The Senate Judiciary Committee approved a new bill this week that seeks to prevent unauthorized deepfakes of American artists, performers and public figures. While the bill sailed through a committee voice vote, both Senators and outside groups say they’re worried it could become a tool for the powerful to quash free speech. 

The NO FAKES Act, introduced by Sens. Chris Coons, D-Del., and Marsha Blackburn, R-Tenn., would give Americans near-exclusive rights to their own digital AI replicas, and those rights live on, passing to heirs, executors and estates for at least 70 years after an individual dies.

While living, creators would be able to essentially license their likeness and image to others, over 10-year contracts for adults and 5 years for minors.

It would also permit individuals to sue anyone who uses their AI-generated image without permission, and pay up to $750,000 for violations. Blackburn submitted letters of support for the bill from more than 40 groups, including the Screen Actors Guild – American Federation of Television and Radio Artists, the American Medical Association, Creative Artists Agency, the Broadcasters’ Associations and the Human Artistry Campaign.

“It is imperative that we put this national standard in place for voice and visual likeness protection of creators, to protect from proliferation of harmful AIgenerated deepfakes that are created without their consent,” said Blackburn in a Thursday markup of the bill.

The introduction of consumer-grade AI tools has made it trivial to create convincing deepfakes of real individuals and public figures. The harms are well documented: bad actors have used them to create nonconsensual pornography or sexualized media of people they know, create child sexual assault material (CSAM) , and blackmail or humiliate individuals.

Artists have faced real challenges in the AI era when it comes to controlling their digital likeness. Last year, the Better Business Bureau warned that its Scam Tracker had been flooded with complaints about AI-celebrity endorsement scams. These included  deepfakes of Oprah Winfrey promoting weight loss products, Kim Kardashian pleading for donations to fight California wildfires, and pop star Taylor Swift and celebrity chef Gordon Ramsay endorsing cookware.

In the political arena, candidates now create deepfakes of their political opponents, putting words into their mouths or placing them in embarrassing or humiliating situations. Online, disinformation actors have repeatedly spread AI-generated videos and images of politicians like Donald Trump, Kamala Harris, and even regional or local politicians saying or doing scandalous things.

The bill represents one of the most aggressive attempts by U.S. policymakers to protect the digital commercial rights of artists and public figures. New York, for instance, passed a law this month that requires film and television advertisers to publicize when they’re using deepfakes in ads, but does not create a similar copyright regime for artists’ likeness. A Tennessee law, The ELVIS Act, that prohibits the unauthorized use of an individual’s voice and likeness and creates secondary liability for large platforms that publish or distribute the content.

The NO FAKES Act faces opposition from an alliance of tech business and digital rights groups. They argue the bill  fails to balance the commercial rights of artists to control their own image with longstanding First Amendment constitutional rights to free speech and parody.

Amy Bos, vice president of government affairs at NetChoice, a trade association for online businesses, said that while her group supports legislation that prevents unauthorized AI generated deepfakes, “good intentions do not make good law.”

“As written, this bill creates a dangerous financial incentive for platforms to aggressively over-remove lawful content, burdens creators with an unworkable counter-notification system, and fails to deliver the uniform national standard its sponsors promised,” Bos said in a statement.

Many digital civil groups agree with that view. A broad coalition of policy groups – including the American Civil Liberties Union, the R-Street Foundation, the Center for Democracy and Technology, the Electronic Frontier Foundation and others – wrote to the Senate Judiciary Committee this week to urge members to oppose the bill in its current form.

They argued the current bill creates a “Heckler’s veto” over most online content, allowing artists, public figures and advocacy groups to flood the notification system with takedown requests for content they don’t like. Similar to a law already on the books, the Digital Millenium Copyright Act, virtually all the incentives in the bill push platforms to be overaggressive in taking down content, regardless of whether it violates the law or not.

This approach could end up quashing not just unauthorized ads but also scores of other likely First Amendment protected uses, such as education, humor, satire and parody.

In 2023, a humorous AI-generated image of Pope Francis in a puffy Balenciaga jacket went viral. Under the NO FAKES Act, the coalition says that post would be illegal for anyone to post until nearly 2100.

In the political arena, both Republicans like Trump and Democrats like California Governor Gavin Newsom have used AI deepfakes to skewer their political opposition.

“A law that undermines free expression will struggle to survive constitutional review,” the groups wrote. “In the meantime, it can do lasting damage, both to lawful speech and to the autonomy of the people it claims to protect. We urge the Committee not to advance the NO FAKES Act in its current form, to examine how existing state and federal law already addresses the legitimate harms the bill seeks to address, and to pursue narrowly tailored solutions only where a genuine gap remains. We would welcome the opportunity to assist.”

While the bill passed by voice vote and with broad support, multiple Republican and Democratic members of the committee said they had similar concerns and expressed a desire to continue tweaking the bill further before passage into law.

In the Senate meeting, Coons appeared to dismiss those charges, arguing that changes made to the bill ahead of markup adequately address any First Amendment concerns.

“I want to be clear, NO FAKES includes features that protect free speech,” Coons claimed. “Parody, satire documentaries, biopics, newscasts, they’re all protected and we built in appropriate counter notification processes and exempted research libraries and archives.”

The post Congress tees up No FAKES Act, aiming at AI-generated deepfakes appeared first on CyberScoop.

The U.S. Departments of Justice and Homeland Security seized multiple internet domains this week, accusing them of being used to publishing thousands of AI or digitally-altered images and videos of nude women.

The domains, CFAKE.com and SOCFAKE.com, specialized in digital forgeries that “were made to appear to be sexual images of famous women, including politicians, first ladies of multiple countries, royalty, journalists, television presenters, athletes, entertainers, and others” either nude or engaged in sexual activity,” according to a Department of Justice release.

In addition to creating sexual images and videos of women without their consent, the service allowed people to browse by topics, including “rape,” “forced,” and “degradation.”

That description comes from a Department of Justice release describing the contents of its probable cause affidavit and search warrants. CyberScoop has not viewed the court documents.  

The sites were seized under the TAKE IT DOWN Act, a law passed last year giving federal authorities the ability to criminally prosecute those who create and distribute deepfake porn. The law was a rare moment of bipartisan agreement in Washington D.C., gaining support from both Democrats and Republicans who said their constituents were demanding tougher laws to curb the use of AI to create nonconsensual deepfake porn.

The operation marks one of the largest seizures since the law went into effect. The details of the operation disclosed by the government show how creators of deepfake porn rely on a web of international assets and infrastructure to evade law enforcement.

Robert Fraiser, U.S. Attorney for the District of New Jersey, said U.S. authorities worked in coordination with law enforcement agencies in France and Italy. According to U.S. officials, they were first notified about the website by Italian Polizia de Stato, while a parallel investigation run by the Paris Public Prosecutor’s Office in France resulted in the arrest of a suspect connected with the site, along with seized cryptocurrency funds.

“These seizures stopped a website that trafficked in humiliation, exploitation, and the violation of personal privacy on a massive scale,” said Frazer in a statement. “For the victims whose images were distributed without their consent, the harm is not virtual — it is deeply personal and often enduring.”

According to the Paris Prosecutor’s Office, Cyrille B., a 47-year-old French national was arrested and accused of being an administrator for CFAKE. A search of his home in Nice found computer equipment related to the site and a little more than $48,000 in Ethereum cryptocurrency that they said came from the site’s advertising.

The French investigation identified 300,000 images, 7,000 videos depicting 14,000 individuals from different countries. The site had approximately 200,000 user accounts, 4 million views per month and uploaded 50 pieces of new content every day.

The suspect had no prior criminal record, and will go to trial on July 7. The charges carry potential penalties of up to seven years in prison and €500,000.

U.S. Immigration and Customs Enforcement’s Homeland Security Investigation division is leading the federal investigation, in conjunction with the U.S. Attorney’s office for New Jersey.

The post US, France, and Italian authorities shut down massive deepfake porn site appeared first on CyberScoop.

The Federal Trade Commission is poised to deepen its involvement in curbing the use of AI for malicious purposes, including the spread of nonconsensual sexualized deepfakes and voice cloning scams.

Last year, Congress passed the Take It Down Act, a law that allowed for criminal prosecution of individuals who share or distribute nonconsensual, intimate images and digital forgeries, including those that are AI-generated.

At a Senate oversight hearing last week, FTC Chair Andrew Ferguson called the new law one of the “greatest legislative achievements” of the current Congress and President Donald Trump’s administration, and said the FTC was preparing for “robust enforcement.”

Earlier this month, the Department of Justice scored its first successful conviction under the new law, when 37-year-old Columbus, Ohio resident James Strahler pleaded guilty to using AI-generated deepfake nudes as part of a harassment campaign targeting at least six women.

Another section of the law – set to become active in May, will permit individuals to file “take down” notices with websites that publish or host sexual deepfakes. Companies will have 48 hours to remove the content or be subject to FTC investigation and enforcement.

Commissioner Mark Meador said at a March 30 conference in Washington D.C. that while he hopes they “never have to enforce it,” the FTC is treating Take It Down enforcement as a top priority and “actively spinning everything up that we need” to enforce the take down provision.   

That could quickly set up one of the first major confrontations with the tech sector— especially companies like xAI. Its Grok tool continues to be used to create and host nonconsensual deepfake images of real people, even after the scandal it faced earlier this year.

Following his speech, CyberScoop asked Meador how the take down provisions might apply to Grok’s mass nudification spree of its users. He said the law specifies that the commission can’t take action against a company until they receive formal complaints starting in May.  

“This is coming into place, and then if they don’t [remove the content] we would get the complaints and then we would go after them at that point,” Meador said. “So, we kind of have to wait and see how…companies respond to complaints and requests being made, and my hope would be that every company that gets a request to take something down would immediately take it down.”

xAI’s press office did not respond to CyberScoop’s request for comment on its preparations to comply with the Take It Down act. 

Strahler, who has yet to be sentenced, also admitted to using photos of children in his neighborhood to create deepfake pornography. A strategic plan published earlier this month flagged protecting children online as a “key concern” for the commission that merits more consumer tools and resources.

The commission is “dedicated to exploring other ways the FTC can protect children and support families, including through its new authority under the Take It Down Act,” the plan states.

Casey Waughn, a privacy lawyer and senior associate at Armstrong Teasdale, told CyberScoop that the current commission’s focus on child online safety leaves ample room for the law to be brought to bear in creative ways.

“We’ve seen enforcing technology and privacy violations related to youth children is a priority, so I think it’s relatively easy to parlay that into some Take it Down Act enforcement,” she said.

Waughn said the one-year delay for provision’s enforcement was so that platforms could prepare, but also said the FTC could do more to publicly signal to companies what lawful compliance looks like, similar to the resources they provide around major privacy laws.  

“I think what would be helpful for all organizations…would be guidance explaining what constitutes a good faith effort, for example, to attempt to address a take down request,” said Waughn.

Living in a scammer’s paradise

The FTC is also grappling with the impact of AI on criminal scams targeting Americans online.

Ferguson told lawmakers that AI is “increasing both the sophistication of the actual mechanisms by which the scams are accomplished, but it’s also making it easier for scammers to choose their targets.”

But the FTC’s powers are limited, as the Federal Communications Commission regulates the telephone and internet providers that transmit most scams. Ferguson also noted that many call center scams are located overseas “where they don’t bat an eye at the risk of civil enforcement from the FTC.” He said the commission was open to additional legislative authorities to tackle the problem.

At the March conference, Meador was said AI-fueled deception was something the commission thinks about “daily” and is lowering the barrier to entry for many criminal schemes.

“The biggest place that we’ve seen [in] the way that some of these AI tools are being used to triple charge scams, to be honest,” he said.

Last year, the FBI reported that voice cloning scams impersonating distressed family members had bilked Americans out of nearly $900 million, and the technology has been used to impersonate high level Trump administration officials in conversations with businesses and political leaders.

Senator Maggie Hassan wrote to four AI voice cloning companies – ElevenLabs, LOVO, Speechify and VEED – asking what policies and programs they had in place to prevent or deter fraud enabled by their tools.

But Meador said that when it comes to deceptive claims, it’s particularly difficult to define credulity around the use of AI. Many deepfakes, he said, are seen and consumed by many people online with the same sort of “willing suspension of disbelief” that they bring to computer-generated effects in movies.

As such, the FTC will likely have to adjudicate on a case-by-case basis rather than through “broad brush strokes.”

“I think we’ll see a lot of that in the AI context, where if you know something wasn’t meant to be real or authentic, that’s not a concern,” he said. “The question is then, what are those situations where there is an expectation that you’re being shown something authentic and quote, unquote ‘real’ as opposed to being AI generated and was there misrepresentation or material omission” to disclose that?”

The post The FTC’s AI portfolio is about to get bigger appeared first on CyberScoop.