Ofcom has announced tougher measures aimed at stopping the spread of non-consensual intimate images and AI-generated deepfake abuse online, as the UK regulator pushes tech companies to strengthen user safety protections.

The updated guidance, released Monday, will require platforms to do more to identify, detect, and remove illegal intimate content shared without consent. The changes are part of Ofcom’s strengthened Illegal Content Codes under the UK’s Online Safety Act and are expected to come into force in autumn 2026, subject to parliamentary approval.

At the centre of the updated rules is the growing concern over deepfake intimate images, including AI-generated nude content and manipulated explicit media targeting women and girls online.

Tech Platforms Asked to Deploy Hash Matching Technology

Under the proposed measures, Ofcom is recommending that certain platforms and apps expand their use of automated detection systems known as “hash matching” technology to identify and block illegal intimate images before they spread further online.

Hash matching works by converting harmful images into unique digital fingerprints, or hashes, which are then stored in a database. When users attempt to upload the same or similar content again, platforms can automatically detect and block the material.

Ofcom specifically referenced the use of databases such as StopNCII, one of the leading systems designed to combat the spread of non-consensual intimate imagery online.

The regulator said the move is aimed at providing stronger protections for women and girls who are increasingly being targeted through AI-enabled abuse and image manipulation.

According to Ofcom, the updated recommendations, combined with new UK legislation banning “nudification tools,” could significantly reduce the circulation of harmful intimate content online.

UK Government Pushes Faster Removal of Non-Consensual Intimate image

The tougher stance follows recent action by the UK government to pressure technology companies into removing abusive content more quickly.

Earlier this year, UK Prime Minister Keir Starmer backed legislation introducing heavy penalties for platforms that fail to promptly remove illegal intimate images.

Under the law, companies may face substantial fines if they do not take down reported content within 48 hours. Authorities have also warned that services repeatedly failing to comply could face restrictions or blocking in the UK.

The government said the rules are intended to prevent victims from repeatedly reporting the same harmful images while waiting for action from online platforms.

The push for stricter enforcement comes amid rising global concern over the misuse of generative AI tools to create realistic explicit deepfake content without consent.

Deepfake Concerns Grew After Viral AI Image Abuse Cases

The UK government’s increased focus on deepfake intimate images follows widespread concern over reports that millions of manipulated nude images involving women and children circulated online through AI-powered tools and chatbots earlier this year.

Regulators and child safety advocates have warned that the rapid growth of generative AI platforms has made it easier to create convincing fake explicit images, raising concerns around online abuse, harassment, and exploitation.

Ofcom said technology companies must take greater responsibility for detecting harmful content and preventing its distribution across their platforms.

Ofcom Investigation Into Online Platforms Continues

The latest action also comes as Ofcom continues broader investigations into online platforms under the Online Safety Act.

In April, the regulator expanded an ongoing probe into Telegram, Teen Chat, and Chat Avenue over concerns linked to child sexual abuse material (CSAM) and online grooming.

According to Ofcom, the investigation began after receiving evidence suggesting that harmful content and predatory behaviour may have been taking place across these services.

A major focus of the investigation involves Telegram’s potential exposure to CSAM. Authorities said intelligence shared by the Canadian Centre for Child Protection indicated the alleged presence and distribution of abusive material on the platform.

Following its own assessment, Ofcom launched a formal investigation into whether Telegram may have failed to meet its legal responsibilities under the Online Safety Act.

The regulator stated that platforms offering user-to-user communication services are legally required to assess risks related to illegal content and implement safeguards to prevent its spread.