The UK government announced an amendment to the Crime and Policing Bill that would require online platforms to remove nonconsensual intimate images within 48 hours of being flagged, with penalties for noncompliance including fines of up to 10% of qualifying worldwide income and potential service blocking in the UK. The proposal would also make creating or sharing such material a “priority offence” under the Online Safety Act, elevating it to a level of enforcement comparable to child sexual abuse material and terrorism content.
The policy is intended to reduce the burden on victims by enabling a single report to trigger takedowns across multiple platforms and to prevent re-uploads via digital marking (hashing/fingerprinting) so reposted content can be automatically detected and removed. The announcement follows public backlash over xAI’s Grok chatbot generating “nudified” sexualized images, and comes amid increased scrutiny by Ofcom, with the government also indicating it will publish guidance for internet providers on blocking access to sites hosting this content, including “rogue” sites potentially outside the Online Safety Act’s direct reach.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
10 events from the most recent confirmed update back to the earliest known activity.
Ofcom said it expects to decide in May whether to require proactive technology to block illegal intimate images at source, with implementation potentially beginning in the summer subject to parliamentary approval.
On 2026-04-10, the UK government announced a proposed amendment to a crime bill that would allow imprisonment of technology executives whose platforms fail to remove non-consensual intimate images following Ofcom enforcement decisions. The measure escalates the government's earlier approach of fines, service blocking, and 48-hour takedown requirements.
The government said platforms that fail to comply could face fines of up to 10% of qualifying worldwide revenue, and it plans guidance for internet providers on blocking access to sites hosting such content when they fall outside the Online Safety Act's reach.
Alongside the takedown deadline, the government said creating or sharing non-consensual intimate images would become a priority offense under the Online Safety Act, with a 'report once, removed everywhere' approach and automatic re-removal of reposts using digital markings or hash matching.
On February 19, 2026, the UK government announced it would amend the Crime and Policing Bill to require online platforms to remove non-consensual intimate images within 48 hours of a report or face major penalties.
EU regulators began a Digital Services Act probe into X related to Grok's production of explicit imagery, including images involving children.
Ofcom opened a probe linked to the Grok controversy and brought forward its decision on whether platforms should use proactive hash-matching technology to detect and prevent reuploads of illegal intimate images, moving the decision timeline to May.
Following the backlash over Grok-generated explicit imagery, Elon Musk said the chatbot would block the creation of that kind of content.
Public controversy grew after xAI's Grok chatbot was reported to generate nude or sexualized images, including 'nudified' content, helping drive political and regulatory pressure for stronger controls.
A UK civil case brought by Georgia Harrison over non-consensual intimate imagery concluded in 2022, later cited by advocates as a benchmark in the debate over stronger platform takedown rules.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
5 references tracked. Mallory keeps watching after this page renders.
therecord.media
Open sourcego.theregister.com
Open sourcetherecord.media
Open sourcegovinfosecurity.com
Open sourcebankinfosecurity.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.