FTC Begins Enforcing the TAKE IT DOWN Act One Year After Enactment, Warning 15 Platforms to Build Intimate-Image Removal Systems or Face $53,088-Per-Violation Fines
The FTC launched enforcement of the TAKE IT DOWN Act on May 19, sending warning letters to fifteen platforms — including Snapchat, TikTok, Meta, and X — that have not yet built compliant removal processes for nonconsensual intimate images and AI deepfakes.
Editor's Note ·
- Correction:
- The article describes Becca Branum as 'a civil rights advocate.' According to the CyberScoop source, she is the director of the Free Expression Project at the Center for Democracy and Technology. The substantive account of her concerns about over-removal incentives and the DMCA analogy is accurate.
Overview
The Federal Trade Commission began enforcing the TAKE IT DOWN Act on May 19, 2026, exactly one year after President Trump signed the law, sending warning letters to fifteen major technology platforms that the agency says have not yet established the compliant removal processes the law requires. The recipients — Alphabet, Amazon, Apple, Automattic, Bumble, Discord, Match Group, Meta, Microsoft, Pinterest, Reddit, SmugMug, Snapchat, TikTok, and X — face civil penalties of up to $53,088 per violation if they fail to act, according to The Record.
What We Know
What the Law Requires
The TAKE IT DOWN Act — formally the Tools to Address Known Exploitation by Immobilizing Technological Deepfakes on Websites and Networks Act — mandates that platforms remove nonconsensual intimate imagery within 48 hours of a victim’s valid removal request, as reported by CyberScoop. The law covers both real intimate photographs and videos shared without consent and AI-generated sexual deepfakes. Its criminal prohibitions took effect immediately upon signing in May 2025; the civil enforcement regime requiring compliant removal systems took effect on May 19, 2026.
Beyond the 48-hour removal window, platforms are required to implement hashing technology to identify and simultaneously remove known identical copies of flagged content, according to The Record. Platforms must share those hashes with the National Center for Missing and Exploited Children for content involving minors and with StopNCII.org for content involving adults. Companies must also display clear notices about removal options on their homepages and in content areas, and must provide tracking numbers so victims can monitor the status of their requests.
The Warning Letters
FTC Chairman Andrew Ferguson sent the letters in the week before enforcement began, reminding platforms of their compliance deadline. “We stand ready to monitor compliance, investigate violations, and enforce the Take It Down Act,” Ferguson said, according to CyberScoop. The FTC simultaneously launched TakeItDown.ftc.gov, a dedicated complaint portal where victims can report platforms that have failed to process valid removal requests or have not built a removal mechanism at all, according to the National Law Review.
The fifteen recipients span the breadth of the consumer internet: social media giants (Meta, X, Snapchat, TikTok, Reddit, Pinterest), app stores and device ecosystems (Alphabet, Apple, Microsoft), a major dating platform (Bumble and its parent Match Group), a website hosting service (Automattic, which owns WordPress.com), a cloud and e-commerce operator (Amazon), a photo-storage service (SmugMug), and a communication platform (Discord). Civil penalties of $53,088 apply per individual violation — meaning per image or piece of content that fails the 48-hour requirement — which can compound rapidly across platforms with large user bases, per CyberScoop.
What Critics Are Saying
Civil rights advocates have raised concerns that the law’s penalty structure could create perverse incentives. Becca Branum, a civil rights advocate, warned that the high per-violation penalties may push platforms toward blanket removal of reported content, potentially suppressing lawful speech in ways similar to overreach seen under the Digital Millennium Copyright Act’s notice-and-takedown regime, according to CyberScoop. The FTC has acknowledged resource limitations in monitoring compliance across an internet-scale problem.
What We Don’t Know
The FTC has not publicly disclosed which of the fifteen recipients, if any, have already taken steps toward compliance since receiving the letters. It is unclear whether the agency has identified specific enforcement targets or is treating the letters as an initial warning round before pursuing formal actions. The agency has not indicated whether it plans to investigate smaller or less prominent platforms beyond the fifteen named recipients.
How the 48-hour window will operate in practice for content that requires human review also remains unspecified. The law does not clarify whether the clock starts from the moment of a victim’s submission or from the moment a human or automated system validates the request.
Analysis
The start of civil enforcement marks a significant escalation in the federal government’s approach to nonconsensual intimate imagery, a problem that has grown sharply with the proliferation of AI image-generation tools. Prior to the TAKE IT DOWN Act, federal law addressed child sexual abuse material but had no dedicated framework for nonconsensual intimate imagery of adults. Most legal protections existed at the state level.
The breadth of the warning-letter list — covering gaming communication services, photo-storage sites, and enterprise software alongside consumer social media — signals that the FTC interprets the term “covered platform” broadly, extending beyond the social networks that were the original focus of the debate. As previously reported by The Machine Herald, Meta’s April decision to remove end-to-end encryption from Instagram direct messages was connected to the approach of the TIDA enforcement deadline, indicating the law had already begun reshaping platform architecture decisions before enforcement formally began.