Britain’s top communications regulator said Monday that it will begin requiring tech companies to do more to find and remove non-consensual intimate images from their sites and to curb the spread of deepfakes created by artificial intelligence.

The regulator, Ofcom, is updating its codes of practice to include the new language. The changes are expected to take effect this autumn pending action from the UK Parliament.

Ofcom is recommending that sites and apps use “hash matching” technology more expansively in order to detect the images, which involves converting the images into a digital fingerprint that can be stored in a database to prevent future uploads of the same or similar files.

The regulator’s announcement said the change is being made due to the “urgent need to better protect women and girls online.”

The measure, alongside new legislation that bans nudification tools and mandates that non-consensual intimate images be removed within two days, will “make a material difference in protecting women and girls online,” according to an Ofcom press release.

In February, UK Prime Minister Keir Starmer said the new law imposing hefty fines for tech firms that don’t promptly remove the intimate images was necessary to spare victims from having to make repeated reports to get pictures removed. Starmer also warned that tech companies that fail to remove the images within two days could have their services blocked.

The British government’s focus on the issue comes in the wake of several weeks during which millions of nudified images of non-consenting women and children spread worldwide via xAI’s Grok chatbot.

In a February opinion piece, Starmer deemed the issue a “national emergency.”

“Victims have been left to fight alone – chasing takedown of harmful content site to site, reporting the same material again and again, only to see it reappear elsewhere hours later,” Starmer wrote. “That is not justice.”

“We are putting tech companies on notice,” he added. “The burden of tackling abuse must no longer fall on victims. It must fall on perpetrators – and on the companies that enable harm.”

Ofcom’s approach, for now, carves a different path than the one taken by the country’s peers. A European Union law that let tech firms search communications for child sexual abuse material (CSAM) expired last month after a long standoff between lawmakers about privacy concerns.

Tech giants have said they will continue to scan communications for CSAM, but European Commission officials have said that the practice is against the law.