European Union lawmakers and member states have agreed to ban artificial intelligence systems capable of generating sexualised deepfakes, following widespread global outrage earlier this year over non-consensual explicit images produced by AI tools, including Elon Musk’s chatbot Grok.
“Today the EU has drawn a red line. AI must never be used to humiliate, exploit or endanger people. For the first time, EU legislation explicitly bans nudifier applications,” said centrist EU lawmaker Michael McNamara.
The new prohibition will be incorporated into amendments to the European Union’s landmark Artificial Intelligence Act, first adopted in 2024.
The agreement between European Parliament negotiators and EU capitals also includes a delay in implementing rules for high-risk AI systems—those considered potentially harmful to safety, health, or fundamental rights.
Originally scheduled to take effect in August 2026 for standalone AI systems and August 2027 for embedded tools, the timeline has now been pushed back to December 2027 and August 2028 respectively.
EU officials said the delay is intended to balance regulation with innovation and business competitiveness, while still maintaining safeguards under the broader AI framework.
Meanwhile, scrutiny of advanced AI models has intensified in recent weeks after US firm Anthropic restricted the release of its model Mythos, citing concerns it could be exploited for cybercrime.
The European Commission said it has held discussions with Anthropic but has not yet been granted access to the system, though this could change later in the year.
“Once the enforcement powers of the AI Office start in August 2026, we will ensure to receive, if needed, model access,” a Commission spokesperson said.
The forthcoming AI regulatory office will include experts in technology, law, and economics, and will have access to internal safety and security processes of AI developers.
EU lawmakers have also warned of growing cybersecurity risks linked to advanced AI systems, describing the bloc as potentially “ill-equipped” to manage emerging threats.
In a joint letter dated Monday, 30 Members of the European Parliament urged a review of the EU’s cybersecurity framework in light of rapidly evolving AI capabilities.
