragments into national intranets.
3. It Requires Mass Surveillance
To block specific domains, Cloudflare would need to inspect every DNS query from every user and check it against a blocklist. As Cloudflare explained in their response:
"We would need to build a filter that checks all DNS requests. This would cause significant delays and would censor content not just in Italy, but worldwide."
This transforms a privacy-focused service into a surveillance tool.
The Spain Connection: LaLiga's Similar Approach
Italy isn't alone. Spain has been doing something similar with LaLiga football matches.
During the 2025-2026 season, Spanish ISPs have been blocking Cloudflare IP addresses during match weekends to prevent illegal streaming. The result?
- ~3,300 legitimate websites blocked as collateral damage
- GitHub, ChatGPT, Instagram, X, Bluesky—all affected
- Docker was down in Spain for several days in September 2025
- ProtonVPN saw a 200% surge in Spanish signups
The European approach to anti-piracy is increasingly breaking the internet for everyone, not just pirates.
The Bigger Picture: Who Controls the Internet?
This case raises fundamental questions:
Should infrastructure providers be content police?
DNS resolvers, CDNs, and hosting providers are like roads and power lines—they're infrastructure. We don't expect the electric company to cut power to your house because you might be watching pirated movies. Why should internet infrastructure be different?
What happens to due process?
Under Piracy Shield, there's no court order, no appeal process before blocking, and a 30-minute deadline. Even the EU has expressed concerns about this system's compatibility with fundamental rights.
Who bears the cost of collateral damage?
When Google Drive gets blocked, who compensates the businesses that lost access to their files? When GitHub goes down in Spain, who pays for the developer hours lost? Currently: nobody.
How Can You Protect Yourself?
If you're in a country with aggressive DNS blocking, here's how to maintain access to the internet:
1. Use a VPN
A VPN encrypts your traffic and routes it through servers in other countries. Your ISP can't see which sites you're visiting, and DNS blocks don't affect you.
When Spain started blocking Cloudflare IPs, VPN signups surged 200%. People vote with their wallets.
Check Your VPN: Use our DNS leak test to make sure your VPN is actually protecting your DNS queries. If your ISP's DNS is still being used, you're not fully protected.
2. Use DNS-over-HTTPS (DoH) or DNS-over-TLS (DoT)
These protocols encrypt your DNS queries, making it harder for ISPs to see which domains you're requesting. Most modern browsers support DoH:
- Firefox: Settings → Privacy & Security → Enable DNS over HTTPS
- Chrome: Settings → Privacy and Security → Use secure DNS
- Edge: Settings → Privacy → Use secure DNS
3. Consider Alternative DNS Providers
While Cloudflare 1.1.1.1 is fighting this battle, other privacy-focused DNS options include:
| Provider | DNS Address | Privacy Focus |
|---|---|---|
| Cloudflare | 1.1.1.1 | No logging, fast |
| Quad9 | 9.9.9.9 | Swiss-based, malware blocking |
| NextDNS | Custom | Configurable, privacy logs optional |
| Mullvad DNS | 100.64.0.4 | No logging, ad blocking |
4. Test Your Current Setup
Not sure if your DNS is leaking? Check these:
- What's my IP address? — See your current IP and location
- DNS leak test — Verify your DNS queries aren't exposed
- WebRTC leak test — Check for browser IP leaks
What Happens Next?
Cloudflare will appeal the fine in Italian courts. The case could eventually reach the European Court of Justice, which would set precedent for the entire EU.
Meanwhile, Cloudflare's threat to pull out of Italy entirely is significant. If they remove Italian servers:
- Italian websites using Cloudflare will be slower
- DDoS protection for Italian organizations disappears
- Free security services for Italian NGOs and small businesses end
The Italian government is playing chicken with a company that provides critical internet infrastructure. The collateral damage could extend far beyond piracy.
Final Thoughts
The Italy-Cloudflare case is a preview of battles to come. As governments worldwide seek more control over online content, infrastructure providers are caught in the middle.
Cloudflare's position is clear: they won't become the internet's censorship bureau. As Matthew Prince put it, even the EU has called Italy's approach "concerning."
The question is whether courts will agree—or whether we're heading toward a fragmented internet where every country has its own blocklist, and services like Google Drive can be taken offline with 30 minutes' notice.
For now, the best protection is awareness. Know what's being blocked, understand why, and take steps to maintain your access to the open internet.
Because when anti-piracy measures can block Google Drive, something has gone very wrong.
Protect Your Privacy:
- Check your IP address — See what websites know about you
- DNS leak test — Verify your DNS privacy
- WebRTC leak test — Detect browser IP leaks
- What your ISP tracks — Understanding ISP surveillance