UK Opens Online Safety Act Probe Into Telegram and Teen Chat Platforms
Ofcom has opened an investigation into Telegram over evidence that the platform may have been used to share child sexual abuse material (CSAM), citing information from the Canadian Centre for Child Protection and its own assessment under the UK Online Safety Act. The regulator said the probe will examine whether Telegram is meeting its duties to prevent illegal content and child sexual abuse and exploitation risks on user-to-user services. Telegram denied the allegations, saying it has largely eliminated public CSAM distribution since 2018 through detection systems and cooperation with NGOs, and argued the action may reflect broader pressure on privacy-focused platforms.
The UK regulator also launched investigations into Teen Chat and Chat Avenue over suspected failures to protect children from grooming, with Chat Avenue additionally facing scrutiny over possible exposure of minors to harmful content including pornography. Ofcom is separately examining X over nonconsensual sexually explicit content reportedly generated through the Grok AI chatbot account. Under the Online Safety Act, Ofcom can order platforms to make corrective changes, levy fines of up to £18 million or 10% of qualifying worldwide revenue, and in serious cases seek court orders to disrupt or block access to non-compliant services in the UK.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
Telegram rejects Ofcom allegations and defends moderation efforts
Telegram denied the allegations, saying it had largely eliminated public CSAM distribution since 2018 through detection systems and cooperation with NGOs, and suggested the probe reflects broader pressure on privacy-focused platforms.
Ofcom investigates Teen Chat and Chat Avenue over child safety risks
Ofcom also opened investigations into Teen Chat and Chat Avenue over concerns about child grooming risks, with Chat Avenue additionally examined for potentially exposing children to harmful content such as pornography.
Ofcom opens Telegram probe over alleged CSAM sharing
Ofcom launched an investigation into Telegram under the UK Online Safety Act after receiving evidence from the Canadian Centre for Child Protection and conducting its own assessment into whether the platform is meeting its illegal content safety duties.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
UK probes Telegram, teen chat sites over CSAM sharing concerns
bleepingcomputer.com
Open sourceUK regulator to probe Telegram, teen chat sites for potential child safety violations | The Record from Recorded Future News
therecord.media
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
UK Regulators Fine Online Platforms for Failing to Implement Effective Age Assurance
UK regulators issued major penalties against online services for inadequate **age assurance** controls intended to protect children. The Information Commissioner’s Office (**ICO**) fined **Reddit £14.47 million** for unlawfully processing children’s data, alleging that despite a stated under-13 prohibition, Reddit did not introduce an age assurance mechanism until **July 2025** and had not completed a required **data protection impact assessment (DPIA)** before **January 2025**. The ICO said these failures potentially exposed minors to inappropriate content and left under-13 users’ personal data collected and used without a lawful basis; Reddit said it intends to appeal. Separately, communications regulator **Ofcom** fined porn operator **8579 LLC £1.35 million** under the UK **Online Safety Act** for failing to deploy “highly effective” age checks (e.g., photo ID matching or credit card checks) to prevent minors from accessing adult content. Ofcom also imposed an additional **£50,000** penalty for allegedly ignoring information requests and warned of an ongoing **£1,000/day** penalty until compliant age verification is implemented, amid broader concerns from civil liberties groups about the privacy and cybersecurity risks of stringent age-verification regimes.
Mar 21, 2026
UK Mandates 48-Hour Takedown of Nonconsensual Intimate Images
The UK government announced an amendment to the *Crime and Policing Bill* that would require online platforms to remove **nonconsensual intimate images** within **48 hours** of being flagged, with penalties for noncompliance including fines of up to **10% of qualifying worldwide income** and potential **service blocking in the UK**. The proposal would also make creating or sharing such material a **“priority offence”** under the **Online Safety Act**, elevating it to a level of enforcement comparable to child sexual abuse material and terrorism content. The policy is intended to reduce the burden on victims by enabling a **single report** to trigger takedowns across multiple platforms and to prevent re-uploads via **digital marking** (hashing/fingerprinting) so reposted content can be automatically detected and removed. The announcement follows public backlash over xAI’s **Grok** chatbot generating “nudified” sexualized images, and comes amid increased scrutiny by **Ofcom**, with the government also indicating it will publish guidance for internet providers on blocking access to sites hosting this content, including “rogue” sites potentially outside the Online Safety Act’s direct reach.
Apr 10, 2026
Regulatory Push for Online Age Verification and Adult-Site Access Restrictions
A growing regulatory push to require **online age verification**—particularly for access to pornography and other age-restricted content—is accelerating in the U.S. and U.K., with policymakers framing it as a child-safety measure and critics warning of privacy and free-speech risks. An **FTC** commissioner publicly endorsed age verification as a tool to protect children online, pointing to widespread state-level adoption in the U.S. and noting that court outcomes have been mixed, including a **U.S. Supreme Court** decision upholding a Texas law requiring pornography sites to verify users’ ages. In the U.K., the **Online Safety Act (OSA)** is driving direct service changes: **Aylo** (parent company of Pornhub and other tube sites) said it will **restrict access in the United Kingdom** rather than implement the OSA’s age-checking approach for all visitors, while allowing continued access for users who have already verified their identity. Aylo argued the framework diverts traffic to unregulated sites and creates privacy risks, while **Ofcom** countered that services can either implement compliant age checks or block U.K. access and urged development of effective device-level solutions.
Mar 21, 2026