loader

Disclaimer

The Bar Council of India does not permit advertisement or solicitation by advocates in any form or manner. By accessing this website, www.khaitanco.com, you acknowledge and confirm that you are seeking information relating to Khaitan & Co of your own accord and that there has been no form of solicitation, advertisement or inducement by Khaitan & Co or its members. The content of this website is for informational purposes only and should not be interpreted as soliciting or advertisement. No material/information provided on this website should be construed as legal advice. Khaitan & Co shall not be liable for consequences of any action taken by relying on the material/information provided on this website. The contents of this website are the intellectual property of Khaitan & Co.

Please accept the above
PROCEED TO WEBSITE
Close

Search

See all results for ""

Growing Concern over Deepfakes – CERT-In Issues Advisory

download
14-Dec-2024

On 27 November 2024, the Indian Computer Emergency Response Team (CERT-In) issued an advisory on Deepfake Threats and Countermeasures (Advisory), highlighting the escalating risks posed by the increasing sophistication of deepfake technology. This advisory serves as a critical resource for individuals, organizations, and businesses to identify, assess, and mitigate the threats arising from synthetic media.

What are Deepfakes?

According to the Advisory, deepfakes are a form of synthetic media created using artificial intelligence (AI) to generate or manipulate realistic videos, images and audio. These AI-generated media can convincingly alter or fabricate content to appear authentic.

Snapshot of the Advisory

The Advisory highlights the threats that deepfake technology poses such as financial fraud, where scammers impersonate company executives or family members to trick victims into transferring funds or sharing sensitive information; disinformation, which involves the creation of fake videos or audio to manipulate public opinion and erode trust in media and institutions, etc. The Advisory provides essential preventive measures for individuals such as verification of sources before sharing or acting on digital content, cross-reference information with reliable sources, limiting the sharing of high-resolution personal media, enabling privacy settings, and securing accounts with Multi-Factor Authentication (MFA).

Proposed Mitigation Strategies for Organizations

  •  

Watermarking Media. Embed digital watermarks in official content to deter exploitation.
  •  

Verification Protocols. Implement robust verification methods, such as MFA for all digital communications and callback procedures for sensitive transactions.
  •  

Advanced Detection Tools. Invest in AI-driven detection tools to identify deepfake content and ensure these tools are regularly updated.
  •  

Media Provenance Verification. Utilize provenance tools to trace the origins of media or perform reverse image searches to verify authenticity.
  •  

Enhanced Digital Forensics. Enhance cybersecurity teams with cutting-edge tools and forensics training to swiftly respond to deepfake incidents.
  •  

Monitor Public Channels. Regularly monitor social media and public platforms for potential deepfake content targeting organizations.
  •  

Crisis Management Plan. Develop protocols to respond effectively to deepfake incidents to minimize damage.
  •  

Legal Framework. Ensure compliance policies and legal mechanisms address deepfake threats and provide avenues for recourse.
  •  

Secure Communication. Adopt encrypted channels for sensitive discussions to prevent manipulation or interception.
  •  

Regular Security Audits. Conduct audits to identify vulnerabilities and ensure preparedness against emerging deepfake threats.

Comments

The proliferation of deepfake technology poses a significant risk as a vast digital user base increasingly relies on digital communication for business, governance, and personal use. This risk has been recognized by authorities, as evident from recent advisories issued by the Ministry of Electronics and Information Technology (MeitY).

Previously, MeitY has highlighted the need for organizations and government bodies to exercise due diligence and take expeditious action against deepfakes.

While India does not yet have specific legislation to address deepfakes, existing provisions under the Information Technology Act 2000 concerning impersonation, identity theft, and fraud provide a partial legal framework. Additionally, the Advisory, though not binding, offers guidance on precautionary measures such as watermarking, developing media provenance, developing protocols for incident response, etc. The forthcoming Digital Personal Data Protection Act 2023 could potentially address deepfakes in some form, though the extent remains to be seen.

Globally, countries are implementing targeted legal measures to combat the deepfake threat. In the United States, legislators have proposed the No Artificial Intelligence Fake Replicas and Unauthorized Duplications (No AI FRAUD) Act, which aims to prevent the unauthorized creation and use of AI-generated replicas. The European Union’s AI Act provides a comprehensive framework for AI regulation, including mandatory transparency obligations for AI-generated content. Similarly, China has introduced regulations mandating that AI-generated content be clearly labelled to distinguish it from authentic content.

Certain measures outlined in the Advisory, such as watermarking and the establishment of incident response protocols, appear to be influenced by such international laws. As deepfake technology continues to evolve, adopting best practices from global regulatory models will be crucial to mitigating risks.

  • Harsh Walia (Partner); Shobhit Chandra (Counsel) and Vanshika Lal (Associate)

For any queries please contact: editors@khaitanco.com

Harsh Walia (partners) , Shobhit Chandra (partners)

We have updated our Privacy Policy, which provides details of how we process your personal data and apply security measures. We will continue to communicate with you based on the information available with us. You may choose to unsubscribe from our communications at any time by clicking here.

For private circulation only

The contents of this email are for informational purposes only and for the reader’s personal non-commercial use. The views expressed are not the professional views of Khaitan & Co and do not constitute legal advice. The contents are intended, but not guaranteed, to be correct, complete, or up to date. Khaitan & Co disclaims all liability to any person for any loss or damage caused by errors or omissions, whether arising from negligence, accident or any other cause.

© 2024 Khaitan & Co. All rights reserved.

Mumbai

One World Centre
10th, 13th & 14th Floor, Tower 1C
841 Senapati Bapat Marg
Mumbai 400 013, India

Mumbai

One Forbes
3rd & 4th Floors, No. 1
Dr. V. B. Gandhi Marg
Fort, Mumbai 400 001

Delhi NCR (New Delhi)

Ashoka Estate
11th Floor, 1105 & 1106,
24 Barakhamba Road,
New Delhi 110 001, India

Kolkata

Emerald House
1B Old Post Office Street
Kolkata 700 001, India

Bengaluru

Embassy Quest
3rd Floor
45/1 Magrath Road
Bengaluru 560 025, India

Delhi NCR (Noida)

Max Towers,
7th & 8th Floors,
Sector 16B, Noida
Uttar Pradesh 201 301, India

Chennai

8th Floor,
Briley One No.30
Ethiraj Salai
Egmore
Chennai 600 008, India

Singapore

Singapore Land Tower
50 Raffles Place, #34-02A
Singapore 048623

Pune

Raheja Woods
03-108-111, 3 Floor
8, Central Avenue, Kalyani Nagar
Pune - 411 006, India

Gurugram (Satellite Office)

Suite No. 660
Level 6, Wing B,
Two Horizon Center
Golf Course Road, DLF 5
Sector 43, Gurugram
Haryana 122 002, India

Ahmedabad

1506 - 1508, B-Blockr
Navratna Corporate Parkr
Iscon Ambli Road, Ahmedabadr
Gujarat - 380058