European Union lawmakers and member states have agreed to ban artificial intelligence systems that generate sexualised deepfakes, following global outrage this year over non-consensual nudes produced by Elon Musk’s chatbot Grok.
The ban will form part of amendments to the EU’s AI Act, the bloc’s flagship piece of legislation on the technology, which was adopted in 2024.
“Today the EU has drawn a red line. AI must never be used to humiliate, exploit or endanger people. For the first time, EU legislation explicitly bans nudifier applications,” centrist MEP Michael McNamara told AFP.
Negotiators from the European Parliament and member state governments have also agreed to delay the implementation of rules covering high-risk AI – models deemed potentially dangerous to safety, health or citizens’ fundamental rights.
Those provisions had been due to come into force in August 2026 for stand-alone AI systems, with a further set due a year later for AI tools embedded in other products.
They will now be pushed back to December 2027 and August 2028 respectively.
The European Commission proposed the changes last year, saying they would help businesses and avoid stifling innovation. The EC said it still hoped to steer the technology’s safe development through other provisions of the AI Act.
Powerful AI models have come under renewed scrutiny in the EU in recent weeks after US-based developer Anthropic restricted the release of Mythos, which the company itself has warned could prove a boon for hackers.
The EC has held several meetings with Anthropic but has so far not been able to gain access to the model. That could change later this year, according to officials.
“Once the enforcement powers of the AI Office start in August 2026, we will ensure to receive, if needed, model access,” an EU spokesperson said.
The AI regulation office, made up of dozens of tech experts, lawyers and economists, would have “unique access to providers’ internal safety and security practices”, the spokesperson added.
MEPs have warned of an “emerging threat to European cybersecurity”, saying the bloc was “ill-equipped” to handle advanced AI tools such as Mythos.
Thirty MEPs from a range of political groups called on the bloc to revise its cybersecurity rules in a letter to the European Commission dated May 4, 2026.
The agreement on the deepfakes ban and the delay to high-risk rules comes amid mounting pressure on Brussels to balance the rapid expansion of generative AI with concerns over privacy, safety and online abuse.
