London, November 20, 2025
Ofcom has fined Itai Tech Ltd £55,000 for failing to carry out effective age verification on its AI ‘nudify’ site Undress.cc, breaching the UK’s Online Safety Act intended to protect children from harmful content. The fine includes £50,000 for the age-check failure and £5,000 for non-compliance with regulatory information requests.
Details of the Fine and Regulatory Response
UK communications regulator Ofcom imposed a £55,000 penalty on Itai Tech Ltd, which operates Undress.cc, an AI-powered site that creates deepfake nude images. The company violated legal requirements mandating that websites hosting age-restricted content verify that users are aged 18 or over. Failure to respond to Ofcom’s information requests resulted in an additional £5,000 fine. Following enforcement, the site has been blocked for UK IP addresses, and the company has submitted an application to be struck off the UK company register.
Context Within the Online Safety Act Enforcement
This enforcement marks Ofcom’s second significant action under the Online Safety Act, built to enhance online protections for minors. It follows a previous fine against the anonymous imageboard 4chan, similarly cited for inadequate age verification. The regulator highlighted that robust and effective age assurance mechanisms are mandatory for any platform hosting explicit content where age restrictions apply.
Broader Regulatory Climate and Global Trends
The UK’s crackdown on AI-generated deepfake pornography services is echoed internationally. Australia’s eSafety Commissioner has announced potential fines reaching $49.5 million for comparable ‘nudify’ platforms, particularly those generating deepfake pornography involving minors. Ofcom currently investigates 76 websites and applications for suspected breaches of the Online Safety Act, including major adult content platforms such as Pornhub, which recently reported a 77% reduction in UK traffic after enforcing age checks.
Ofcom’s Enforcement Philosophy
Suzanne Cater, Ofcom’s director of enforcement, underlined the regulator’s uncompromising stance: “The use of highly effective age assurance to protect children from harmful pornographic content is non-negotiable and we will accept no excuses for failure.” Such statements reaffirm that online services ignoring mandated safeguards face robust penalties and legal scrutiny.
Implications for Child Protection and AI-Generated Content
This case underscores growing societal concerns regarding AI-generated deepfake pornography and its potential exploitation risks, especially involving children. It reinforces the necessity of comprehensive safeguards and legal frameworks to manage new technologies that can easily create manipulable and harmful content. The enforcement action serves as a precedent strengthening online child protection laws amid the evolving digital threat landscape.
Future Regulatory Actions and Legal Considerations
Ofcom signals readiness to pursue legal means to recover fines if companies refuse to comply financially. Simultaneously, ongoing investigations suggest intensified regulatory vigilance across sectors hosting explicit digital content, enhancing accountability and compliance under the UK’s Online Safety Act. This approach exemplifies the UK’s commitment to safeguarding minors through rigorous enforcement and could guide global regulatory policies on emerging AI-driven content platforms.