FBI arrests two men over AI deepfake pornography as regulators tighten enforcement

The Federal Bureau of Investigation has arrested two men, 20-year-old Arturo Hernandez and 51-year-old Cornelius Shannon, for allegedly violating the Take It Down Act (TIDA) by creating and distributing non-consensual AI-generated sexualised images and videos. Investigators identified the suspects through digital footprints, including geo-location data, PayPal account links, IP address matches, and social media activity. The arrests coincide with the Federal Trade Commission (FTC) sending warning letters to 12 "nudify" services and major technology platforms, demanding the implementation of 48-hour removal processes for non-consensual intimate images or facing civil penalties.

Hernandez is accused of posting 113 albums viewed nearly one million times, featuring approximately 50 women, including political figures, actresses, musicians, and private individuals such as former high school classmates. Investigators noted that Hernandez saved the source images used to create the deepfakes in a folder on his own Instagram account, which helped link him to the content. He also used the nickname "Ryan" for his Gmail account but used the same handle elsewhere online, including on Snapchat, which aided identification.

Cornelius Shannon allegedly published approximately 360 albums viewed more than two million times, featuring approximately 90 women. Police cross-referenced Department of Motor Vehicle records and surveillance photos to confirm his identity after he used his own photograph as the profile picture for the account. Both men face up to two years in prison if convicted of violating the TIDA.

Joseph Nocella, Jr., United States Attorney for the Eastern District of New York, stated that the suspects used cutting-edge digital technology to create images that degraded and violated victims across the United States. James C. Barnacle, Jr., assistant director in charge of the New York FBI field office, emphasised that such predatory conduct represents a disturbing abuse of technology that inflicts emotional harm on victims, violating their privacy, dignity, and security.

The FTC has issued warning letters to 12 companies offering nudify tools, requiring them to implement victim removal processes within 48 hours or risk civil penalties of up to $53,088 per violation. The FTC also sent letters to major platforms including Amazon, Alphabet, Apple, Automattic, Bumble, Discord, Match Group, Meta, Microsoft, Pinterest, Reddit, SmugMug, Snapchat, TikTok, and X, warning of penalties for non-compliance. X has updated its reporting system to allow users to report content under the US Take It Down Act, stating reviews occur within the 48-hour timeline.

Despite these enforcement efforts, the availability of AI tools remains a concern. An Ohio man previously arrested under TIDA continued creating deepfakes while on pre-trial release. Critics have warned that the current process places the burden on victims to monitor and flag harmful images across the Internet and could potentially be abused by individuals seeking to have content removed for reasons unrelated to consent.