Cornelius “Neil” Shannon, 51, allegedly published 360 AI deepfake porn albums viewed more than 2 million times, targeting roughly 90 women, primarily politicians, actresses, and musicians. It wasn’t a sophisticated operation. He used his own face as the account’s profile photo.
FBI agents cross-referenced the profile photo against Department of Motor Vehicle records and surveillance footage, matching Shannon to a man photographed in a Mets baseball shirt. According to the DOJ’s criminal complaint in the Eastern District of New York, Shannon was arrested. He and Arturo Hernandez, a second defendant, both face up to two years in prison under the Take It Down Act (TIDA), the federal law signed in April 2025 that criminalized nonconsensual intimate imagery including AI-generated deepfakes.
Enforcement isn’t limited to the DOJ. The FTC warned 12 nudify platforms this month for failing to build compliant takedown pipelines.
Two-track enforcement is now live: DOJ/FBI on criminal charges, FTC on civil penalties. Shannon’s case is a structural signal about detection risk. Pseudonymous accounts don’t hold up when a profile photo cross-checks against a government ID database. One Ohio man who became the first TIDA arrest kept generating deepfakes while on pre-trial release, which suggests deterrence is still catching up — but the investigative toolkit is clearly operational. James C. Barnacle, Jr., assistant director of the FBI’s New York field office, confirmed agents will continue pursuing similar cases.
If your platform generates or hosts AI images and doesn’t have a working TIDA takedown flow, the FTC’s warning letters are your preview. Monday question: does your removal pipeline meet the 48-hour clock?
— Nathan Zakhary