Australia’s eSafety Commissioner Takes Action Against Another AI “Nudify” Service

Australia’s eSafety Commissioner has begun enforcement action against another major AI-powered “nudify” service for allegedly failing to protect Australian children from exposure to sexually explicit deepfake content.

According to eSafety, the service allows users to upload images of real people and generate sexually explicit deepfake content on demand. eSafety issued a formal Direction to Comply to the service, giving it 14 days to implement stronger protections to prevent children from accessing the service.

The action is significant because it shows that Australia’s online safety regulator is moving quickly against AI services that create or facilitate sexualized deepfake content, particularly where children may be able to access the service. It also shows that regulators are increasingly treating “nudify,” deepfake, and AI-generated sexual-content tools as child-safety, image-based-abuse, and platform-governance issues, not merely as content-moderation issues.

What eSafety Did

On May 20, 2026, eSafety announced that it had issued a Direction to Comply to one of the most popular nudify services accessed in Australia. eSafety said the service received tens of thousands of Australian visits per month and, as of March 2026, was attracting nearly 40,000 Australian visits per month.

The Direction to Comply requires the service to implement stronger safeguards within 14 days. If the service fails to meet the requirements, eSafety may pursue further regulatory action, including civil penalties of up to AUD $49.5 million and delisting notices to search engine providers that help facilitate access to the site.

The Commissioner did not name the service, stating that eSafety did not want to inadvertently promote it.

Why the Action Matters

This is the first enforcement action taken by eSafety under the Age-Restricted Material Codes for systemic non-compliance. eSafety described the Direction to Comply as the first step in a graduated enforcement process.

The action came approximately two months after the Age-Restricted Material Codes commenced in March 2026. eSafety stated that the enforcement action demonstrates that it will take a strong approach to non-compliance, especially where a service is high-risk and shows no willingness to cooperate.

The regulator also emphasized that providers offering services to, and profiting from, Australian end users are expected to comply with Australian law, regardless of where they are based.

What the Age-Restricted Material Codes Cover

The Age-Restricted Material Codes are part of Australia’s online safety framework. They focus on “class 1C” and “class 2” material that is inappropriate for children. This includes online pornography, high-impact violence, material relating to self-harm, suicide, disordered eating, and simulated gambling.

The Codes are designed to require industry to prevent and protect Australian children from accessing or being exposed to age-restricted material and to provide Australian end users with effective information, tools, and options to limit access and exposure.

For AI and deepfake services, the key issue is whether the service allows users to generate, access, or be exposed to sexually explicit material and whether the service has adequate, age-appropriate safeguards to prevent access by children.

Why Nudify and Deepfake Services Are High Risk

Nudify services create distinct legal and regulatory risk because they can be used to generate sexually explicit images of real people without their consent. eSafety identified several potential harms associated with these technologies, including:

• non-consensual exploitation;
• image-based sexual abuse;
• sexual extortion;
• high-impact cyberbullying;
• misogynistic harassment; and
• exploitation of minors.

The risk is heightened where children can access the service or where the service can be used to create sexualized images involving minors. eSafety’s latest action also follows earlier action in late 2025 involving nudify services that reportedly had been used to generate child sexual exploitation material in schools and later withdrew from Australia.

Who Should Pay Attention

This action is especially relevant to businesses that provide or distribute:

• AI-image or AI-video generation tools;
• nudify, undress, face-swap, or deepfake services;
• adult-content platforms;
• creator platforms;
• image- or video-sharing services;
• social media or messaging services;
• app stores or app distribution platforms;
• search engines or services that facilitate access to high-risk sites;
• online services that include age-restricted or sexually explicit material; and
• platforms available to users in Australia.

Businesses should not assume that being located outside Australia avoids regulatory exposure. eSafety expressly stated that providers offering services to Australian end users, including children, are expected to follow Australian law.

Practical Compliance Steps

Businesses that operate AI tools, deepfake tools, adult platforms, or services that may expose users to age-restricted material should consider the following steps:

1. Assess whether the service is covered by Australian online safety requirements. This includes reviewing whether the service is accessible in Australia and whether it hosts, generates, displays, indexes, distributes, or facilitates access to age-restricted material.
2. Evaluate child-access risk. Businesses should determine whether children can access the service, whether the service is attractive or available to minors, and whether current safeguards are sufficient.
3. Implement age assurance where appropriate. Services involving pornography, AI-generated sexual content, nudify tools, or other age-restricted material should consider whether stronger age assurance is required, rather than relying only on self-declared age gates.
4. Restrict misuse of AI tools. AI services should prohibit and technically restrict the generation of nonconsensual sexualized images, sexualized images of minors, and other unlawful or harmful deepfake content.
5. Create escalation procedures for high-risk content. Trust-and-safety teams should have clear workflows for reports involving minors, nonconsensual intimate images, sexual extortion, and image-based abuse.
6. Document safeguards and decisions. Platforms should maintain records of safety design decisions, age-assurance measures, moderation procedures, complaints, enforcement actions, and regulator communications.
7. Review search, distribution, and access pathways. Services that facilitate access to high-risk AI or adult content should consider whether they could become targets for delisting notices, takedown requests, or other regulatory demands.
8. Prepare for regulator engagement. Providers should have a process for responding quickly to notices, information requests, directions to comply, and other regulatory communications.

Key Takeaway

Australia’s eSafety Commissioner is using the Age-Restricted Material Codes to target AI-powered nudify services that fail to implement child-safety safeguards. The action reinforces a broader regulatory trend: AI services that generate or enable sexualized deepfake content are being treated as high-risk services requiring proactive safety controls, age-appropriate access restrictions, and documented compliance processes.

Companies that offer AI-image tools, adult services, or platforms accessible in Australia should review their age-assurance measures, deepfake restrictions, reporting workflows, and regulator-response procedures now, rather than waiting for a Direction to Comply.

Silverstein Legal Can Help

Silverstein Legal can assist companies with evaluating whether Australian online safety requirements apply, designing age-assurance and safety-by-design controls, updating terms of service and community guidelines, drafting AI and deepfake restrictions, and preparing procedures for responding to regulator inquiries, directions, delisting notices, and content-safety complaints.

Corey D. Silverstein
Managing Attorney, Silverstein Legal

About Silverstein Legal

Founded in 2006 by adult entertainment lawyer Corey D. Silverstein, Silverstein Legal is a boutique law firm that caters to the needs of anyone working in the adult entertainment industry. Silverstein Legal’s clients include hosting companies, affiliate programs, content producers, processors, designers, developers, and website operators.