An opinion piece by Colm Gannon, CEO, ICMEC Australia

The release of the ABC’s investigation into AI sexual companion chatbots brings into focus an emerging technology that has, until now, largely operated without meaningful scrutiny. Marketed as tools for companionship, intimacy, or even emotional support, these systems are rapidly gaining traction. Yet their development is increasingly revealing significant gaps in ethical design and regulatory oversight. 

It is important to be clear: not all AI companion technologies are inherently harmful. There may be legitimate use cases, including therapeutic applications for individuals experiencing loneliness or social isolation. However, acknowledging potential benefit cannot come at the expense of recognising real and documented risks. 

The concern is not simply about how these tools are used; it is about how they are designed. AI sexual companion platforms are built to simulate human relationships, engineered to engage, validate, and sustain emotional connection. These systems operate within a deeply social and psychological space, mimicking intimacy and attachment in ways that traditional software does not.¹ 

Within this context, the emergence of child-like AI personas represents a critical failure of ethical safeguards. Where systems simulate individuals estimated to represent minors, this is not only morally confronting but engages in clear legal risk. Such design choices reflect a breakdown in governance and a disregard for established societal boundaries. 

This is not a question of user misuse. It is a question of system design. Modern AI companion platforms incorporate features such as persistent memory and emotional modelling, intentionally developed to reinforce engagement and dependency.² These dynamics can mirror trust-building and influence mechanisms seen in harmful interpersonal interactions, but at scale, and without a human actor. 

Regulation has not kept pace with this shift. Australia has largely adopted a reactive or ‘light touch’ approach to emerging technologies. That posture is no longer sufficient. The development of systems operating in domains such as intimacy, sexuality, and identity requires a level of oversight that reflects their societal impact. 

This is not about restricting innovation. It is about ensuring innovation operates within clearly defined boundaries. Governments must establish enforceable standards for high-risk AI systems, including requirements for pre-deployment testing, clear prohibitions where necessary, and ongoing compliance mechanisms. 

There must also be explicit legal clarity. The simulation of child-like personas in sexualised contexts should not exist within regulatory grey areas. It must be clearly prohibited. 

Public sentiment already supports this shift. Research consistently indicates strong community expectation for government oversight of AI technologies, reflecting a broader recognition that innovation must be safe, ethical, and accountable. 

There is also responsibility within the industry. Engineers and developers must understand that success is not defined solely by speed to market or user engagement. Ethical design is not optional; it is fundamental. 

As a society, we should not be timid in demanding that technology meets clear standards. Nor should we accept the creation of new forms of harm in the name of economic innovation. 

AI is already embedded in everyday life, and its role will continue to expand. The question is not whether it will shape human behaviour, but whether we are prepared to shape the rules that govern it. 

Innovation without ethics is not progress. It is risk at scale. 
 

 
Footnotes: 

¹ AI chatbots and digital companions are reshaping emotional connection, https://www.apa.org/monitor/2026/01-02/trends-digital-ai-relationships-emotional-connection  

² F. Chang and D. Herath, "From Interaction to Relationship: The Role of Memory, Learning, and Emotional Intelligence in AI-Embodied Human Engagement," 2025 20th ACM/IEEE International Conference on Human-Robot Interaction (HRI), Melbourne, Australia, 2025, pp. 1269-1273, doi: 10.1109/HRI61500.2025.10973813. 

About the Author

Colm Gannon is the CEO of ICMEC Australia, leading the organisation's efforts to protect children from sexual exploitation and abuse. With 20 years of law enforcement experience spanning cybercrime investigations, online harms, and child sexual exploitation, combined with expertise in AI policy and technology development, Colm is one of Australia's foremost experts on child protection and the role of technology in both enabling and preventing harm to children. 

Media enquiries

For media enquiries, please contact press@icmec.org.au

Children's Online Privacy Code Stage 3 Consultation Submission | ICMEC Australia

ICMEC Australia has made a formal submission to the Office of the Australian Information Commissioner (OAIC) as part of the Phase 3 consultation on the Privacy (Children's Online Privacy) Code 2026 Exposure Draft. 

The Code represents a significant advance for children's digital rights in Australia. Our submission focuses on three areas where the current drafting requires strengthening: the operational tension between data minimisation obligations and child sexual exploitation and abuse detection; the need for the Code to encompass AI-related harms, including AI companion apps and generative chatbots; and the need for the best interests of the child standard to be explicitly binding. 

ICMEC Australia’s central position is that privacy and child safety must be treated as complementary obligations rather than competing ones.  

ICMEC Australia welcomes the OAIC's consultative approach and looks forward to the Code becoming a substantive instrument for children's digital rights in Australia.

Launching the first instalment of our new series of Insights Papers, Understanding nudify apps.

AI-driven “nudify apps” can take an innocent photo and turn it into a sexualised image within seconds. Once a niche tool, they are now mainstream, monetised and industrialised, fuelling sexual extortion, peer-on-peer exploitation and the large-scale creation of AI-generated child sexual abuse material (CSAM).

The first paper in ICMEC Australia’s new Insights Series examines how nudify apps exploit open-source AI, the severe harms they cause for children, and the urgent need for legal, community and cross-sector action.

The claim that “no real child is harmed” is false. Real children’s images are being scraped to train these tools, meaning exploitation begins the moment those images are reused.

Written by: Cherise Holley, Mikaela Jago, and Dr Janis Dalins

The impact of the 2026-27 Federal Budget on Australia's youngest stakeholders

Children make up nearly 23% of Australia's population. They are in every household, every suburb, every electorate – and as the 2026–27 Federal Budget sets the economic direction for the year ahead, children’s interests are at stake. 

This Budget falls against a backdrop of competing and legitimate pressures. Cost of living, housing, defence, fiscal repair all of which touch the lives of every Australian. For children, those pressures affect their day-to-day lives too. Yet unlike most other groups with a stake in policymaking, children have no direct voice in how policy is shaped. That is what the child protection sector is for, and why this Budget, like every one before it, deserves to be read through the lens of our youngest stakeholders.   

According to the Australian Council of Social Services, over 755,000 Australian children are currently living below the poverty line (ACOSS, 2025). Behind that figure are families navigating financial stress, overstretched services and the cumulative pressures that make safe, stable childhoods harder to sustain. Data released yesterday by Domestic Violence NSW points to something the sector has long understood: cost of living pressures and social isolation directly shape women and children's experiences of violence. Economic conditions and child safety are not separate policy domains; they are two parts of the same conversation. 

This is also the landscape that the child protection sector works within. Advocates, researchers, law enforcement, industry, and government have continued to push tirelessly and collaboratively for a stronger national response to child safety – and the needle has moved, asserting Australia’s position as a global leader in this space. Frameworks have strengthened. Cross-sector collaboration has deepened. Conversations are happening in ministerial offices and on the floor of Parliament.  

ICMEC Australia's research into the economic cost of child sexual exploitation adds weight to this. The downstream burden on hospitals, courts, mental health services and people's capacity to participate in work and community is significant and can be minimised through investment in prevention.  

This Budget is, in many respects, a significant one. Within its landmark measures on tax, defence and housing sit tangible commitments that speak directly to the safety and wellbeing of children. Continued investment in the National Strategy to Prevent and Respond to Child Sexual Abuse, the ongoing work of the eSafety Commissioner shaping child safety in the digital environment, and funding to ensure victims of domestic and sexual violence have the care and support they need – these are important foundations worth building on. 

The foundations for a stronger child safety system are being laid. What comes next is building on this through legislative architecture which includes a Digital Duty of Care, the growing importance of the AI Safety Institute, and sustained investment in all the systems that surround children. 

Australia's child protection system is filled with people and organisations deeply committed to building a safer world for our children. Every sector has a part in this – and the more voices at the table, the better the outcomes for children. 

Colm Gannon, CEO, ICMEC Australia 

Earlier today, ICMEC Australia met with a delegation of Mongolian parliamentarians and government officials to discuss one of the most pressing questions in online child safety: how do we actually verify who is using the internet, and what can we do with that information once we know? 

It is a question that governments across the world are wrestling with. Age assurance, the ability to determine with reasonable confidence whether a user is a child or an adult, has become a foundation of modern online safety architecture. Australia has already moved decisively on this with its social media delay for under-16s. The UK’s Online Safety Act, enforced by Ofcom, has gone further still, requiring platforms to implement age assurance that is ‘highly effective’, not just technically present. 

The problem with most age assurance approaches to date is where the verification happens. When each platform or service runs its own process, users face repeated verification cycles, data is shared across dozens of services, and children determined enough to circumvent one check simply move on to the next. The burden sits entirely with the individual user and the individual platform, and neither is particularly well equipped to carry it. 

Device-based age assurance changes the architecture of that problem. 

Earlier this year, Apple rolled out device-level age verification to UK users via iOS 26.4, making the UK one of the first countries in the world to implement this model at scale. The rollout has not been without friction – technical issues and gaps in accepted verification methods have presented real challenges for some users. But the underlying model is significant, and the direction of travel is clear. Under this approach, a user verifies their age once, directly with their Apple device. That verified status sits at the device level, tied to their Apple ID. Services can then query an age signal without ever receiving personal identity data directly. The verification is contained within the device ecosystem, not shared across the open web. 

The privacy implications of this are worth examining carefully. Device-based approaches raise fewer data minimisation concerns than platform-level alternatives – rather than every app and platform verifying your date of birth or identity document, the data stays with the infrastructure provider. It also means a single verification event can inform access decisions across many services, reducing the friction of repeated identity checks. No architecture is without trade-offs, and questions about circumvention remain live in the policy debate. But the device layer offers a more structurally robust starting point than asking each platform to solve this independently. 

There is a broader principle at work here too. A device-based system has the capacity to evolve with the person using it. A child’s account, properly verified, receives age-appropriate access and protections. As the user grows older and their verified status updates, access can expand accordingly. The device becomes a kind of lifelong safety layer, not a one-time gate. 

This is what a genuine safety stack looks like: device-level protection, platform-level controls, a digital duty of care built into infrastructure rather than bolted on after the fact. It is the theme ICMEC Australia has placed at the center of our 2026 Symposium, taking place in Sydney on 22 October. If you work in technology, policy, law enforcement or child protection and want to be part of that conversation, tickets are now available at icmec.org.au. 

ICMEC Australia's position has always been that safety architecture must be proactive, not reactive. Waiting for harm to occur and then responding is not a strategy. Building the conditions that reduce harm at the point of access is. What we are seeing emerge in the UK, and in conversations like the one just had with our Mongolian colleagues, is a growing global recognition that the device is the right place to anchor age assurance – because it is the one layer of the technology stack that genuinely follows the user. 

Children do not experience the internet in silos, and neither can the systems designed to protect them. 

About the Author

Colm Gannon is the CEO of ICMEC Australia, leading the organisation's efforts to protect children from sexual exploitation and abuse. With 20 years of law enforcement experience spanning cybercrime investigations, online harms, and child sexual exploitation, combined with expertise in AI policy and technology development, Colm is one of Australia's foremost experts on child protection and the role of technology in both enabling and preventing harm to children. 

Earlier this month, Anthropic chief executive Dario Amodei stood before some of Australia's leading policymakers and said, plainly: “The fundamental challenge remains – we know much less than we would like to, but the technology is moving faster than we’d like it. So we have to act, but we're not sure how to act.” 

Eight days later, OpenAI released a policy blueprint on protecting children in the age of generative AI – a detailed framework co-developed with the National Center for Missing and Exploited Children (NCMEC) and US state attorneys general, calling for updated laws, better reporting standards and safety-by-design controls built into AI platforms from the ground up.  

Then this week, Microsoft CEO Satya Nadella arrived in Australia to announce the company's largest ever investment in Australia – A$25 billion by 2029 – and signed a memorandum of understanding with the Government. 

Three of the world’s most powerful AI players in a mere month, explicitly told governments and industry to act. 

OpenAI’s blueprint is a worthwhile read. Its core argument – that protecting children requires a layered, prevention-first approach, not a single technical fix – is right, and echoes longstanding calls from the child safety sector. So does its insistence that better reporting isn’t just about volume, but about quality: structured, actionable information that allows investigators to triage cases faster and identify children who are at immediate risk of harm. That last point matters more than most people realise. 

Much of Australia's public conversation about AI and child safety has centered on AI-generated child sexual abuse material (CSAM) – synthetic imagery that doesn't depict a real child. There is sometimes an implicit assumption that this is therefore a lesser harm; a content problem, largely detached from real-world abuse. The evidence is unambiguous that this is wrong. 

AI-generated abuse material is being produced using existing images of real survivors, embedding their trauma into synthetic content and re-victimising them without their knowledge. Offenders are now using AI to create deepfakes of specific children from as few as 20 images. And increasingly, a disturbing legal tactic has emerged – what researchers call the ‘liars’ dividend’ – where offenders claim genuine evidence of contact abuse was AI-generated, exploiting public awareness of synthetic media to create plausible deniability.  

The harm is not abstract. Every piece of AI-generated material represents a real victim who deserves identification and justice – but the volume is now outpacing the capacity of those tasked with responding. Specialist investigators are being overwhelmed. The question is no longer whether this is a crisis; it is whether our response is equal to it. 

Australia is not ignorant to these complexities. ICMEC Australia hosted two National Roundtables on Child Safety in the Age of AI at Parliament House in July and September last year, driving a shift from concern to action. Independent Member for Curtin, Kate Chaney MP, in collaboration with ICMEC Australia, introduced a private member’s bill to criminalise AI tools built specifically to generate CSAM. The eSafety Commissioner has issued legal notices to AI companion chatbot providers. The Minister for Communications has announced an intention to ban ‘nudify’ apps. Across the research, advocacy and industry sectors, coalitions are forming – among them the SaferAI for Children Coalition, which unites more than 25 organisations around the shared goal of ensuring that children are kept safe in the rapidly developing digital space. 

Child safety in the age of AI is fundamentally a coordination challenge. No single piece of legislation, no single MOU, no single agency can address it alone. The policy architecture needs to match the scale of the problem.

Australia's conversation about AI and child safety has been almost entirely one-sided – focused on stopping AI being used to harm children. That is very necessary, but we’re missing a key part of the conversation. AI is also the most powerful tool we have to find and help children who are being harmed right now. Machine learning can flag harmful content faster than any human investigator. AI-assisted detection tools can triage which cases involve real victims in active danger, directing scarce investigative resources where they are most urgently needed. 

Australia has the research capability, the cross-sector buy-in and the policy momentum to lead on this – not just to regulate AI as a threat, but to deploy it as a protector. What is needed now is a systematic national approach that connects the dots: legislation that keeps pace with the technology, platform obligations with real enforceability, and active investment in AI as a tool for early intervention and victim identification.  

The window to act has not yet closed, but it will not stay open indefinitely. 

About the author 

Mikaela (a/g Manager, Government Affairs and Public Policy) works across government relations, public policy, and partnerships at ICMEC Australia, engaging with parliamentarians and agencies to turn emerging risks into practical policy outcomes. She leads the SaferAI for Children Coalition and contributes to cross-sector discussions on AI-enabled harm, governance, and child protection. 

Where to get help and report harm, specific to every state within Australia.

Over the past year, ICMEC Australia has been meeting with parliamentarians and their staff from across the country – walking them through the realities of child sexual exploitation and abuse (CSEA) in Australia, what the data shows, and where the policy landscape is heading.  

What those conversations made clear is that the landscape is genuinely hard to keep up with. The issue is evolving quickly, the terminology is specialised, and the reporting and support pathways differ from state to state. People want to help, but without a clear baseline understanding of the issue, it's hard to know where to start. 

That’s what these trifolds are designed to address. State-based and plain-language, they define the issue clearly, including terms like grooming and sexual extortion and guide people to the reporting channels and support services most relevant to where they are. 

Clear and accessible information is one of the most powerful tools we have. By building a better baseline understanding of this issue and making it easy to know where to report, we can help more children across Australia get help sooner. 

How to access the trifolds 

Digital versions of the trifolds are available to download from our website, you can find your state’s version below. If you work in a setting where these would be useful and would like to discuss these resources further, we'd love to hear from you.

Any questions? Reach out to us at info@icmec.org.au

ICMEC Australia responds to Louis Theroux's Inside the Manosphere and calls for child safety to be centred in technology, law enforcement, and government 

Louis Theroux's Inside the Manosphere has millions of Australians asking hard questions about what young people encounter online. At ICMEC Australia, those questions are ones we live with every day, and the answers point to something bigger than any single platform or influencer. 

When Inside the Manosphere landed on Netflix earlier this month, it did what good documentary filmmaking does. It took something specialists have been watching with alarm for years and made it visible to everyone. Parents, educators and policymakers who had never heard the term 'manosphere' are now searching for it and asking what it means for the children in their lives. 

"Boys are being harmed. That is the starting point." 
  Colm Gannon, CEO, ICMEC Australia 

Boys are being harmed 

The manosphere is not simply a debate about gender or culture. At its core, it is a child protection issue. Young boys, many of them still in primary and secondary school, are being exposed to content that distorts their understanding of themselves, of women, and of what healthy relationships look like. This is not content they are seeking out deliberately. They arrive at it through entirely ordinary online behaviour: watching fitness videos, looking for confidence tips, searching for a sense of direction. And then, gradually, the content shifts. 

The harm this causes is real and compounds over time. These are children at a formative stage of development, absorbing messages about masculinity, power and relationships that they are not equipped to critically evaluate. A Movember report found that more than two-thirds of young Australian men engage with masculinity influencers online.   These are not radicalised outliers. They are ordinary boys, and they deserve better than what these spaces are offering them. 

How content reaches children at this scale 

Inside the Manosphere focuses, understandably, on the individuals whose views are visible enough to generate reaction. But the more important question is how those views travel so far and so fast, particularly to children who were never looking for them. Recommender systems are designed to maintain attention by serving up content that generates a strong response. They do not distinguish between what is healthy and what is harmful. A young person who pauses on certain material, even briefly, signals to the system: show me more. Step by step, the content escalates. 

The reason is straightforward: these platforms are built to drive engagement. More views, more clicks, more follows, more time on screen.  

That is the metric they are optimised for, not the wellbeing of the children using them. This is not a criticism of any particular company, sadly this is the nature of social media platforms. It reflects a broader challenge in how online systems have evolved, one that the technology sector, regulators and the child protection community are working to address together. Where child safety has not been centred in that process, the consequences for young people have been significant. 

What the frontlines are telling us 

The evidence linking specific online content to specific offline harm is still developing, and honesty requires us to say so. What I can say with confidence is what ICMEC Australia hears across every sector we work with. Financial institutions, law enforcement agencies, and government partners are consistently and increasingly concerned. The professionals on the frontlines, investigating exploitation, responding to disclosures, following financial trails, are not theorising about these dynamics. They are managing caseloads shaped by them. The Australian eSafety Commissioner has put it plainly: when harmful attitudes are normalised and reinforced over time, the risk of real-world harm is real. 

The conversation is already happening 

Across every sector we engage with, this moment has prompted real discussion. People want to understand these issues better - not just as a cultural talking point, but in terms of what it means for their organisations and their capacity to protect children. That means financial institutions building the capability to recognise indicators of exploitation. It means law enforcement with current training on technology-facilitated harm. It means technology partners, government and the child protection sector working from a genuinely shared understanding of how these harms operate. 

Building that understanding across sectors, sectors that do not always speak the same language, around issues that change fast, is the work ICMEC Australia exists to do. Inside the Manosphere will not solve any of this. But it has done something that years of expert reports and policy papers have struggled to do: it has put the issue in front of millions of ordinary Australians and started a conversation that needed to happen at scale. That matters. Child safety belongs in every boardroom, every law enforcement briefing and every technology conversation. If Inside the Manosphere has reminded us of that, it has done something genuinely important. The door is open, and ICMEC Australia is ready to keep that conversation going. 

About the author 

Colm Gannon is the CEO of ICMEC Australia, a non-profit organisation, working to prevent and respond to child sexual exploitation by strengthening safeguards across technology, industry, and policy systems. ICMEC Australia regularly engages with regulators, platforms, and technology leaders on safety-by-design, consent protections, and platform accountability. 

ICMEC Australia has lodged its 2026–27 Federal Pre-Budget Submission, calling for targeted Commonwealth investment to strengthen Australia’s response to online child sexual exploitation and emerging AI-enabled harms. 

Technology-facilitated abuse is increasing in scale and complexity across every jurisdiction. Frontline police and call-takers are regularly encountering technology-facilitated harms such as sexual extortion, grooming and AI-generated abuse material – often before specialist units are involved.  

Our submission seeks $6.6 million over three years to deliver two practical national initiatives. 

The first is a National Child Abuse Response Training Program for Frontline Police, equipping general duties officers and call-takers with the skills to recognise, triage and respond safely to online exploitation at first contact. The program is already being piloted and is designed for national rollout in partnership with law enforcement agencies. 

The second strengthens the SaferAI for Children Coalition, ensuring child protection expertise directly informs Australia’s AI safety standards, policy and risk frameworks. 

Together, these initiatives will lift national frontline capability and embed a child-centred and prevention-first lens in AI governance – helping ensure every child receives safer, more consistent support in an increasingly complex digital environment. 

A statement from Dannielle Kelly, Head of Government Affairs and Law Enforcement Outreach.  

The national focus on online harm affecting children did not arrive by chance. It exists because victim survivors, frontline practitioners, researchers, and advocates have spent years forcing uncomfortable truths into public conversation. Their persistence has helped move online child harm from a specialist concern into the broader child protection conversation, prompting greater focus from governments, regulators and industry. 

As we move through 2026, the challenge is no longer awareness. The challenge is action. 

Safer Internet Day plays an important role in focusing attention on online harm. For children, families, and frontline responders, however, these issues are an everyday reality, continuing to evolve as technology moves faster than policy. Grooming, sexual extortion, and child sexual exploitation are being reshaped by generative AI, encrypted platforms, and rapidly changing online behaviours. Families are often confronting this complexity, well before systems are ready to respond. 

Recent enforcement action by the eSafety Commissioner has reinforced the importance of accountability in protecting children online. Strong, independent regulation provides a vital foundation for safer digital spaces, particularly when it is complemented by coordinated policy, capable frontline response, and practical collaboration across government, industry and child-focused services. 

What we see consistently is fragmentation at the point where harm occurs. Families are left uncertain about where to report, children receive inconsistent responses, and frontline police are asked to manage trauma disclosures, complex digital evidence, and emerging technologies alongside their core policing duties. This gap is where ICMEC Australia focuses its work. 

Late last year, we launched the pilot of our Child Abuse Response Training for Frontline Police, with a clear objective: to equip every frontline police officer in Australia with the skills and confidence to respond effectively when online harm intersects with a child’s life. The quality of that first response matters. How a disclosure is received and acted on can shape a child’s recovery and a family’s trust in the system. 

Alongside this work, we continue to engage across government, industry, law enforcement, and research to align policy, prevention, and practice. Child safety does not sit neatly within one portfolio. It cuts across technology, communications, education, social services and justice. Progress depends on those parts of the system working together rather than in isolation. 

Children’s lives are shaped by digital spaces every day. Our responsibility is to ensure the systems around those spaces such as policy, regulation, industry practice, and frontline response - are equally present and effective. We are past identifying the problem. What is needed now is sustained investment in frontline capability, coordinated action across government, and clear expectations on industry, so that when harm occurs, children and families are met with competence, consistency and care.  

About the author

Dannielle Kelly (Danni) is the Head of Government Affairs and Law Enforcement Outreach at ICMEC Australia, where she leads strategic partnerships across government, law enforcement, industry and academia to advance efforts to prevent child exploitation. A former Australian Federal Police leader with more than 17 years’ experience, including work with the Australian Centre to Counter Child Exploitation (ACCCE), she has led organisational reform and long-term operational strategy initiatives. Her work focuses on building research-informed, cross-sector programs that strengthen national and global responses to child exploitation.