top of page

The Take It Down Act Is Now Law — Here's What Platform Leaders Need to Know

  • 24 hours ago
  • 3 min read

If you run a platform that hosts user-generated content, May 19, 2026, is a date you should have circled on your calendar. That's the compliance deadline for the Take It Down Act (TIDA) - and the FTC just made it very clear they're watching.


On May 11th, FTC Chairman Andrew Ferguson sent formal warning letters to more than a dozen major tech companies — including Amazon, Apple, Meta, TikTok, X, Discord, Reddit, Snapchat, Pinterest, Microsoft, Bumble, Match Group, and others — reminding them that compliance with TIDA isn't optional. The message was direct: get your house in order, or face enforcement. For the platform and marketplace community, this is worth paying close attention to.


What Is the Take It Down Act?

TIDA is a federal law that specifically addresses nonconsensual intimate imagery (NCII), including AI-generated deepfakes. The law requires covered platforms to give victims, including minors, a clear and accessible way to request removal of intimate images or videos shared without their consent. This isn't just about social media giants. The law casts a wide net.


Are You a "Covered Platform"?

This is the question every operator should be asking right now. Under TIDA, covered platforms include:

  • Social media platforms

  • Messaging apps

  • Image and video sharing services

  • Gaming platforms

  • Other online services where users can share or view content


If your platform allows users to post, share, or exchange images or videos - even as a secondary feature - you may well fall under this law. When in doubt, get legal counsel involved now, not after a complaint lands on your desk.


What Are Your Obligations?

The FTC's guidance spells out three core requirements:


1. Establish a clear removal process. You must have a mechanism in place for victims to submit takedown requests. This isn't something you can tuck in a corner of your site - it needs to be clearly and conspicuously communicated to users.


2. Act fast - within 48 hours. Once you receive a valid request, you have 48 hours to remove the content. And it's not just the original post - you're required to take down all identical copies across your platform.


3. Make the process visible. Users need to be able to find your removal process. Burying it in a terms of service page or an obscure help article won't cut it.



Enforcement Is Not a Future Problem

Chairman Ferguson's statement left little ambiguity: "We stand ready to monitor compliance, investigate violations, and enforce the Take It Down Act."


The FTC framing this as a top priority - particularly around protection of children - means enforcement attention is real and near-term. Sending formal warning letters before the deadline is a signal that the agency is actively tracking who's in compliance and who isn't. For platform operators, this is your window to get ahead of it. After May 19, the conversation shifts from preparation to liability.



What Should Platform Leaders Do Right Now?

If you haven't already, here's where to start:

  • Audit your current content moderation and takedown workflows. Do you have a process for handling NCII reports? Is it fast enough to meet the 48-hour requirement?

  • Review how your takedown process is surfaced to users. Is it findable? Is it clear?

  • Loop in your legal and trust & safety teams. This requires cross-functional alignment - product, legal, ops, and customer support all need to know what the obligations are.


Read the FTC's compliance guidance. The agency has published resources at ftc.gov specifically to help companies prepare.


The Bigger Picture

TIDA is one piece of a broader shift in how regulators are thinking about platform accountability. For decades, platforms operated under broad safe harbor protections - including CDA 230 with relatively limited affirmative obligations. That era is changing. Laws like TIDA - with specific requirements, timelines, and enforcement mechanisms - represent a new playbook.


At Marketplace Risk, we've long advocated for trust and safety as a strategic function, not just a compliance checkbox. The platforms that will navigate this environment best are the ones that treat user protection as a core operational priority - not something that gets resourced only when a regulator comes knocking.


The deadline is May 19. The FTC has served notice. Now it's your move.



Comments

bottom of page