The Federal Trade Commission (FTC) is poised to begin enforcement of the TAKE IT DOWN Act (the “Act”), the first comprehensive federal enforcement scheme to address nonconsensual intimate imagery ("NCII") appearing on online platforms. With a key May 19, 2026 compliance deadline approaching, FTC Chairman Andrew Ferguson sent letters to a range of online platforms highlighting their responsibilities under that law and additional suggestions for compliance. As noted in our previous coverage, the Act significantly expands obligations for online platforms to set up procedures and comply with requests to remove NCII, including AI-generated “deepfake” content, and it gives the FTC enforcement authority over violations. The Act has also been an Administration priority, was strongly backed by First Lady Melania Trump, and was passed with overwhelming bipartisan support. Companies that host or facilitate user-generated content should ensure they have implemented compliant notice-and-takedown systems and related processes.
TAKE IT DOWN’s Basic Requirements and Coverage of Platforms
Covered platforms have three primary compliance duties under the Act. First, they must create a process for victims of NCII or their authorized representatives to notify platforms of the NCII and request it be taken down. Second, covered platforms must provide clear and conspicuous notice of this process. And third, within 48 hours of receiving a request made through the posted process, covered platforms must remove the NCII.
The definition of a covered platform, for civil liability provisions, includes any “website, online service, online application, or mobile application” that “primarily provides a forum for user-generated content, including messages, videos, images, games, and audio files.” Covered platforms also include online services that routinely publish, curate, host, or make available NCII, but broadband internet providers and email service providers are excluded from the definition of a covered provider. The Act also extends coverage to all nonprofit organizations, regardless of whether they are organized to carry on business for their own profit or that of their members.
In his letters to platforms advising them of corporate responsibilities under the Act, Chairman Ferguson provided additional guidance on the FTC’s view of the law, beyond the plain text of the statute. Chairman Ferguson informed the letter recipients that: (1) “[p]latforms must make it easy for people to submit a removal request”; (2) “[p]latforms should provide an identifying number for each take down request … so the person who submitted a request, the platform, and … the Federal Trade Commission can ensure they are discussing the same image and request”; and (3) platforms should let people know whether the reported content was taken down, including an explanation of decisions not remove the reported content.
In addition, Chairman Ferguson asked the letter recipients to take other efforts to help stop the spread of intimate images shared without consent. Specifically, he asked that they consider using hashing or similar technology to prevent the reappearance of previously removed NCII and to consider sharing their hashes with the National Center for Missing and Exploited Children and StopNCII.org.
Conclusion
For covered platforms, compliance with the Act is critical given the FTC’s emphasis on enforcement – reflecting White House priorities – and potential civil penalties up to $53,088 per violation. Because this is a new law that has not yet been enforced, in addition to reviewing the FTC’s compliance guidance, companies should also consider designing TAKE IT DOWN processes in light of FTC enforcement and guidance in other contexts.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
[View Source]
