The authority of the competition and the market (AGCM) has sanctioned Poste Italiane with a fine of 4 million euros. The reason? Incorrect commercial practice. In particular, the sanction concerns the request of permits For the use of BancoPosta and Postepay apps on devices Android.

AGCM Italian Posta Room: 4 million penalty for the obligation to access data on Android

If you remember, in April 2024, the Bancoposta and Postepay App began to ask for authorizations to access the phone use data, with notice messages entitled “Protect your device“. The company had generically spoken of preventing fraud and harmful apps, but the issue had made to turn up the nose to many Android users, who found themselves in fact obliged to provide access In order to continue to use the two applications, contrary to iOS users (“In the absence of this authorization you have a maximum number of 3 access after which it will no longer be possible to access and operate in the app“).

Last February the Poste Italiane apps returned to their steps and stopped asking for that type of authorization: the baiston was communicated to customers with visible dedicated notices by accessing the apps concerned. However, it did not go unnoticed by the authorities: “The conduct in question, put in place by Poste Italiane starting from April 2024, results contrary to professional diligence and characterized by profiles of aggression“We can read in the bulletin of 9 June 2025,”in violation of articles 20, 24 and 25 of the Consumer Code“.

For the authority, Poste Italiane has customer access to essential servicesforcing them to grant access to sensitive data in order to continue use. “The possibility for Poste customers to be able to continue to make use of the aforementioned apps was subject to the mandatory release of consent access to a plurality of data present in its smartphone, based on a request generically motivated by the need to guarantee security from any fraud to users of the Banco Posta and Postepay apps“, We can read in the bulletin.”The practice is also in contrast with the duty of professional diligence prescribed in article 20 of the consumer code in consideration of the information asymmetry that characterizes the relationships between financial intermediaries with its customers, who, in the present case, must be considered particularly high in consideration of the importance of the professional and the characteristics of his customers“, That is, not very experienced subjects.

According to what AGCM declared, Poste “has requested its customers to authorize access to the data of their smartphone in order to be able to continue to take advantage of a feature included in the service provided by it, which constitutes an integral part of the offer of Poste Italiane to its customers, in particular the possibility of ordering your current account or your credit card through the App channel“.

The justifications Tented by Poste Italiane, who spoke of data not attributable to the owner of the smartphone and not used for economic purposes, they have not evidently revealed sufficient: for this reason, the authority imposed a fine of 4 million euros.

If you want to consult the complete bulletin published by AGCM (22/2025 of 9 June 2025) you can follow this link and start reading from page 17. We remind you that starting from the end of June the BancoPosta app will be progressively replaced by the Italian post app, and in the next few months it will also be up to the Postepay app. In fact, the various services of the two apps being provided are already accessible by the Unica Italiana app.

Is this a right sanction in your opinion? Let us know yours.