A PYMNTS Company

Digital Replicas, Part III: Evaluating Legislative Proposals

By  |  June 2, 2025

By: Nicholas Garcia (Public Knowledge)

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    In this article, author Nicholas García (Public Knowledge) covers recent legislative developments addressing the risks of AI-generated digital replicas. Building on a prior two-part series outlining the commercial, dignitary, and democratic harms posed by these technologies, García introduces the newly passed TAKE IT DOWN Act as the first major U.S. law targeting such harms, and discusses other legislative actions in a similar vein, such as the DEFIANCE and NO FAKES acts.

    Despite swift passage and overall bipartisan support, these bills have raised red flags among civil society groups for their limitations and lack of safeguards. García sets out to evaluate this proposed legislation using Public Knowledge’s framework to ensure that responses to these harms are effective without introducing new ones.

    The TAKE IT DOWN Act focuses on curbing the spread of non-consensual intimate imagery (NCII), establishing criminal penalties and requiring platforms to implement notice-and-takedown systems for such content. While this is a welcome step in addressing serious dignitary harms, critics warn that it may unintentionally empower censorship and encourage over-moderation, especially without enforceable measures to restore wrongly removed content or penalize bad-faith takedown requests. Small platforms, in particular, may face disproportionate burdens in complying with monitoring requirements, which could lead to reduced speech and access to online expression, particularly in politically sensitive contexts.

    Another critical issue with the TAKE IT DOWN Act, García notes, is its ambiguous scope regarding encrypted and private services. Although email services are excluded, the bill could still impact messaging apps and cloud platforms, threatening user privacy by creating pressure to weaken or bypass end-to-end encryption. This could undermine digital security not only for the general public but also for vulnerable users who depend on encrypted tools for safety. Without clarification—potentially only achievable through litigation—the Act risks mandating intrusive surveillance practices. García argues that the law should be amended to explicitly exclude private and encrypted services to preserve privacy protections while still addressing public harms…

    CONTINUE READING…