Iro, owner of PornHub, will pay a $5 million settlement to the Federal Trade Commission (FTC) and Utah on allegations that the company intentionally profited from Child Sexual Abuse Materials (CSAM) and Non-Consent Materials (NCM).
Previously it was Mindgeek, but Aylo made major changes to how content is mitigated in the second half of 2020. The New York Times has announced an open statement showing that Aylo’s most popular portfolio website, Pornhub, could not remove it by preventing uploads of CSAM and NCM. It was only after pressure from credit card operators that the company verified the age of all actors in the uploaded video and requested documents proof of actor consent.
However, the FTC and Utah argue that even after Iro enacted these safeguards, the company continues to host illegal content and irresponsibly control consumer data.
According to the FTC, Airo did not reveal that Airo would retrieve data from the vendor and retain it indefinitely after the performer verified his identity through a third-party vendor. This data claimed by the FTC was not stored securely and can include any Social Security number, address, date of birth and other information you may find in your government ID.
“Iro also told the model that while it can trust that personal data remains secure, it could not protect it using standard security measures,” the FTC said in a press release. “For example, Iro didn’t encrypt any stored personal data, could not restrict access to the data, and did not store the data behind the firewall.”
The FTC also claims that Aylo failed to maintain its promise to ban users who attempted to upload CSAM. The complaint says that Airo simply barred these users from creating new accounts using the same username or email address.
Iro also promised to “fingerprint” videos suspected to be CSAM, so if someone tried to upload it to any of that hundreds of porn sites, it would be flagged. However, the FTC claims that the technology was not effective at least from 2017 to August 2021, resulting in hundreds of videos previously identified as having CSAM re-uploaded.
TechCrunch Events
San Francisco
|
October 27th-29th, 2025
Aylo was happy to enter this settlement. The settlement states that, according to a statement emailed to TechCrunch, “reaffirms (that) efforts to prevent the publication of CSAM and NCM.”
As part of the settlement, Iro will need to verify the consent and identity of those appearing in the uploaded photos and videos. The company is also ordered to implement policies, procedures and technical measures to block the publication of CSAM and NCM and to remove content posted prior to the implementation of the system.
“The resolution reached was related to strengthening existing measures, but did not introduce any new substantial requirements that have not been introduced or are not currently underway,” Ayro said.
For the next decade, Iro faces an independent third-party audit, ensuring that the company complies with the terms of the settlement.
