Spread the love

This article is written by Mithila Ravinutala of OP Jindal Global University, an intern under Legal Vidhya

ABSTRACT

This article analyses the fragmented global regulatory landscape for artificial intelligence and deepfake technology, highlighting the tension between innovation potential and significant risks including privacy violations, disinformation, and non-consensual intimate imagery. The analysis examines diverse jurisdictional approaches: the European Union’s risk-based, rights-centric AI Act; the United States’ targeted criminalization of harmful deepfakes through the TAKE IT DOWN Act; China’s mandatory watermarking and transparency requirements; Denmark’s pioneering approach establishing inalienable rights to personal likeness; and India’s hybrid risk-classification framework. The article addresses emerging paradigms including detection technologies (C2PA, XAI), tensions between free speech and harm prevention, sector-specific governance in healthcare and finance, and challenges such as digital evidence admissibility and liability across AI value chains. It advocates for a unified global framework through UN-led multistakeholder dialogue, OECD principles implementation, capacity-building for developing nations, and explicit human rights anchoring to harmonize standards while preventing regulatory arbitrage and technological imperialism.

KEYWORDS

EU AI Act, TAKE IT DOWN Act, non-consensual deepfakes, watermarking, C2PA standards, explainable AI (XAI), global AI governance, multistakeholder dialogue, OECD AI Principles, UNESCO AI ethics, deepfake regulation

INTRODUCTION

Artificial intelligence and deepfake technology represent one of the most transformative technological developments of our era. These technologies demonstrate remarkable potential across diverse sectors, from revolutionary medical diagnostics and personalized education to breakthrough scientific research and sophisticated financial analysis. Yet this same technological power carries unprecedented risks. The ability to create synthetic content indistinguishable from authentic media threatens personal privacy, enables political disinformation at scale, and facilitates non-consensual intimate imagery that disproportionately harms women and marginalized communities. The global community faces a fundamental question: How can legal frameworks effectively mitigate these harms without unnecessarily restricting innovation that could benefit humanity?

This question has no easy answer. As a United Nations expert group emphasized, the development and deployment of these transboundary technologies “cannot be left to market forces alone.” The international community must develop thoughtful, coordinated responses. Yet the regulatory landscape remains fractured. The European Union has established comprehensive, binding rules. The United States pursues targeted approaches addressing specific harms. China enforces mandatory transparency measures. India develops hybrid frameworks. These divergent strategies reflect different valuations of innovation, security, and rights, valuations that must ultimately be reconciled through sustained dialogue.

This analysis examines the current regulatory landscape, identifies key tensions and emerging solutions, and explores pathways toward a unified global framework grounded in human rights and democratic principles.

THE GLOBAL REGULATORY LANDSCAPE

Governments worldwide grapple with a fundamental regulatory challenge: how to encourage beneficial innovation while protecting citizens from potential harm. This tension has produced an intricate, inconsistent global mosaic of laws, guidelines, and emerging principles.

The foundational problem appears immediately. Jurisdictions cannot even agree on universal definitions of AI or establish coherent regulatory approaches. Some nations prioritize innovation; others emphasize precaution. Some ground regulation in human rights; others focus on sectoral risks.

This diversity reflects genuine philosophical differences about technological governance. The regulatory spectrum ranges from the European Union’s comprehensive, binding AI Act, establishing clear risk categories and mandatory compliance mechanisms, to the United States’ fragmented approach relying on sector-specific guidance and state-level legislation. The UK promotes context-specific innovation frameworks that empower existing regulators without creating new bureaucratic structures. China pursues mandatory transparency through dual-layer watermarking to maintain informational ecosystem integrity. India proposes a hybrid model blending risk-based classification with sectoral implementation tailored to national conditions. Each approach reflects legitimate concerns and values. Yet the absence of harmonization creates significant problems: compliance difficulties for international businesses, regulatory arbitrage where companies locate operations in jurisdictions with minimal requirements, and dangerous gaps in protection for vulnerable populations.

UNDERSTANDING DEEPFAKES

Deepfakes represent hyper-realistic synthetic audio, video, and images created using advanced artificial intelligence techniques. They embody the dual-use dilemma that characterizes powerful technologies: tools with legitimate applications alongside potential for serious harm.

The legitimate uses are genuine. Deepfakes enable educational applications, artistic expression, scientific visualization, and entertainment. In medicine, synthetic media helps surgeons practice complex procedures. In entertainment, deepfake technology allows creative storytelling without harming real individuals.

Yet deepfakes have been systematically weaponized. Non-consensual intimate imagery has targeted women at scale, causing documented psychological harm including depression, anxiety, and trauma. Political deepfakes spread disinformation during elections, undermining democratic processes. Financial deepfakes enable fraud through executive impersonation. Deepfakes depicting minors constitute child sexual abuse material (CSAM). Deepfakes in law enforcement contexts, used for interrogations or false evidence, threaten due process itself.

This dual-use challenge means regulation cannot simply prohibit deepfakes entirely. Instead, lawmakers must distinguish between legitimate uses requiring protection and harmful uses requiring restriction. This requires nuanced, evidence-based policy grounded in understanding actual harms.

EMERGING REGULATORY MODELS

Denmark pioneered a distinctive approach by amending its copyright law to recognize an inalienable right to personal likeness. Under this framework, individuals possess inviolable rights to their own face, voice, and body. This model treats personal likeness as a form of intellectual property, authorizing individuals to demand takedowns of unauthorized deepfakes.

The approach has distinctive strengths. It centres human dignity. It provides clear legal standing for affected individuals. It extends protection fifty years after death, recognizing that reputational harm extends beyond an individual’s lifetime.

However, the model creates genuine tensions with freedom of expression. Broad prohibitions on synthetic media could restrict legitimate speech, including political satire and parody. Balancing personal dignity against free expression requires careful calibration. Courts must distinguish between dignitary harms requiring legal remedy and harmless speech entitled to protection. This balance is achievable but demands sophistication from legal systems and careful judicial interpretation.

The United States has adopted a different strategy through the TAKE IT DOWN Act (2025), the first comprehensive federal deepfake legislation. This approach criminalizes the most harmful cases without creating universal prohibitions. The Act criminalizes distribution of non-consensual intimate deepfakes, imposing penalties up to three years imprisonment. Critically, it requires online platforms to remove such content within 48 hours, addressing the reality that perpetual distribution compounds harms.

France has adopted similar legislation through Article 226-8-1 of its Penal Code, criminalizing public dissemination of non-consensual intimate deepfakes. This model demonstrates capacity to address high-harm activities effectively.

However, targeted approaches face inherent limitations. New forms of harm inevitably emerge as technology evolves. Legislative reform moves slowly relative to technological change. Regulation that addresses today’s harms may become obsolete as malicious actors develop novel applications. Targeted models require ongoing adaptation and vigilance.

CHINA’S WATERMARKING AND LABELLING

China has pursued transparency as its regulatory strategy through the 2025 Measures for Labelling of AI-Generated and Synthetic Content. This approach mandates dual-layer watermarking: a visible label indicating AI-generation, plus invisible metadata with tamper-proof digital signatures. The framework requires clear labelling of any AI-generated or manipulated content.

This model reflects a legitimate concern: informational ecosystem integrity. If audiences cannot distinguish synthetic from authentic content, trust in information systems collapses. Transparency enables informed decision-making. Audiences who know content is synthetic can adjust their judgment accordingly. Yet mandatory transparency approaches depend on technical durability and universal implementation. Watermarks can be removed or spoofed. Not all platforms may comply. Enforcement mechanisms remain underdeveloped. The approach also assumes detection technology remains ahead of creation technology, an assumption that may prove optimistic.

THE SECTORAL GOVERNANCE APPROACH: THE EUROPEAN UNION AI ACT

The EU AI Act establishes a risk-based governance framework. Rather than a one-size-fits-all prohibition, the Act categorizes AI applications by risk level. High-risk applications face stringent requirements including transparency, human oversight, and bias auditing. Lower-risk applications face lighter requirements.

This approach reflects sophisticated policy design. It recognizes that different applications pose different risks. Medical AI requires different safeguards than entertainment AI. The framework creates incentives for responsible development while avoiding excessive restrictions on low-risk applications.

The EU approach has influenced global governance. NIST’s AI Risk Management Framework and several national regulatory frameworks have adopted similar risk-categorization approaches.

THE FUNDAMENTAL TENSIONS: LAW, TECHNOLOGY, AND HUMAN RIGHTS

Effective AI and deepfake regulation must navigate several profound tensions. These tensions define the regulatory challenge.

Tension 1: The Technological Arms Race

Deepfake creation and detection technologies continuously evolve. Creators develop new techniques; detectors catch up. Detectors improve; creators develop more sophisticated techniques. This arms race creates fundamental policy challenges.

Emerging technologies offer hope. Coalition for Content Provenance and Authenticity (C2PA) standards provide digital provenance tracking. Explainable AI (XAI) increases algorithmic transparency. Liveness detection systems verify that individuals are physically present. These tools are indispensable.

Yet widespread deployment of detection technology creates its own risks. Surveillance systems could track individuals’ locations and activities. Authentication systems could enable oppressive state monitoring. Regulatory frameworks must balance detection capabilities against privacy rights, a genuinely difficult equilibrium.

Tension 2: Free Expression Versus Harm Prevention

Perhaps the most contested regulatory question concerns the balance between free speech and harm prevention. Broad prohibitions on synthetic media could restrict legitimate expression, political satire, artistic parody, critical commentary, and educational uses all depend on creating non-authentic content.

Laws must be carefully tailored to address specific, demonstrable harms without sweeping away protected speech. Malicious intent must matter. Context must matter. The difference between a deepfake intended to defame versus one intended to parody requires legal recognition.

This requires legal sophistication. Courts must develop doctrine distinguishing harmful from harmless synthetic media. Legislators must resist temptation toward overly broad prohibitions. International standards must recognize regional variations in how different societies balance these values.

Tension 3: Digital Evidence and Due Process

Deepfakes challenge fundamental legal principles about evidence and proof. If synthetic media can be created convincingly, how can courts reliably distinguish authentic from fabricated evidence? What happens if law enforcement uses deepfakes during interrogations? What if artificial evidence is introduced in criminal trials?

These are not theoretical problems. Cases have already emerged of deepfake evidence, fabricated interrogation materials, and deepfakes used in fraud. Legal systems must develop clear evidentiary standards. Digital evidence requires rigorous authentication before admission. Fabricated evidence must be prohibited explicitly. Safeguards must prevent use of deepfakes in interrogations.

Tension 4: Accountability Across the AI Value Chain

Who bears responsibility for harmful deepfakes? The individual creator? The platform hosting the content? The AI developers who created the underlying technology? The data providers who trained the model? Legal liability must be clearly allocated.

Current frameworks often leave this question ambiguous. Platform liability varies by jurisdiction. Developer liability remains underdeveloped. Data provider responsibility is unclear. Meaningful accountability requires clarity about who must do what to prevent harms.

ADDRESSING THE PRIMARY HARM

The most immediate regulatory concern involves non-consensual intimate imagery, including deepfakes. This harm deserves priority attention because victims face severe, documented consequences.

Non-consensual intimate deepfakes overwhelmingly target women and girls. Victims lose employment. They experience shame, stigma, and social ostracization. Documented psychological effects include depression, anxiety, PTSD, and in extreme cases, self-harm. Survivors report that perpetual circulation of fabricated imagery extends the trauma over years.

The crime exhibits patterns. Perpetrators typically target multiple victims. They exploit anonymity. Many deepfake creators operate across jurisdictions, complicating enforcement. Some deepfakes target minors and constitute child sexual abuse material.

The TAKE IT DOWN Act addresses this through criminal penalties and rapid removal requirements. India’s proposed 36-hour removal standard similarly responds to the urgency of preventing ongoing harm. However, effective responses require more than law enforcement. Survivors need support services, including counselling and legal assistance. Law enforcement needs training in deepfake detection and investigation.

Legislation should broadly prohibit use of individuals’ likenesses without consent, including when faces are superimposed on others’ bodies. Narrow exceptions should apply only to clearly protected speech, journalism, satire, and critical commentary. When someone has been harmed, they must have legal recourse.

SECTOR-SPECIFIC GOVERNANCE

One-size-fits-all AI regulation proves inadequate. Different sectors face distinct risks and operate under different regulatory frameworks. Tailored approaches are necessary.

Healthcare Sector

AI applications in healthcare create unique risks. Diagnostic errors have medical consequences. Deepfakes in healthcare, whether synthetic medical evidence or AI-generated false health information, can endanger patients. Privacy breaches reveal sensitive medical information.

US enforcement actions demonstrate growing regulatory attention. The Department of Justice has issued subpoenas regarding generative AI use in electronic medical records. False Claims Act investigations examine AI-driven coverage decisions. These actions signal regulatory concern about insufficient safeguards.

Healthcare organizations must implement rigorous compliance programs. AI applications require transparent disclosure to patients. Bias testing must precede deployment. Continuous monitoring ensures systems perform safely and equitably. Documentation must demonstrate that human judgment remains central to medical decisions.

Financial Sector

Financial institutions face deepfake vulnerabilities, particularly regarding digital identity verification and executive impersonation fraud. The sector’s heavy dependence on digital authentication makes it susceptible to sophisticated attacks.

Best practices include multi-factor authentication, AI-powered detection systems, and real-time transaction monitoring. Detection systems must identify anomalies signalling potential fraud. Documentation must ensure fairness in algorithmic lending decisions. Regulatory frameworks must mandate transparency regarding AI use in lending and require compliance with anti-discrimination law.

Law Enforcement

Law enforcement faces perhaps the most profound deepfake challenges. Deepfakes threaten due process and evidential integrity. Deepfake evidence could convict innocent individuals. Deepfakes used in interrogations could coerce false confessions. Deepfakes depicting minors constitute CSAM.

Legal systems must establish clear rules: Digital evidence requires rigorous authentication before admission. Fabricated evidence is categorically prohibited. Deepfakes cannot be used in interrogations. Specialized cybercrime units trained in deepfake detection must investigate synthetic media crimes. When deepfakes have been used in criminal proceedings, courts must establish procedures for reviewing convictions and addressing resulting injustices.

TOWARD UNIFIED GLOBAL GOVERNANCE

The current fragmentation of national laws is unsustainable for technology that operates transnationally. Current regulatory divergence creates compliance challenges for international businesses, leaves dangerous gaps in protection, and enables regulatory arbitrage where companies exploit jurisdictional differences.

The United Nations has called for globally inclusive AI governance architecture. This requires more than coordinating national strategies. Progress requires establishing twice-yearly intergovernmental and multistakeholder policy dialogues to share best practices, build consensus on harmonized minimum standards, and address cross-border issues like deepfake-driven fraud.

The OECD AI Principles, endorsed by 44 member states, provide foundational guidance. These principles emphasize inclusive growth, respect for rule of law and human rights, transparency, robustness, and accountability. Though non-binding, they have demonstrated normative influence, shaping the EU AI Act, NIST’s AI Risk Management Framework, and emerging national regulations. Building on OECD principles requires moving beyond voluntary guidance toward binding commitments on minimum standards, particularly for high-risk applications and cross-border issues.

To prevent technological imperialism and ensure equitable governance, developing nations need support building AI governance capacity. A global fund for AI, enabling knowledge transfer, infrastructure development, and participation in governance discussions, is essential.

The UNCTAD-proposed global digital facility, modelled on CERN’s collaborative approach, offers a promising model. Through regional cooperation, developing nations could access AI infrastructure, participate in standard-setting, and develop indigenous AI ecosystems responsibly.

Any global framework must be explicitly anchored in existing international human rights law, humanitarian law, and the Sustainable Development Goals. This ensures that safety, dignity, and accountability remain foundational principles rather than afterthoughts.

The UN has emphasized particular concerns about military AI. Autonomous weapon systems must comply with international humanitarian law principles of distinction, proportionality, and accountability. Humans must remain in decision-making loops. States must develop effective accountability mechanisms for investigating violations.

Effective global governance requires participation from states, academia, civil society, and private sector actors. Current processes, including the G7’s Hiroshima AI Process, demonstrate the value of multistakeholder approaches while highlighting limitations. Participation remains concentrated in wealthy nations. UNESCO’s 2021 Recommendation on AI Ethics, adopted by all 194 UN member states, provides foundational principles of human rights protection, fairness, privacy, and accountability. Future frameworks must expand genuine inclusion of the Global South, women, and marginalized communities historically excluded from technology governance decisions.

CRITICAL CHALLENGES AND HONEST UNCERTAINTIES

Effective regulation requires acknowledging what we do not know and what we cannot control.

Technical Challenges: Detection technology must stay ahead of creation technology. Current approaches to watermarking, provenance tracking, and authentication show promise but remain incomplete. Watermarks can be removed. Metadata can be altered. No current system is perfectly robust.

Enforcement Challenges: International enforcement of AI and deepfake regulations presents enormous difficulties. Perpetrators operate across jurisdictions. Technical sophistication varies among law enforcement agencies. Resources for investigation remain limited.

Jurisdictional Tensions: Legitimate values differ across cultures and political systems. What constitutes acceptable speech, appropriate privacy levels, and justified security restrictions varies significantly. Unified governance must accommodate these differences without allowing them to create loopholes for harmful actors.

Rapid Change: Technology evolves faster than law. Regulatory frameworks established in 2025 may be obsolete by 2028 as new capabilities emerge. Governance structures must build in flexibility for rapid adaptation.

CONCLUSION

The global community stands at a critical decision point. How we choose to govern artificial intelligence and deepfake technology will shape technological development, democratic institutions, human rights protection, and international relations for decades.

The current regulatory landscape reflects fundamentally different valuations of innovation, security, and rights. The European Union has chosen precautionary, comprehensive regulation. The United States has chosen targeted approaches. China emphasizes stability and transparency. India develops hybrid frameworks. These approaches are not fully compatible. Yet they need not remain entirely isolated.

The UN General Assembly’s August 2025 resolution affirms what is increasingly clear: AI’s transnational nature makes coordinated global response essential, not optional. This choice is not between innovation and regulation. It is between increasingly harmful, uncontrolled development and responsible innovation that harnesses AI’s immense potential while erecting strong barriers against discrimination and harm.

Progress requires several simultaneous actions. First, nations must build on OECD principles to establish binding minimum standards for high-risk applications. Second, capacity-building initiatives must ensure developing nations participate meaningfully in governance. Third, global frameworks must be explicitly grounded in human rights, international humanitarian law, and democratic principles. Fourth, multistakeholder processes must genuinely include voices of those most affected: women, marginalized communities, and the Global South.

The regulatory experiments underway in Europe, the United States, China, and India offer valuable lessons. We must study their successes and learn from their limitations. The frameworks established in 2025 and 2026 will reverberate through the decade, determining whether artificial intelligence becomes a tool for human flourishing or a source of unprecedented deception and harm. The choice is ours. The time to act is now.

REFERENCES

  • Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024, 2024 O.J. L (AI Act).
  • TAKE IT DOWN Act, Pub. L. No. 119-12, 139 Stat. 56 (2025).
  • Measures for the Labelling of Artificial Intelligence-Generated and Synthetic Content, effective Sept. 1, 2025 (China).
  • Online Safety Bill, 2023, c. 50 (UK).
  • Information Technology Act, 2000, No. 21 of 2000 (India).
  • Digital Personal Data Protection Act, 2023, No. 49 of 2023 (India).
  • Bharatiya Nyaya Sanhita (BNS), 2023, No. 6 of 2023 (India).
  • G.A. Res. 79/325 (Aug. 26, 2025).
  • Coalition for Content Provenance and Authenticity, About C2PA, https://c2pa.org (last visited Dec. 10, 2025).
  • UNESCO, RECOMMENDATION ON THE ETHICS OF ARTIFICIAL INTELLIGENCE (2021).
  • OECD, RECOMMENDATION ON ARTIFICIAL INTELLIGENCE (2023).
  • Cristina Garzón, Deceptive Exploitation: Deepfakes, the Rights of Publicity and Privacy, and Trademark Law, SSRN ELEC. J. (Oct. 8, 2024).
  • AI-Generated Misinformation in the Election Year 2024, 10 FRONTIERS POL. SCI. 1451601 (Aug. 14, 2024).
  • Deepfake Cases in the 2024 Lok Sabha Election, INT’L J. FORENSIC & MEDICO-LEGAL RSCH. (2024).
  • Explainable AI (XAI) for Fraud Detection: Building Trust and Transparency, SSRN ELEC. J. (June 6, 2025).
  • AI & Autonomous Weapons: Can International Humanitarian Law Keep Up?, SSRN ELEC. J. (Oct. 31, 2024).
  • FDA Oversight: Understanding the Regulation of Health AI Tools, BIPARTISAN POLICY CTR. (Nov. 11, 2025), https://bipartisanpolicy.org/issue-brief/fda-oversight-understanding-the-regulation-of-health-ai-tools/.
  • Judge Allows Lawsuit Over UnitedHealth Medicare Advantage AI Denials to Move Forward, BECKERS PAYER (Feb. 13, 2025), https://www.beckerspayer.com/payer/judge-allows-lawsuit-over-unitedhealth-medicare-advantage-ai-denials-to-move-forward/.
  • Understanding the New UN Resolution on AI Governance, IPPDR (Sept. 9, 2025), https://ippdr.org/understanding-the-new-un-resolution-on-ai-governance/.
  • Global AI Governance: Five Key Frameworks Explained, BRADLEY ARANT BOULT CUMMINGS LLP (Aug. 3, 2025), https://www.bradley.com/insights/publications/2025/08/global-ai-governance-five-key-frameworks-explained.
  • The EU AI Act: Where Do We Stand in 2025?, BUSINESS FOR SOCIAL RESPONSIBILITY (May 5, 2025), https://www.bsr.org/en/blog/the-eu-ai-act-where-do-we-stand-in-2025.
  • Deepfakes in India: Legal Landscape, Judicial Responses and a Practical Playbook for Enforcement, NAT’L E-GOV’T DIVISION (Sept. 28, 2025), https://negd.gov.in/blog/deepfakes-in-india-legal-landscape-judicial-responses-and-a-practical-playbook-for-enforcement/.
  • How AI-Generated Deepfakes Threaten Elections, JOURNALISTS RESOURCE (Feb. 15, 2024), https://journalistsresource.org/home/how-ai-deepfakes-threaten-the-2024-elections/.
  • Image-Based Sexual Abuse Laws: Combat Nonconsensual AI Deepfakes, RAINN (Aug. 27, 2025), https://rainn.org/rainns-recommendations-for-legislators/image-based-sexual-abuse-laws-combat-nonconsensual-ai-deepfakes/.
  • States Are Stepping Up on Health AI Regulation, AM. MED. ASS’N (June 8, 2025), https://www.ama-assn.org/practice-management/digital-health/states-are-stepping-health-ai-regulation.
  • AI in Healthcare: Opportunities, Enforcement Risks and False Claims and the Need for AI Safeguards, MORGAN LEWIS (July 13, 2025), https://www.morganlewis.com/pubs/2025/07/ai-in-healthcare-opportunities-enforcement-risks-and-false-claims-and-the-need-for-ai-safeguards.
  • FDA Perspective on the Regulation of AI in Healthcare and Biomedicine, JAMA (Jan. 20, 2025), https://jamanetwork.com/journals/jama/fullarticle/2825146.
  • Bias Recognition and Mitigation Strategies in Artificial Intelligence Healthcare Applications, 16 NATURE COMMUNICATIONS (Mar. 10, 2025), https://www.nature.com/articles/s41746-025-01503-7.
  • Ethical Obligations and Patient Consent in the Integration of Artificial Intelligence in Clinical Decision-Making, 3 J. OCCUPATIONAL HEALTH & SAFETY (Dec. 30, 2024).
  • Deepfakes in Medicine: A Detailed Analysis of the Dangers and Challenges, DEEPDETECT AI (Sept. 9, 2024), https://deepdetectai.de/deepfakes-in-medicine-a-detailed-analysis-of-the-dangers-and-challenges/.
  • Understanding the Threat of Deepfakes in Healthcare, PINDROP (July 15, 2025), https://www.pindrop.com/article/threat-deepfakes-in-healthcare/.

Disclaimer: The materials provided herein are intended solely for informational purposes. Accessing or using the site or materials does not establish an attorney-client relationship. The information presented on this site is not to be construed as legal or professional advice, and it should not be relied upon for such purposes or used as a substitute for advice from a licensed attorney in your state. Additionally, the viewpoint presented by the author is personal.


0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Play sound