Deepfake videos are everywhere. So how do we know what’s real?

Remember the phrase “Seeing is believing?” Deepfake videos have people second guessing what they are watching.

Deepfakes are videos manufactured by AI technology that can superimpose someone’s face on another person’s face and manipulate them into saying or doing things that didn’t happen. These videos have been used to spread propaganda on social media networks especially in politics.

Special effect video techniques that were once limited to movie studios and expensive software are now readily available and getting into the wrong hands.

Security experts believe that deepfakes were used by deceptive Facebook groups to influence the 2016 US presidential election in 2016.  As the next presidential election approaches in 2020, companies are working quickly on new technology that can detect deepfakes. 

How did Deepfakes begin?

In 2015, Google released powerful software called Tensorflow that was misused to create Deepfake technology. This software could automatically graft the image of any face onto another face in a video, almost seamlessly.

A user on Reddit used this software to create FakeApp then released it in a Reddit community. This allowed anyone to download the AI software to create Deepfake technology. Reddit has since banned that community but it was too late. This software has been adapted to create FaceSwap and most recently in the viral Chinese app, Zao which can replace the face of movie stars with your own face. 

Deepfake audio is becoming more common

We have to be careful about what we hear. Cyber criminals can used AI audio software to mimic someones voice. In March 2019, Deepfake audio was used to fool the CEO of a large energy firm based in the UK. The CEO thought he was speaking to his boss and unknowingly transferred €220,000 ($243,000) to the hackers. 

As audio software tools become more common, it is likely that more criminals will use them to their advantage. Cybersecurity experts report that there was a 47% increase in voice fraud  between 2016-17.

Racing to build new software

As deepfake creators are constantly changing and adapting their techniques to outsmart new detection software detection software are working hard to keep up.

Recently Facebook spent $10 million to create the Deepfake Detection Challenge where participants develop new technology that will detect a deepfake video.  

Top AI companies designed automatic systems that will analyze videos by assessing the lighting, blinking patterns and comparing the subject’s real-world facial movements.

UC Berkely has been working on new technology that can detect deepfakes but they feel like they are falling behind.  “We are outgunned,” said Hany Farid, a computer-science professor and digital-forensics expert at the University of California at Berkeley. “The number of people working on the video-synthesis side, as opposed to the detector side, is 100 to 1.”

There isn’t a law regulating deepfake as yet but legal technical experts have recommended adapting present laws to cover identity fraud especially when it comes to impersonating a government official.

Photo Via

How can you detect a Deep fake?

While some videos are obviously done for fun like The Steve Buscemi and Jennifer Lawrence Oscar video, experts are concerned about public figures being impersonated to say things that never said.

Paying attention to small details can help you detect a deepfake video. Subjects depicted in a deepfake video blink less often than humans do in real life. Deepfake technology is still struggling to keep up with the frequency and sometimes erratic action of blinking.

Other signs of deepfake video include:

  1. Blurring or change of skin tone towards the edge of the face  
  2. The face might become blurry briefly when a hand or another object passes over the face.
  3. Look closely for double chins or double edges on the face
  4. Eyes may be too close or too far from the edge of the face

Deepfake detection software is available

Reality Defender is an intelligent software that can be run alongside your web browser to detect fake pictures or video. It will scan every image and video on the page and report them as suspected fakes.

XceptionNet is an algorithm that spot the manipulated videos even if the video has been compressed (which usually makes detection difficult)

This system was developed by Andreas Rossler and colleagues at the Technical University of Munich in Germany. Compared to other detection software, it has been labeled as “ahead of the curve.” You can learn more about this software here.

Social media actually helps in the detection of Deepfakes because they compress the video which decreases the quality making flaws more obvious. 

So how can you protect yourself?

While technology is improving, the best advice is to watch the video carefully and judge for yourself. Watch other videos of the subject in the video and see if you detect any unnatural movements. Look at other websites other than social media to get another outlook on the news report. The first step is being aware.

If you have any questions about Deepfake videos or other how we can help your company improve your cybersecurity feel free to contact the security experts at Accorian. 

Who should prepare for the California Consumer Privacy Act?

Any for-profit company that does business or has customers in California should prepare for the California Consumer Privacy Act (CCPA). Here’s why they should.

The CCPA applies to businesses that are collecting data and personal information of residents in California, who meet one of the following conditions:

  1. Has an annual gross revenue of $25 million or more.
  2. The organization stores the data for over 50,000 or more consumers, households or devices.
  3. Selling consumers’ personal data yields to 50% or more of the annual revenue.

The General Data Protection Regulation (GDPR) that took effect May 25, 2018 has inspired law makes to look into new ways to protect the consumer. 

The California Consumer Privacy Act (CCPA)  legislation passed in 2018 and will take effect in the State of California on January 1, 2020. 

This new law will give California residents the right to:

  • Access their personal information that was collected
  • Request that their personal data be deleted from the company’s database
  • Opt-out of the sales or transfer of their personal information to third parties
  • To be treated the same as others who allow the company to use their data 

How similar is CCPA to GDPR?

While CCPA is similar to GDPR, they have their differences. The chart below shows some of the similarities.

GDPR (General Data Protection Regulation) is a bill designed to protect and control the usage of the personal data of European (EU) citizens in and outside Europe. The legislation applies to all companies who collect, store and process any data belonging to EU citizens. This law affects companies regardless of where they are located in the world. If you’re dealing with EU citizens, you need to comply with GDPR. 

CCPA (California Consumer Privacy Act) is an online privacy act that closely mirrors the GDPR, but it was made for  residents of California.

 The bill was signed into law in June 2018 and will go into effect in January 2020. Similar to the GDPR, the CCPA allows any California consumer to request any data that U.S company has collected from them. It also allows them to request the deletion of that data, and failure to comply with those requests can result in fines. 

At a recent Press Conference, California Attorney General Xavier Becerra said that the CCPA is “groundbreaking protection for consumers, it gives them the ability to control the use of their personal data and once again we’re first in the nation to do something like the CCPA act.”

Will other states enact similar laws?

Why does California’s new law matter to everyone else? It’s part of a global trend that pushes companies to have greater accountability and to respect their consumer data.

Consumers around the globe gravitate towards companies that respect their privacy. These laws not only allow customers to view the data that is collected on them, they will also be able to request that data from those companies without any issues. 

Nevada recently passed an online privacy amendment, meanwhile proposals in Washington DC and in New York seem to be gaining attention. However some states are slow to enact strict privacy laws. A bill similar to CCPA failed to pass in Texas and Washington. 

Privacy laws can help your business

As consumers trust in large corporations continue to decrease, it’s important that businesses take steps to become compliant. When a company takes GDPR and CCPA seriously, it makes them seem trustworthy to customers which is a huge big benefit for them. Reducing risks also lowers the risk of fines that can affect a company’s profit margin. More companies are working on become compliant through HIPAA and a HITRUST certification.

Start preparing early

“While this law just covers California currently, large companies will soon have to offer similar rights to Americans,” said Alastair Mactaggart, the chief advocate of the CCPA.

While some larger companies have addressed both GDPR and CCPA, mid-market and smaller companies also need to take action. So what needs to be done?

Create data profiles – your company should know where your customer’s data is located and who has access to it. 

Review your company’s data-governance – If your company collects consumer data in any way, you should evaluate your collection practices. For example, retail companies with loyalty programs will need to adapt data tools that allow them to comply with privacy laws. 

Assess your privacy controls – Update processes and software, install patches and look for gaps in meeting CCPA requirements.

Set up a CCPA management team – This team can handle regulations and the implementation of CCPA. Your best defense is to hire a Data Protection Officer. 

Accorian can help you

The security experts at Accorian can help you understand CCPA and help you scope, identify gaps, assist with remediation and conduct a final assessment. 

Whether it’s GDPR, HIPAA or HITRUST, our security experts can help you prepare for impending consumer privacy laws.

 Contact us today to get started.

    Ready to Start?

      Download Case study

        Download Guide

        Human Resources Director

        Posted On: 09 May, 2022

        Drop your CVs to

          Interested Position

          First Name

          Last Name


          Total Experience

          Mobile Number

          Upload Resume