As technology advances at an unprecedented pace, the role of artificial intelligence (AI) in driving innovation across industries has become crucial. The financial services sector, in particular, has recognized the potential of AI to improve efficiency, accuracy and customer experience.
Mastercard, a global leader in the payment industry, has recently introduced new AI regulations that are set to shape the future of financial transactions. However, those regulations also have specific implications for our industry. In this article, we will explore these new rules and what they mean for adult creators and companies.
Consent must be established if AI images and deepfakes are based on a specific person. Just like traditional content today, everyone who appears in the content must consent to what is going on in the production and consent to the content being published.
Understanding the New AI Rules
The Mastercard bulletin that took effect Aug. 15 covered various topics, including deepfakes and adult content generated by AI. Unfortunately, an important word was missing from the first sentence, which created even more confusion than usual when new rules are published. My colleagues and I could only speculate as to the intention of the new rule, so I contacted Mastercard.
The first sentence of the rule as published Aug. 15 stated: “If cannot be established, the content is considered in violation of the adult content and services requirements and therefore, must not be published or must be removed immediately.” It has since been updated to: “If consent cannot be established…” Consent. That’s quite a word to omit.
It’s important to note that if AI or deepfake images or video footage bear the image or strong likeness of an individual, all the standard practices should be observed: 2257 documents, including a model agreement, consent, proof of age and identity, etc. Those remain key, so consult your attorney.
How the New Rule Applies to Content Creators
Since the introduction of deepfake content, any reputable processor has prohibited the sale of such content if the individuals who appeared in it did not give consent for their image or likeness to be used. Just as we don’t allow revenge porn, we have never allowed merchants or end users to create deepfake content using images of a celebrity or former romantic partner without explicit written consent.
If a content creator wants to use their own face to generate hundreds or thousands of AI images and sell them on their fan platform, that’s perfectly acceptable. If a content creator wants to use someone else’s face to do that, and they have consent from that person, that’s also perfectly acceptable. But remember, consent can be revoked.
Better Understanding of the New Rule
The bulletin continues: “For the avoidance of doubt, if the adult content includes an image or strong likeness to an actual person and that person has not provided consent for the use of their image/likeness including, but not limited to, the creation of deepfake content, the content is considered in violation of Mastercard adult content and services requirements and therefore, must not be published or must be removed immediately.”
This covers the broad variety of AI image generators currently in existence, plus future tools that have not yet been invented — anything from a realistic-looking image to an animated graphic-style image. However, note the part that states, “an image or strong likeness to an actual person.” If the AI image is an amalgamation of numerous images but doesn’t look like any one person, consent is not required.
What This Means for Producers, Creators and Online Platforms
AI isn’t going anywhere — and I, for one, welcome our new overlords. As the rules catch up to technology, the spirit of the original rules lives on: Consent is key. Consent must be established if AI images and deepfakes are based on a specific person. Just like traditional content today, everyone who appears in the content must consent to what is going on in the production and consent to the content being published.
This new rule marks a pivotal moment in the journey toward responsible AI adoption in both the financial and adult sectors. By prioritizing transparency, fairness, privacy and accountability, this rule is not only ensuring that our operations align with ethical AI practices, but also encourages our industry as a whole to embrace similar principles. As AI continues to shape the future of content creation, these rules set the stage for a more secure, efficient and equitable landscape.
What’s Next?
If you are a content creator or platform operator and have questions about what is allowed, or if you find yourself in a situation that is not clear, please contact your merchant services provider’s compliance department. Reputable processors can help customers navigate the gray areas and avoid any potential BRAM or GBPP violations that might bring unwanted scrutiny from the card brands.
Jonathan Corona has two decades of experience in the electronic payments processing industry. As chief operating officer of MobiusPay, Corona is primarily responsible for day-to-day operations as well as reviewing and advising merchants on a multitude of compliance standards mandated by the card associations, including, but not limited to, maintaining a working knowledge of BRAM guidelines and chargeback compliance rules defined in both Visa and Mastercard operating regulations.
