FTC Sends Warning Letters Over Take It Down Act Compliance

The Federal Trade Commission has begun enforcing the federal TAKE IT DOWN Act and has already sent warning letters to companies that the FTC believes may be out of compliance. The first wave of letters targeted websites offering so-called “nudify” tools, which can be used to create nonconsensual, sexualized images from clothed images.

The FTC’s action is an important signal for platforms that host, publish, transmit, curate, or otherwise make available user-generated content, intimate content, AI-generated content, digitally altered images, messaging content, livestreams, comments, or other media. Covered platforms are now expected to have a clear process for receiving and acting on takedown requests involving nonconsensual intimate images.

What the FTC Warning Letter Says

The FTC’s warning-letter template provides a clearer picture of how the agency is framing TAKE IT DOWN Act enforcement.

First, the FTC states that it enforces Section 3 of the TAKE IT DOWN Act and treats violations of TIDA as violations of a rule defining an unfair or deceptive act or practice under Section 18 of the FTC Act. That matters because it gives the FTC a civil-penalty hook for covered-platform violations.

Second, the letter quotes the statutory definition of a “covered platform.” A covered platform is a public website, online service, online application, or mobile application that either primarily provides a forum for user-generated content, including messages, videos, images, games, or audio files, or, in the regular course of business, publishes, curates, hosts, or makes available nonconsensual intimate visual depictions.

Third, the FTC says covered platforms must have a process for individuals to request removal of nonconsensual intimate visual depictions. If a platform receives a valid removal request, it must remove the reported content and known identical copies within 48 hours.

Fourth, the template states that the warning letter does not reflect a formal determination that the recipient violated TIDA. But the FTC also warns that staff is monitoring the marketplace and that covered platforms that violate TIDA may face enforcement and civil penalties of up to $53,088 per violation.

Finally, the template asks the recipient to contact the FTC within 48 hours to discuss its compliance plan. That is separate from the statutory 48-hour deadline to remove covered content after a valid removal request.

What the TAKE IT DOWN Act Requires

The TAKE IT DOWN Act requires covered platforms to maintain a notice-and-removal process for nonconsensual intimate visual depictions. The law applies not only to real photos and videos, but also to digital forgeries, including images or videos created or altered with software, apps, or artificial intelligence.

At a high level, covered platforms must:

1. provide clear and conspicuous information about how a person may submit a removal request;
2. make the request process reasonably easy to use, including for people who do not have an account on the platform;
3. remove covered content within 48 hours after receiving a valid request; and
4. make reasonable efforts to locate and remove known identical copies of the reported image or video.

The FTC has stated that platforms should consider making the takedown mechanism available from locations where intimate content may appear, including posts, messages, comments, livestreams, or other relevant areas of a service. Depending on the platform, a home-page link alone may not be enough.

Why the FTC Warning Letters Matter

The FTC’s May 20 warning letters show that the agency is not waiting for a long ramp-up period. The compliance deadline has passed, and the FTC has begun identifying businesses that appear to lack the required removal process.

The letters reportedly warned 12 companies offering nudify tools that they appear to be violating the TAKE IT DOWN Act by failing to provide a process through which victims can request removal of nonconsensual intimate images appearing on their platforms.

The FTC urged those companies to come into compliance immediately. Failure to comply may result in FTC enforcement and civil penalties of up to $53,088 per violation.

This follows the FTC’s earlier warning letters to major online platforms, including Alphabet, Amazon, Apple, Automattic, Bumble, Discord, Match Group, Meta, Microsoft, Pinterest, Reddit, SmugMug, Snapchat, TikTok, and X, reminding them that they must comply fully with the TAKE IT DOWN Act.

Who Should Pay Attention

The law is not limited to traditional social media companies. Businesses should evaluate coverage if they operate a website, app, or online service that serves the public and either primarily provides a forum for user-generated content or regularly publishes, curates, hosts, or makes available nonconsensual intimate visual depictions.

This may include, depending on the facts:

• social media platforms;
• messaging platforms;
• image- or video-sharing services;
• adult-content platforms;
• creator platforms;
• AI-image, AI-video, or deepfake tools;
• dating or community platforms;
• gaming or virtual-world services;
• forums or comment-based communities; and
• services that host or display user-submitted media

Businesses that do not view themselves as “social media” platforms should not assume they are outside the law. The FTC’s template and business guidance describe the covered-platform concept broadly enough to reach many consumer-facing online services.

Practical Compliance Steps

Platforms should consider taking the following steps promptly:

1. Create or update a TAKE IT DOWN Act policy. The policy should explain what nonconsensual intimate imagery is, who may submit a request, what information must be included, and how the platform will respond.
2. Add a clear and conspicuous reporting mechanism. The reporting mechanism should be easy to find and should not be limited to registered users. Platforms should consider links in the footer, help center, content-reporting flows, and locations where intimate content may appear.
3. Build a 48-hour workflow. Internal escalation procedures should be designed so that valid requests can be reviewed and acted on within 48 hours.
4. Address duplicate copies. The platform should have a process to identify and remove known identical copies of reported content. Depending on the platform, this may require hashing or other technical tools.
5. Track requests. The FTC recommends that platforms assign an identifying number to each request so the requester, the platform, and law enforcement can reference the same request.
6. Document decisions. Platforms should maintain records showing when a request was received, what content was reviewed, whether the request was valid, what action was taken, and when the action was completed.
7. Coordinate with child-safety and adult-image reporting tools. Where appropriate, platforms should consider tools such as NCMEC’s Take It Down service for minors and StopNCII.org for adults.
8. Train moderation, trust-and-safety, and customer-support teams. Teams should know how to identify TIDA requests, prioritize them, preserve appropriate records, and avoid unnecessary back-and-forth that could jeopardize the 48-hour deadline.

Key Takeaway

The FTC’s warning letters make clear that TAKE IT DOWN Act compliance is now an active enforcement issue. Platforms that host or make available user-generated content, intimate content, AI-generated imagery, or digitally altered media should confirm that they have a working notice-and-removal process, that the process is easy to find and use, and that the platform can remove covered content and known identical copies within the required 48-hour period.

Businesses should not wait until they receive a warning letter. The FTC has expressly stated that violations may be treated as violations of an FTC rule and may result in civil penalties.

Silverstein Legal Can Help

Silverstein Legal can assist platforms with evaluating whether the TAKE IT DOWN Act applies, drafting or updating takedown policies, designing compliant reporting workflows, updating terms of service and community guidelines, and preparing internal procedures for trust-and-safety, moderation, and customer-support teams.

Corey D. Silverstein
Managing Attorney, Silverstein Legal

About Silverstein Legal

Founded in 2006 by adult entertainment lawyer Corey D. Silverstein, Silverstein Legal is a boutique law firm that caters to the needs of anyone working in the adult entertainment industry. Silverstein Legal’s clients include hosting companies, affiliate programs, content producers, processors, designers, developers, and website operators.