Online platforms hosting user-generated content are now operating under an active federal enforcement regime targeting nonconsensual intimate imagery. As of May 19, 2026, the…
Online platforms hosting user-generated content are now operating under an active federal enforcement regime targeting nonconsensual intimate imagery. As of May 19, 2026, the Federal Trade Commission began enforcing Section 3 of the TAKE IT DOWN Act, ushering in strict new obligations for covered platforms and creating significant compliance exposure for businesses that fall within the law's reach.
Under Section 3, covered online platforms must implement a process through which individuals can request the removal of nonconsensual intimate imagery, including AI-generated deepfakes. Once a platform receives a valid takedown request, it must remove the offending image, as well as known identical copies, within 48 hours. This compressed timeline marks a meaningful departure from the more flexible response windows that have historically governed many user-generated content disputes, and it places substantial operational demands on platforms' content moderation, intake, and removal workflows.
The FTC has signaled that enforcement will be a priority. Chairman Ferguson has sent reminder letters to a broad cross-section of major platforms, including Alphabet, Amazon, Apple, Meta, Microsoft, Snapchat, TikTok, and X, putting industry leaders on notice that the agency expects prompt and demonstrable compliance. To support direct reporting by affected individuals, the FTC has also launched TakeItDown.ftc.gov, a dedicated portal through which consumers can submit complaints regarding platform conduct under the Act.
The financial stakes are considerable. Noncompliant platforms face civil penalties of up to $53,088 per violation, with each instance of noncompliance potentially constituting a separate violation. For platforms processing high volumes of user content, the cumulative exposure could escalate quickly, particularly if intake or removal processes are not adequately resourced or properly documented.
Covered businesses should promptly evaluate whether their existing takedown mechanisms satisfy the Act's procedural and substantive requirements. Key areas of focus include the accessibility of the request process, the sufficiency of identity and consent verification protocols, the speed and accuracy of removal operations, and the detection and suppression of known identical copies. Recordkeeping practices should likewise be reviewed to support the platform's ability to demonstrate compliance in the event of an FTC inquiry.
This alert is provided for general informational purposes and does not constitute legal advice. Clients facing specific questions regarding the TAKE IT DOWN Act or its implementation should seek tailored guidance.