The War on Porn

BRASILIA — President Luiz Inácio Lula da Silva this week approved new regulations requiring adult websites to verify the ages of users located in Brazil beginning March 17.

Enacted last year, Brazil’s Digital Statute for Children and Adolescents (Digital ECA) is intended to protect minors in digital environments. The law requires adult content providers to implement age verification measures beyond self-declaration and applies regardless of where site operators are based.

The law also extends to marketplaces and delivery applications offering adult or erotic products, requiring them to verify purchasers’ ages and restrict access by minors.

Enforcement will be carried out by the National Data Protection Authority (ANPD), which was recently elevated to the status of a regulatory agency.

Additional implementation details are expected in a forthcoming decree currently being drafted by several government bodies, including Brazil’s Ministry of Justice and Public Security, of which the ANPD is a part.

The statute states that providers of information technology products and services must adopt systems and processes to prevent minors from accessing pornographic content.

Article 9, Section 1 of the Digital ECA provides that “Reliable age verification mechanisms must be adopted each time a user accesses the content, product or service … and self-declaration is prohibited.”

Noncompliance will initially result in a warning and a 30-day deadline to implement corrective measures. Continued violations may lead to fines of up to 10% of a site operator’s revenue generated in Brazil or up to 1,000 Brazilian reais (approximately $195) per registered user, with total penalties capped at 50 million reais (approximately $9.73 million).

In advance of the rules taking effect, the ANPD released an English-language version of its publication “Age Assurance Mechanisms,” which outlines technological approaches including biometric estimation, behavioral analysis and document verification aimed at preventing minors from accessing inappropriate content.

According to an ANPD statement, publication of the English version is intended to “broaden knowledge on the subject, given that many technology platforms operate on a cross-border basis.”

Local Representative Requirement

The Brazilian Association of Adult Entertainment Industry Professionals (ABIPEA), which launched in September to represent adult industry professionals and companies operating in Brazil, has participated in technical discussions related to implementation of the Digital ECA.

ABIPEA President Paula Aguiar said the organization has engaged directly with government bodies during the process.

“We have been providing practical input on how the law impacts adult-industry businesses and have submitted contributions and recommendations to the draft of the forthcoming regulatory decree,” Aguiar said.

Aguiar highlighted Article 40, which requires site operators based outside Brazil to appoint a legal representative in the country authorized to receive legal notifications and assume responsibility in administrative and judicial proceedings.

She said ABIPEA is available to provide technical and institutional guidance to companies seeking to comply with the new legal framework.

ABIPEA will also host a dedicated space during the Intimi Expo trade show, scheduled for March 20–22 in São Paulo, focused on “educating and guiding the adult industry regarding the Digital Statute for Children and Adolescents, its practical implications and compliance strategies.”

LOS ANGELES—The Federal Trade Commission (FTC) has issued a new policy paper recommending that digital platforms operating in the United States implement age-verification measures in line with the federal Children’s Online Privacy Protection Act (COPPA).

Released Wednesday, the document is framed as an “enforcement policy statement promoting the adoption of age-verification technology.” It positions age-gating as a practical safeguard aimed at limiting minors’ exposure to potentially harmful or restricted material, including pornography. The statement follows remarks made weeks earlier by FTC Chair Andrew Ferguson, who voiced support for age-verification tools during a public seminar examining the technology.

The workshop drew attention in part because adult-industry stakeholders were not included among panel participants. One of the few critical perspectives came from a representative of the libertarian-leaning Cato Institute, who questioned age verification as a regulatory solution. Beyond that dissent, the policy statement broadly endorses the deployment of age-verification tools across the internet, extending from adult platforms to mainstream social media services that host explicit content, such as Reddit and X.

“Age verification can play a critical role in protecting children online and helping parents as they monitor their children’s online activities,” the document reads.

The paper also states that the Commission “will not exercise its enforcement discretion” under COPPA, which restricts online services from collecting personal information from children under 13 without parental consent. The rationale, according to the statement, is to “encourage the use of robust age-verification mechanisms.”

It adds, “In the coming months, the Commission intends to initiate a review of the COPPA Rule to address age-verification mechanisms.”

Questions remain about how the policy will play out in practice. Critics point to the possibility that prioritizing age-verification adoption could divert regulatory attention from risks tied to the technology itself, including data security failures. Breaches involving age-verification providers have already been reported, affecting systems connected to a vendor used by Discord and the developer behind Louisiana’s digital ID wallet application.

Historically, COPPA enforcement actions have focused on the improper collection, use or disclosure of personal data belonging to children under 13 — particularly in cases involving hacking incidents or data leaks. Under the approach outlined in the new policy statement, the FTC signals that enforcement tied to COPPA violations may be less likely when age-verification tools are actively used to determine a user’s age.

Policy papers rarely feel dramatic in the moment. Still, this one lands with a quiet implication: the internet’s next chapter may hinge not just on what platforms host, but on how they decide who gets through the door.

LONDON — A quiet amendment tucked into a sweeping crime bill is stirring debate across the U.K.’s digital policy landscape. Alex Davies-Jones, the minister for victims and violence against women and girls, announced that changes to the Crime and Policing Bill would prohibit what lawmakers describe as “incest simulation” pornography within the country’s online space.

The Crime and Policing Bill, first introduced last year, has reached the report stage in the House of Lords after clearing the House of Commons during the summer. The latest amendments expand the bill’s scope, adding provisions that address “semen-defaced images” and the nonconsensual act of screenshotting intimate videos. Lawmakers also identified “incest and step-incest pornography” as forms of “hardcore pornography” falling within the “legal but harmful” framework established under the Online Safety Act.

The policy shift draws heavily from recommendations issued by the U.K.’s pornography commission, led by Baroness Gabby Bertin. The commission concluded that simulated incest content should be criminalized in a manner comparable to real-world offenses involving incest and sexual abuse.

“[Some] online pornographic content depicts disturbing ‘role-play’ including incest and adults role-playing as children—evidence shows that this type of pornography is used by perpetrators to permit child sex abuse,” Lady Bertin’s recommendations read. “This is totally unacceptable.”

“I make recommendations to make incest pornography illegal, and for content that might encourage an interest in child sex abuse to be prohibited,” adds the report.

The same commission report also proposed restrictions on strangulation-related pornography, even in cases where content is consensual and controlled. Under the proposed amendments, Ofcom would gain authority to take enforcement action against platforms hosting content depicting strangulation or incest-related scenarios.

“The current criminal justice response is ineffective in tackling illegal pornography online,” notes the Bertin report.

Further recommendations call for a broader legislative review. The report states that the “[government] should conduct its own legislative review of this regime to ensure that legislation and Crown Prosecution Service (CPS) guidance is fit-for-purpose in tackling illegal pornography in the online world. […] Pornographic content that depicts incest should be made illegal.”

The proposals arrive against the backdrop of ongoing debate around fetish and BDSM content, where consensual choking and sadomasochistic play remain common categories within adult entertainment.

“Abuse of victims is ever-evolving in the online world and the offline world,” Davies-Jones said in an interview. “We need to act, and we need a criminal justice system that’s fit for modern times.”

The minister clarified that criminalization of simulated incest would not extend to “step-incest” or “step-family” categories, which remain widely produced and consumed across mainstream and niche adult markets. Davies-Jones said the government intends to conduct “a broader review [around extreme pornography] and looking at what more needs to be done.”

“It’s becoming normalised in society, and that is a problem,” she added. “We want everyone to be aware of what a healthy consensual relationship is, which is why this is also part of our violence against women and girls strategy around education and prevention.”

SALT LAKE CITY — The Utah Senate has passed legislation that would impose a 2% tax on adult websites doing business in the state while expanding rules aimed at preventing minors from bypassing age verification through virtual private networks.

SB 73 would make adult platforms liable if Utah minors access their services by using VPNs to circumvent geolocation safeguards. Earlier versions of the bill proposed a 7% tax on gross receipts, along with requirements for adult sites to notify the state’s Division of Consumer Protection of their in-state activity and pay an annual $500 fee. Lawmakers later revised the measure, removing the notification and fee provisions and reducing the tax rate.

The amended bill now takes a broader approach, covering a range of consumer protection functions across multiple state agencies. While retaining portions of the original proposal, the Senate-approved version would impose a 2% excise tax on adult platforms operating in Utah. The tax would apply to transactions involving “access to digital images, digital audio-visual works, digital audio works, digital books, or gaming services,” including subscription and streaming access.

Industry attorneys have raised concerns about possible legal challenges to the measure. Similar proposals, however, have surfaced in other states. Alabama enacted a 10% tax on adult content revenues in 2025, and lawmakers in Virginia and Pennsylvania have considered comparable initiatives.

Revenue generated by the Utah tax would be directed to a state fund supporting youth mental health initiatives. The bill specifies that funds would support “(a) mental health treatment programs for minors affected by material harmful to minors; (b) educational programs for parents, guardians, educators, and minors on the mental health risks associated with material harmful to minors; (c) early prevention and intervention programs for minors at risk of mental health harm from material harmful to minors; and (d) research and public awareness campaigns addressing mental health harm to minors caused by material harmful to minors.”

VPN Requirements Added

SB 73 also includes provisions addressing VPN usage. The amended language states: “An individual is considered to be accessing the website from this state if the individual is actually located in the state, regardless of whether the individual is using a virtual private network, proxy server, or other means to disguise or misrepresent the individual’s geographic location to make it appear that the individual is accessing a website from a location outside this state.”

In addition, the bill would prohibit adult platforms from facilitating or encouraging users to bypass age verification. The legislation bars websites from providing tools or guidance for circumvention, “including by providing: (a) instructions on how to use a virtual private network or proxy server to access the website; or (b) means for individuals in this state to circumvent geofencing or blocking.”

State-based age verification laws have faced criticism because users can often avoid them through anonymizing technologies. Increased media attention and regulatory focus on VPN use have prompted lawmakers to explore stricter enforcement mechanisms.

West Virginia lawmakers are considering similar language in SB 498, which would mandate that “No online platform, website, or digital entity may allow users to bypass age verification requirements through VPNs, proxy services, or other anonymizing technologies.” That proposal is awaiting committee review.

Meanwhile, Indiana has filed a lawsuit against Aylo, alleging that the company failed to prevent access by users masking their location through VPNs. Although Indiana’s age verification statute does not explicitly reference VPNs, the state argues the company is noncompliant “because Indiana residents, including minors, can still easily access the Defendants’ websites with a VPN IP or proxy address from another jurisdiction or through the use of location spoofing software.”

Utah’s updated VPN provisions could affect enforcement of the state’s age verification law, which took effect in January 2023.

The bill will next be considered by the Utah House Revenue and Taxation Committee. If enacted, SB 73 would take effect Oct. 1.

PHOENIX — A bill moving through the Arizona legislature could introduce new compliance hurdles for adult websites, with industry observers warning that conflicting provisions may make it difficult for platforms to operate in the state.

Arizona’s HB 2133, titled the “Protect Act,” is part of a broader legislative push to address AI-generated nonconsensual intimate imagery. The bill seeks to ensure that nude or sexual depictions of individuals — including those created with artificial intelligence — cannot be published without the consent of each person shown. It also establishes new consent and verification requirements for adult websites.

Under the proposal, adult platforms would be required to use “reasonable consent verification methods” to confirm that individuals depicted in sexual content have provided consent. The bill would further require websites to maintain records of that verification for at least seven years, making them available for potential review by the state attorney general.

The legislation defines “reasonable consent verification methods” as including “(i) An affidavit that attests to the consent and age of each depicted person. (ii) A verification through an independent third party. (iii) Any other commercially reasonable method that does not retain identifying information after the verification is complete.”

Industry stakeholders say these provisions could create compliance challenges. Affidavits typically require notarization, which may be burdensome in practice. At the same time, the second and third verification options appear to conflict with the separate requirement that verification records be retained.

Free Speech Coalition Director of Public Policy Mike Stabile said, “We are most concerned about the clear conflicts with federal law. It appears that Arizona is asking us to delete age-and-consent records after verification, which is impossible for us to do. We’ve reached out to the legislator to alert him to this issue, and others, as well as to clarify some of the provisions in the bill.”

The Free Speech Coalition has previously raised concerns about similar legislation, pointing to North Carolina’s “Prevent Sexual Exploitation of Women and Minors Act,” which drew criticism for its impact on model contracts, and Alabama’s HB 164, which requires notarized model releases.

If enacted, the Arizona bill would impose civil penalties of $10,000 per day on sites that fail to obtain “verified” consent, along with potential damages and attorney fees.

HB 2133 has passed the Arizona House of Representatives and has been transmitted to the state Senate for further consideration.

When champion skier Lindsey Vonn experienced a terrible crash on what turned out to be her final run in the women’s downhill skiing event at the Winter Olympics in Milan earlier this month, maybe there were a few people out there thinking she shouldn’t have been permitted to take the risk of running the race, given that she already had a torn ACL injury in her left knee. But if a significant number of people felt that way, they seem to have kept it to themselves, for the most part.

Instead, the dominant reaction to Vonn’s knowing acceptance of added risk rightfully has been to praise her bravery, determination and champion spirit. As Madison Chapman wrote for Newsweek, “Winner or not, Vonn is the ideal Olympic champion. Her grit and resilience helped me shed my own fear of risk and learn to see myself as a champion over adversity after my cancer treatment and subsequent knee injury. She may not have clinched gold, but Lindsay Vonn reminded us all how to live.”

I’ve always been fascinated by the way people view the act of taking a physical risk, be it in the context of competitive skiing, climbing a mountain or something as fundamental managing one’s personal health. I’ve long believed that the question of whether something is safe to do is a different question than whether ought to be allowed to do it. As I see it, it’s not complicated; adults should be allowed to take informed risks – including a litany of risks I would never take, myself.

Doubtlessly, one reason Vonn found so much support for her decision is the competitive context. She was attempting to win a gold medal, an achievement for which there’s a very limited window of opportunity, one that only comes around every four years – and only for so many cycles in an athlete’s career.

Make no mistake, though; the reason Vonn’s decision, the Olympic Games themselves and Vonn’s injuries are global news is because sports are popular entertainment – and big business.

In other words, while we support Vonn’s chosen form of risk taking because competition is deemed a worthy enterprise by a significant portion of the human population, we also support it because we accept, at least in the context of sport, that people have a right to risk bodily harm in the process of entertaining other people.

We’re not consistent about this acceptance of risk for entertainment’s sake, of course. The response to people taking risks in the context of porn is less enthusiastic. Sometimes it inspires proposals specifically designed to deter peoplefrom plying their trade in adult entertainment.

I’m not saying I think social media should light up with words of encouragement every time a porn star gets nominated for an award, or when an adult content creator releases a new clip (although that would be nice). But maybe, if society can applaud people for risking grievous bodily harm while competing on the Olympic stage, society can at least also manage to avoid shaming people and subjecting them to paternalistic government regulation when the risks they take involve other, less celebrated forms of entertainment.

DENVER — A pair of Democratic state lawmakers in the Colorado General Assembly has introduced an age-verification bill that targets age restrictions at the operating system level. The measure, Senate Bill (SB) 26-051, was introduced earlier this year by state Sen. Matt Ball and state Rep. Amy Paschal.

Under SB 26-051, age assurance would be handled directly at the operating system level on devices used within Colorado’s digital space. The proposal would apply across major platforms, including Android, iOS, Windows, macOS and others. Ball and Paschal said the idea was influenced by similar legislation adopted in California last October.

The California measure, known as the Digital Age Assurance Act (AB 1043), covers a wide range of platforms and operating systems. It is set to take effect Jan. 1, 2027, requiring operating system providers to establish a method for users to input and verify their ages by the summer of that year.

“SB 26-051 is very closely modeled on it,” Sen. Ball said in an interview. “One of the reasons for bringing SB 51 was that the tech and software industry is already complying with AB 1043, so there’s minimal added burden.”

Ball added, “The intent is to create thoughtful safeguards for kids online through a privacy-forward framework for age assurance.” OS- and device-level age verification is viewed by some in the adult entertainment sector as a potential compromise, one that could offer child-protection measures while preserving adult privacy and free expression.

“A person that violates the bill must pay a civil penalty of not more than $2,500 for each minor affected by each negligent violation or not more than $7,500 for each minor affected by each intentional violation,” states a bill summary on SB 26-051.

“The penalty is assessed and recovered in a civil action brought by the attorney general,” the summary adds. A hearing on the measure is scheduled for Feb. 24 before the Colorado Senate Business, Labor & Technology Committee. Observers expect the bill could eventually reach the desk of Gov. Jared Polis.

Gov. Polis previously signaled he would veto an age-verification bill introduced last year, citing concerns it might be overly restrictive and raise First Amendment issues. That proposal ultimately failed in the Senate — a reminder that while the conversation keeps evolving, the outcome is never quite guaranteed.

LONDON — U.K. media regulator Ofcom on Monday imposed a fine of 1.35 million pounds (more than $1.8 million) against adult site operator 8579 LLC for failing to implement age checks as required for compliance with the Online Safety Act.

Last year, the regulator began examining several site operators to determine whether they had “highly effective” age checks in place to prevent minors from accessing adult content. The effort formed part of a broader push to enforce the law’s child-protection provisions.

Following that investigation, Ofcom fined 8579 LLC for noncompliance with age-check requirements between July 25, 2025, and November 19, 2025, across the sites crazyporn.xxx, hoes.tube and love4porn.com. The agency concluded that the platforms did not meet the standards outlined in the legislation during that period.

In addition, the regulator said the site justpornflix.com still lacks the necessary age-assurance measures. Ofcom has given 8579 LLC until 5 p.m. GMT on Monday to implement the required checks or face an additional penalty of 1,000 pounds per day.

According to Ofcom, the investigation initially also covered sites 4kporn.xxx and 429.xxx. However, a “possible change in provider” from 8579 LLC to Reply Buzzer Ltd. led the regulator to exclude findings related to those sites from the current decision. A separate investigation into Reply Buzzer Ltd. is now underway.

The regulator has also issued an additional fine of 50,000 pounds against 8579 LLC for failing to respond to an information request. Ofcom has directed the company to submit a complete list of all sites it operates or risk a further daily penalty of 250 pounds, applied for up to 60 days or until the request is fulfilled.

Earlier this month, Ofcom fined Kick Online Entertainment more than $1 million for similar compliance failures, signaling a continued focus on enforcement within the sector.

George Lusty, Director of Enforcement at Ofcom, said: “We’ve been clear that adult sites must deploy robust age checks to protect children in the U.K. from seeing porn. Those that fail to do this — or ignore legally binding requests from us — should expect to face fines.”

Something about this legal tug-of-war feels oddly familiar — like watching the same argument play out on repeat, just with new players and slightly sharper language. This week, the Free Speech Coalition quietly reshaped its challenge to Tennessee’s Protect Tennessee Minors Act, filing an amended complaint after the state’s attorney general moved to shut the case down altogether.

The Protect Tennessee Minors Act, passed in 2024 before the Supreme Court’s pivotal decision in Free Speech Coalition v. Paxton, has already had a winding journey through the courts. Back in November 2024, FSC joined forces with MelRose Michaels, O.school, Adam & Eve, and JustFor.Fans to challenge the law. A Tennessee district court initially paused enforcement, offering a brief moment of relief — but that didn’t last. The 6th Circuit Court of Appeals later lifted the injunction, clearing the way for the law to take effect.

Then came the Supreme Court’s June 2025 ruling in Paxton, which reshaped the entire conversation around age-verification laws. FSC representatives signaled they weren’t backing off — if anything, they seemed more determined, talking about the need to carve out “sensible limits” so lawmakers couldn’t keep whittling away at adults’ access to protected speech. That phrase stuck. Sensible limits. Simple words, complicated reality.

In the revised complaint, FSC and its co-plaintiffs argue the Tennessee law crosses constitutional lines. They say the Act imposes a content-based burden on protected speech, one unlikely to survive even the “intermediate scrutiny” framework laid out by the Supreme Court. The filing also claims the law is too vague under the 14th Amendment’s due process clause and raises familiar Section 230 concerns — specifically, that forcing website operators to act as publishers of third-party material conflicts with federal protections long relied upon across the internet.

At the same time, the complaint openly acknowledges that the legal terrain shifted after Paxton. Still, the plaintiffs insist Tennessee has pushed past even those broadened boundaries, suggesting the state read the Supreme Court’s decision as a green light rather than a guardrail.

“The PTMA is materially different than the Texas law challenged in Paxton, and this action seeks relief on grounds that the Supreme Court did not address in that case,” the new complaint reads. “Put otherwise, Paxton impacts this case but doesn’t decide it.”

The state’s response arrived quickly. Tennessee Attorney General Jonathan Skrmetti filed a motion to dismiss, arguing that the plaintiffs don’t actually have standing to sue him and that the case lacks “sufficient facts to state a plausible claim.” It’s the kind of procedural counterpunch that can quietly end lawsuits before the deeper constitutional questions ever get airtime.

In a supporting memorandum, Skrmetti challenges the plaintiffs on several fronts. He contends the attorney general isn’t the proper defendant because enforcement authority rests with district attorneys. He also points to the absence of any real enforcement action — no test case, no penalties handed down — suggesting that without tangible harm, the plaintiffs’ standing is shaky. And, perhaps most predictably, he maintains the law satisfies the “intermediate scrutiny” standard set out in Paxton.

Now the decision sits with Chief Judge Sheryl H. Lipman, who will determine whether the case survives this early hurdle. If it moves forward, the fight over Tennessee’s law could become yet another defining chapter in the broader AV debate — the kind that doesn’t just live in court filings but ripples through platforms, creators, and anyone trying to figure out where protection ends and overreach begins.

And maybe that’s the quiet tension hanging over all of it: not whether the arguments will keep coming, but whether the courts can draw a line that actually holds.

The Cato Institute has published a report on debanking. You can find it here: https://www.cato.org/policy-analysis/understanding-debanking-evaluating-governmental-operational-political-religious?utm_source=social&utm_medium=email&utm_campaign=Cato%20Social%20Share

Here’s what the report is all about:

Debanking can be a frustrating and deeply unsettling experience. One day everything seems fine, and the next, a notice arrives giving just 30 days to withdraw funds and find a new financial institution. Confusion quickly turns into anxiety. Bills were paid, nothing appeared out of the ordinary — so what changed? A call to the bank rarely brings clarity, and the response is often the same: no further details can be provided. Customers are left with more questions than answers.

On the other side of the conversation, bankers are frequently constrained by strict confidentiality requirements. Even frontline staff may not have access to the underlying reasons for an account closure. Financial institutions operate within a framework of anti–money laundering, know your customer, and countering the financing of terrorism regulations — commonly referred to as AML, KYC, and CFT. While these rules are standard practice within the industry, they remain largely invisible to the public, creating a disconnect that fuels frustration on both sides.

For those looking to address the growing concern around debanking, some argue that meaningful change will require greater transparency. That could mean reconsidering the confidentiality that surrounds account closures, removing reputational risk as a regulatory factor, and reevaluating the Bank Secrecy Act framework that effectively places financial institutions in the role of investigative gatekeepers.