Verifying the Wu et al. Deepfake Analyst Study One Year On#

DARPA MediFor and SemaFor status#

MediFor (Media Forensics) is correctly characterized as a DARPA research program, but the attribution of founding leadership should be flagged. The program ran from 2016 through roughly 2020 and was founded by Dr. David Doermann (2014-2018) before being inherited by Matt Turek, who joined DARPA in July 2018. Papers commonly credit Turek as MediFor’s PM; the more precise phrasing is that he managed it in its latter half. SemaFor (Semantic Forensics) was created by Turek, later led by Dr. Wil Corvey, and concluded in September 2024, roughly six months before the CHI paper appeared. A Cooperative R&D Agreement was announced in March 2025 transitioning the analytic catalog and the AI FORCE challenge to the Digital Safety Research Institute (DSRI) at UL Research Institutes, with ongoing transition partners spanning the DoD, Intelligence Community, federal law enforcement, HHS, and the State Department’s Global Engagement Center (https://www.darpa.mil/news/2025/furthering-deepfake-defenses).

Two technical specifics in the paper warrant correction. First, the SemaFor Technical Area structure in the DARPA Broad Agency Announcement does not split TA1=detection, TA2=attribution, TA3=characterization, TA4=integration as commonly summarized. The BAA defines TA1 as the development of algorithms for detection, attribution, and characterization together; TA2 as fusion/system architecture; TA3 as evaluation and curation; and TA4 as challenge problems and threat models. Verified performers include Kitware, Purdue, SRI International, UC Berkeley as TA1 leads, with Google, NVIDIA, NYU, PAR Government Systems, and AFS in supporting roles — confirming the paper’s naming of Kitware, PAR Government, and SRI. Second, the “5-point score scale” claim could not be confirmed in DARPA public materials; the program’s documented output is a continuous integrity score. The 5-point scale may reflect a specific performer UI choice rather than a program-level specification.

Commercial detection tools — existence and status#

Four of the five commercial tools named in the paper remain operational, but the landscape has changed materially. Reality Defender (realitydefender.com) is active and was recognized by Gartner in December 2025 as “the company to beat in deepfake detection”; it has raised approximately $52 million across a Series A that expanded to$33 million in October 2024 (led by Illuminate Financial, with participation from Booz Allen Ventures, IBM Ventures, and Accenture) and an additional tranche in April 2025 that added BNY, Samsung NEXT, and Fusion Fund. In November 2025 the company launched “Real Suite,” a consolidated product family including RealScan, RealAPI, RealCall (real-time voice), and RealMeeting (Zoom and Teams plugins). Sensity AI (sensity.ai), the Amsterdam-based successor to Deeptrace, remains active with a forensic/judicial positioning. DuckDuckGoose (duckduckgoose.ai) continues with Dutch House of Representatives, Netherlands Forensic Institute, and US DoD customers following its €1.3 million pre-seed. Deepware (deepware.ai) offers a scanner that is still online, though the company appears largely dormant, with no product updates since 2023 and conflicting corporate address records across Istanbul, Sarajevo, and Munich.

The most consequential change is TrueMedia.org, which shut down on January 13, 2025, three months before the paper’s CHI presentation. Founder Oren Etzioni cited the nonprofit’s operating cost and the fact that “disaster didn’t materialize” in the 2024 US election (https://www.truemedia.org/post/shutting-down-truemedia; https://www.geekwire.com/2025/truemedia-org-plans-to-shutter-and-open-source-its-ai-deepfake-detector-etzioni-hints-at-new-startup/). The organization open-sourced its detection technology, which now lives on as the Deepfake-Eval-2024 benchmark (arXiv:2503.02857) hosted in part at Georgetown University. Etzioni has since co-founded Vercept, hinting at a for-profit successor. Any reference to TrueMedia as an ongoing resource for analysts is outdated as of the paper’s publication.

C2PA and Content Credentials#

The paper’s description of the Coalition for Content Provenance and Authenticity is accurate in its essentials but needs updating for 2025-2026 developments. C2PA is a Joint Development Foundation project with Adobe, Arm, BBC, Intel, Microsoft, and Truepic as 2021 founders. The steering committee has grown through Sony (March 2022), Publicis Groupe (June 2023), Google (February 2024), OpenAI (May 2024), Meta (September 2024), and Amazon (September 2024). TikTok joined as a general member in May 2024 but is not on the steering committee. The current stable specification is v2.2, published May 1, 2025, which adds the Soft Binding Resolution API, multi-part asset support (Android Motion Photos), and improved time-stamp/revocation handling; v2.3 exists in draft (https://spec.c2pa.org/specifications/specifications/2.2/). The Content Authenticity Initiative (CAI) is correctly characterized as Adobe’s adoption-and-advocacy community, distinct from the technical standard but deeply integrated; CAI passed 5,000 members in mid-2025.

Camera adoption has moved beyond the single Leica M11-P example. Sony launched in-camera C2PA signing across the A1, A9 III, and A7S III via March 2024 firmware, and extended C2PA to video in October 2025 firmware 4.00 for the A9 III, A1 II, FX30, FX3, and PXW-Z300 — the first video-capable C2PA cameras under the v2 specification (https://www.dpreview.com/news/7020455528/). Nikon added C2PA to the Z6 III in August 2025 via the Nikon Authenticity Service but revoked all Z6 III certificates in September 2025 after a signing-infrastructure vulnerability was disclosed; the service remains suspended as of early 2026. Canon enabled C2PA on the EOS R1 and R5 Mark II in July 2025, though Canon USA ambiguously described the inclusion as “unintended” in a subsequent statement. Fujifilm has joined C2PA but has not yet shipped supporting firmware. Google’s Pixel 10 (September 2025) became the first consumer smartphone with native C2PA signing at Assurance Level 2 using hardware-backed Titan M2 keys.

Platform display of Content Credentials has progressed unevenly. LinkedIn deployed in May 2024 but was publicly embarrassed by Partnership on AI and Hacker Factor analyses showing post-dated “future” signatures and $230 certificate-forgery attacks. Meta’s “Made with AI” label was renamed “AI Info” on July 1, 2024 after photographer backlash, and now displays on more than 360 million posts. TikTok implemented C2PA reading in May 2024 and YouTube joined the steering committee and shipped verified-capture labels in October 2024. Indicator.media’s April 2025 audit of 516 posts found only 30% of AI content correctly labeled across major platforms, with many generators failing to emit C2PA metadata on their own outputs.

ICD 203, NIST, SWGDE, and referenced incidents#

Intelligence Community Directive 203 is correctly invoked. The current version dates to January 2, 2015 and establishes five overarching analytic standards (objective, independent, timely, based on all available sources, and implementing the tradecraft standards) plus nine tradecraft standards covering sourcing, uncertainty expression, alternative analysis, logical argumentation, and visual communication (https://www.dni.gov/files/documents/ICD/ICD-203.pdf). The paper’s framing of deepfake analysis as fitting under the “sourcing” and “uncertainty” tradecraft standards is apt.

The paper’s reference to NIST’s role is accurate; NIST’s Media Forensics Challenge ran 2017-2020 and continues as Open MFC. The paper’s citation of NIST AI 100-4 as July 2024 is slightly off: the final document “Reducing Risks Posed by Synthetic Content” was published November 20, 2024, with July 2024 marking the initial public draft. The NIST AI Safety Institute that released it was renamed the Center for AI Standards and Innovation (CAISI) on June 3, 2025 under Secretary Lutnick, with a mission reoriented toward national security and away from “safety.” SWGDE remains active and published a “SWGDE Overview: Artificial Intelligence Trends in Video Analysis” (document 20-V-001, 2021) that touches on deepfakes and GAN-generated faces. No newer SWGDE synthetic-media document was identified in 2024-2026.

Referenced incidents check out. The viral Pope Francis white puffer coat image was created by Pablo Xavier, a Chicago-area construction worker, on March 24, 2023 using Midjourney, though the specific “v5” version often quoted is not stated in the primary BuzzFeed interview (Midjourney v5 was released March 15, 2023, making it plausible but not confirmed). Metaphysic’s performance on America’s Got Talent 2022 is correctly characterized; the team of Chris Umé and Tom Graham advanced to the finals and finished fourth place on September 13, 2022. DeepFaceLab, however, was archived by its maintainer iperov on November 13, 2024, making the paper’s framing somewhat outdated; iperov’s active development has moved to DeepFaceLive for real-time face swap. All four cited research methods — Face X-ray (Li et al., CVPR 2020, blending-boundary detection), Grad-CAM (Selvaraju et al., ICCV 2017, gradient-based class activation mapping), FaceForensics++ (Rössler et al., ICCV 2019, four-method benchmark with DeepFakes, Face2Face, FaceSwap, and NeuralTextures), and Phoneme-Viseme Mismatch (Agarwal et al., CVPR Workshop 2020, bilabial mouth-shape mismatch detection) — are accurately characterized.

The generator-detector arms race in 2025-2026#

The year since publication has been defined by a generator capability leap that has meaningfully widened the gap detectors must close. OpenAI’s Sora 2 launched September 30, 2025 with synchronized audio, improved physics, and the Cameo identity-likeness feature. Google’s Veo 3 launched in May 2025 with native audio generation, Runway Gen-4 and Black Forest Labs Flux Pro shipped through 2025, and Kling AI 3.0 displaced several incumbents on public text-to-video leaderboards. Reality Defender publicly demonstrated that Sora 2’s own Cameo identity safeguards could be bypassed within 24 hours of release (https://www.realitydefender.com/insights/sora-2-identity-bypass), and Sensity and Pindrop both called 2025 a “second wave” of democratized generation.

Academic benchmarks reflect the same trend. Deepfake-Eval-2024 (arXiv:2503.02857), built from in-the-wild social media content collected by TrueMedia before its shutdown, found that state-of-the-art open-source detector AUC dropped by 45-50% relative to earlier academic benchmarks across video, audio, and image modalities. The GenD generalization benchmark (arXiv:2508.06248) tested detectors across 13-14 prior benchmarks spanning 2019-2025 and showed that only 0.03% of CLIP parameters (LayerNorm) need fine-tuning for competitive cross-domain AUROC, suggesting representation learning rather than bespoke architectures is the dominant driver. AIGVDBench (33 detectors against video from Sora, Veo, and peers) and OpenFake (GPT Image 1, Imagen 3, Flux.1.0-dev, Stable Diffusion 3.5) found similar generalization collapse. A July 2025 500,000-image wild evaluation found fewer than half of tested detectors exceeded AUC 0.60.

Commercial activity has intensified. GetReal Security (co-founded by Hany Farid) closed a $17.5 million Series A on March 26, 2025** led by Forgepoint Capital, with Ballistic Ventures, Cisco Investments, and In-Q-Tel participating, and named John Deere and Visa as clients. Pindrop's 2025 Voice Intelligence and Security Report documented a **1,300$2.4 million Defense Innovation Unit contract in December 2024 — the DoD’s first dedicated deepfake detection purchase. Hiya acquired Loccus.AI in July 2024 in voice-security consolidation, while Adaptive Security pulled in over $50 million with backing from OpenAI and a16z for deepfake-aware phishing simulation. Notably, no major social platform has adopted a third-party detector as its primary tool; platforms have instead shifted to user self-labeling combined with C2PA provenance reading.

Policy and regulation: a rapidly shifting landscape#

The most important development since publication is the TAKE IT DOWN Act, signed by President Trump on May 19, 2025 after 409-2 House passage. The law federally criminalizes non-consensual intimate imagery, including AI-generated deepfakes of identifiable persons, and requires covered platforms to establish notice-and-removal procedures within 48 hours of notification; full platform compliance is due by May 19, 2026. The first conviction under the Act was reported in April 2026 (an Ohio man generating NCII of adults and minors). The DEFIANCE Act (S. 1837) passed the Senate by unanimous consent on January 13, 2026 and creates a civil right of action with damages up to $250,000 per violation; it awaits House action. The NO FAKES Act (S. 1367 / H.R. 2794) was reintroduced in April 2025 but has not advanced, and the Protect Elections from Deceptive AI Act remains in committee. No federal watermarking mandate exists.

The US executive branch has moved in the opposite direction from the Biden-era framework. Biden’s EO 14110 was revoked on Trump’s first day of the second term, January 20, 2025, and replaced by EO 14179 “Removing Barriers to American Leadership in AI” on January 23, 2025. The resulting “Winning the Race: America’s AI Action Plan” released July 23, 2025 is largely deregulatory but contains a “Combat Synthetic Media in the Legal System” section that directs formalizing NIST’s “Guardians of Forensic Evidence” program into a guideline, directs DOJ comment on proposed Federal Rule of Evidence 901(c), and revises the NIST AI Risk Management Framework to strip references to misinformation, DEI, and climate. A December 11, 2025 EO established an AI Litigation Task Force to preempt state AI laws on Commerce Clause and First Amendment grounds and conditioned discretionary federal grants on state non-enforcement.

State law has been the primary battleground. California’s AB 2655 (election deepfake platform duties) was struck down on Section 230 preemption grounds on August 5, 2025, and AB 2839 was permanently enjoined on First Amendment grounds on September 2, 2025 by Judge John Mendez, whose opinion famously stated that the mandated disclaimer for satire “would kill the joke.” Tennessee’s ELVIS Act took effect July 1, 2024, adding voice to protected personal rights. By April 2026, 46-48 states had enacted some form of deepfake law, with 45 addressing sexually explicit content specifically — a sharp increase from 32 at the start of 2025. California Governor Newsom vetoed the broader SB 11 “Artificial Intelligence Abuse Act” in October 2025.

Internationally, the EU AI Act transparency obligations under Article 50 enter force August 2, 2026. A Code of Practice on AI-generated content had its first draft published December 17, 2025 and a second on March 5, 2026, with the final expected in June 2026; the draft explicitly acknowledges that “no single active marking technique suffices” and mandates a multi-layered approach combining C2PA metadata, interwoven watermarking, and detection tooling. China’s Measures for Labeling of AI-Generated Synthetic Content, accompanied by mandatory national standard GB 45438-2025, took effect September 1, 2025, requiring both explicit and implicit labels and a three-tier classification (confirmed / possible / suspected AI) on all public distribution platforms. The UK’s Data (Use and Access) Act 2025, Section 138 criminalizes the creation (not just sharing) of non-consensual intimate “purported images” effective February 6, 2026. South Korea’s September 2024 amendment raised maximum penalties for deepfake creation/distribution to seven years, and Australia’s Criminal Code Amendment (Deepfake Sexual Material) Act 2024 commenced September 3, 2024.

NSA, CISA, and FBI issued the “Contextualizing Deepfake Threats to Organizations” Cybersecurity Information Sheet on September 12, 2023 — note the title differs slightly from some informal references to “Contextual, Behavioral, and Provenance” although the document does organize countermeasures along those lines. The FBI has issued increasingly frequent PSAs, including the December 3, 2024 financial-fraud PSA, the May 15, 2025 senior-officials impersonation PSA, and the December 5, 2025 virtual-kidnapping PSA using AI-altered proof-of-life media.

Explainability research and LLM-assisted forensics#

Explainable deepfake detection experienced its most important year since the field began, driven primarily by multimodal large language models producing natural-language forensic explanations. M2F2-Det (Guo et al., CVPR 2025 Oral) combines CLIP with an LLM and introduces “Forgery Prompt Learning” with UF-prompts and LF-tokens, achieving state-of-the-art on both detection and explanation. SIDA (Huang et al., CVPR 2025) extends beyond face forgery to full social-media imagery with segmentation masks and natural language explanations. FakeShield (ICLR 2025) and ForgeryGPT (updated January 2025) use mask-aware forgery extractors feeding LLMs that produce multi-turn explanatory dialogue. RAIDX (ACM MM 2025) combines retrieval-augmented generation with GRPO reinforcement learning. VLForgery Face Triad at NeurIPS 2025 adds extrinsic knowledge chain-of-thought reasoning for diffusion-generated face attribution.

Benchmarks for these explanations have also matured. FakeBench (arXiv:2404.13306), DFBench (arXiv:2506.03007, 540,000 images from 12 generators), DeepfakeBench-MM (arXiv:2510.22622, first unified multimodal benchmark), and AV-FakeBench (arXiv:2511.21251, audio-video) now probe explanation faithfulness alongside raw detection. The TriDF benchmark (Jiang-Lin et al., December 2025) specifically measures explanation hallucination via CHAIR-style metrics and F0.5 composite scoring, directly addressing a failure mode identified in ACM IHMMSEC 2025’s “Can GPT tell us why these images are synthesized?” — namely, that LLMs confidently cite forensic artifacts that are not actually present.

Concept-based and prototype-based methods progressed more quietly. Pattern-CAV (ICLR 2025) improves the robustness of concept activation vectors. ProtoExplorer (2024) offers interactive prototype exploration for forensic investigators, and DPNet and ExplaNET extend the “This-Looks-Like-That” lineage to deepfake detection. Counterfactual explanations specifically for deepfakes remain thinly covered, with the ICME 2024 “Counterfactual Explanations for Face Forgery Detection via Adversarial Removal of Artifacts” as the main reference. Critiques of saliency maps — including Rudin’s foundational Nature Machine Intelligence argument, Adebayo et al.’s “Sanity Checks,” and a 2024 ophthalmology study concluding saliency maps are “not beneficial for interpretability and trust-building purposes in their current forms” — continue to validate the paper’s move beyond heatmaps.

Human-AI teaming for intelligence analysis has seen relevant work through IARPA REASON (PM Steven Rieber), which provides grammar-checker-style evidence and reasoning suggestions on analyst draft reports, and the continuing BETTER program for multilingual semantic extraction. DARPA SemaFor’s successor activities now run through DSRI’s AI FORCE challenges. The Wright group at RIT has published two direct follow-ups: the Sohrawardi/Wu/Wright chapter “Verification AI in the Newsroom” in the Springer PROMISE volume (2025) and Sohrawardi’s 2025 RIT dissertation “DeFaking Deepfakes: Designing and Evaluating AI-Powered Digital Media.”

Ontology approaches and adoption of the Wu et al. framework#

The Wu et al. Digital Media Forensics Ontology (why/where/what structure) has not yet accumulated significant downstream citations in indexed databases as of April 2026, but the broader ontology-for-forensics literature has grown. Silva, OliveiraJr, and Zorzo’s 2024 Forensic Science Review article “How Ontologies Have Supported Digital Forensics” and their 2025 FSI: Digital Investigation paper on controlled experimentation in digital forensics provide the main comparative framework; Sikos’s 2021 WIREs Forensic Science piece on ontology engineering for cybercrime investigations remains foundational. MITRE ATLAS v5.1.0 (November 2025) added a dedicated deepfake KYC liveness-bypass case study contributed by iProov, integrating synthetic-media threats into the adversarial-ML taxonomy. OWASP’s “Guide for Preparing and Responding to Deepfake Events” (October 2024) takes an incident-response-lifecycle approach rather than a capability-based ontology. NIST AI 100-4 organizes the space by technical approach (provenance, watermarking, detection, mitigation) rather than by analyst reasoning stage. No published work has yet meaningfully adopted the why/where/what decomposition, though it remains consistent with how DARPA SemaFor organized detection/attribution/characterization and how the EU’s draft Code of Practice structures marking, labelling, and deployment responsibilities.

Notable incidents shaping the field#

The year 2025-2026 was defined by quantitative explosion rather than a single landmark incident. NCMEC reports of AI-generated CSAM rose from 6,835 in calendar year 2024 to 440,419 in the first half of 2025 alone, per Thorn. Law enforcement responded with coordinated operations including Operation Cumberland (25 international arrests for AI-CSAM distribution), Operation Restore Justice (205 arrests, May 2025), Operation Enduring Justice (234 arrests, August 2025), and Operation Relentless Justice (293 arrests, December 2025).

Financial fraud has scaled in parallel. The FBI’s 2025 Internet Crime Report attributes at least $893 million to AI-enabled fraud, with business email compromise losses reaching$3.046 billion and roughly 40% now involving AI/deepfake components. Notable cases include a March 2025 Singapore multinational finance director losing $499,000 to a deepfake CFO video call, attempted credential theft via voice clone of Wiz CEO Assaf Rappaport, and impersonation phishing of YouTube CEO Neal Mohan. The Arup Hong Kong$25 million case from January 2024 remains the reference incident. Political operations — the Russia-linked Storm-1516 operating 102 fake German local news sites during the February 2025 Bundestag snap election, Chinese Taizi Flood/Spamouflage targeting Republican Congress members, and Iran’s Cotton Sandstorm running fake US local news sites — all integrated generative AI, though Microsoft’s Threat Analysis Center has consistently found that simpler “shallow” audio fakes have been more operationally successful than sophisticated video deepfakes. The Taylor Swift NCII deepfake incident remains the political catalyst for TAKE IT DOWN, and xAI’s Grok Imagine “Spicy Mode” (August 2025) created a notable enforcement gap by generating explicit content of Swift and Scarlett Johansson through one-to-one AI outputs that fall outside the Act’s platform-upload coverage.

Critical reflection#

The paper’s core thesis has aged very well. Its argument that detection tools must integrate with ICD 203 tradecraft standards — particularly proper expression of uncertainty, clear sourcing, and visual communication — is reinforced by every 2025-2026 development. The Deepfake-Eval-2024 benchmark’s 45-50% AUC collapse, the Reality Defender versus Sora 2 exercise, and the NIST CAISI transition all point to the same conclusion: raw classifier accuracy is neither sufficient nor, in many settings, measurable against the real-world distribution of manipulated media. An analyst workflow with calibrated uncertainty, visible provenance, and a common vocabulary across tools is the durable artifact, not any particular detector. The paper’s user-centered framing and its emphasis on chain-of-custody support now look prescient given the Federal Rule of Evidence 901(c) conversations the Trump AI Action Plan directs DOJ to engage with.

The Digital Media Forensics Ontology has not yet been taken up by other research groups at scale, but its why/where/what structure maps cleanly onto how other 2025-2026 efforts have organized themselves: SemaFor’s detection/attribution/characterization, the EU Code of Practice’s provider/deployer distinction, and MITRE ATLAS’s tactic/technique/mitigation layers all rhyme with the same decomposition. The ontology’s real test is whether it becomes the scaffold that lets independent tools interoperate in an analyst workbench — something that has not yet happened commercially. The absence of a shared ontology across Reality Defender, GetReal Security, Hive, Pindrop, Sensity, and the DSRI analytic catalog remains a practical gap, and the paper’s contribution is most valuable as a starting vocabulary rather than a finished standard.

The paper’s explainability-centric framing is where the most interesting tension has emerged. Two years of provenance infrastructure (C2PA v2.2, CAI’s 5,000 members, Pixel 10 hardware-backed signing, EU Article 50, China’s GB 45438-2025) have made provenance-based approaches increasingly tractable for the subset of content that passes through compliant generation and capture pipelines. But provenance cannot reach the long tail of screenshotted, re-encoded, diffusion-regenerated, or hostile-actor-produced media, and Indicator.media’s finding that platforms correctly label only 30% of AI content demonstrates that even compliant content often loses its credentials in transit. The arms race evidence from Sora 2, Deepfake-Eval-2024, and the November 2025 diffusion-based watermark-stripping papers (arXiv:2511.05598, arXiv:2511.10933) suggests the paper was right to prioritize explainability for the adversarial cases that provenance cannot cover — but also that the ideal analyst tool must integrate both. The paper slightly underweights how central provenance would become to policy by 2026; its gaps include no anticipation of the TrueMedia shutdown, the DARPA SemaFor sunset, the Trump administration’s rollback of federal AI governance, the MLLM-based natural-language explanation explosion (M2F2-Det, SIDA, FakeShield), or the CSAM reporting surge that has become one of the single most consequential drivers of deepfake policy. Nonetheless, the user-centered design approach the paper advances is now more clearly the right unit of analysis than it appeared a year ago, and the field’s center of gravity has shifted toward exactly the kind of integrated, tradecraft-aware, explanation-rich analyst tooling the paper prescribed.

Conclusion#

The Wu et al. CHI 2025 paper is substantially accurate on the claims it makes about analytic standards, research methods, and high-profile incidents, with a handful of factual drifts — DARPA SemaFor’s TA structure, MediFor’s founding PM, the NIST AI 100-4 publication date, DeepFaceLab’s maintenance status, and TrueMedia’s operational status — that any reader should update. Its user-centered framing has aged better than the specific tools it references, and its policy context has shifted substantially: the TAKE IT DOWN Act is the first federal deepfake statute, the EU AI Act’s Article 50 obligations land August 2026, China’s labeling regime is operational, and a 46-48 state patchwork now exists despite federal preemption pressure. Content provenance has emerged as the most politically tractable mitigation for the compliant fraction of AI content, while detection and explainability remain essential for the adversarial tail. The paper’s contribution — ontology-scaffolded, tradecraft-aware analyst tooling — is precisely the synthesis the field now needs, even if no single commercial or government effort has yet delivered it.

References and sources#

• DARPA SemaFor / MediFor: https://www.darpa.mil/research/programs/semantic-forensics; https://www.darpa.mil/news/2025/furthering-deepfake-defenses; https://www.darpa.mil/research/programs/media-forensics
• ICD 203: https://www.dni.gov/files/documents/ICD/ICD-203.pdf
• NIST AI 100-4: https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.100-4.pdf
• SWGDE: https://www.swgde.org/documents/published-complete-listing/20-v-001-swgde-overview-artificial-intelligence-trends-in-video-analysis/
• Reality Defender Series A expansion: https://www.prnewswire.com/news-releases/reality-defender-expands-series-a-to-33-million-to-enhance-ai-detection-capabilities-302283098.html; Real Suite: https://www.prnewswire.com/news-releases/reality-defender-unveils-real-suite-enterprise-ready-deepfake-detection-for-day-one-defense-302619245.html; Sora 2 bypass: https://www.realitydefender.com/insights/sora-2-identity-bypass
• TrueMedia shutdown: https://www.truemedia.org/post/shutting-down-truemedia; https://www.geekwire.com/2025/truemedia-org-plans-to-shutter-and-open-source-its-ai-deepfake-detector-etzioni-hints-at-new-startup/
• GetReal Security Series A: https://techcrunch.com/2025/03/26/has-getreal-cracked-the-code-on-ai-deepfakes-18m-and-an-impressive-client-list-says-yes/
• Pindrop 2025 Report: https://www.prnewswire.com/news-releases/pindrops-2025-voice-intelligence—security-report-reveals-1-300-surge-in-deepfake-fraud-302479482.html
• Hive DoD contract: https://www.technologyreview.com/2024/12/05/1107961/the-us-department-of-defense-is-investing-in-deepfake-detection/
• C2PA organization and specifications: https://c2pa.org/; https://spec.c2pa.org/specifications/specifications/2.2/
• Leica M11-P: https://contentauthenticity.org/blog/leica-launches-worlds-first-camera-with-content-credentials
• Sony video C2PA: https://www.dpreview.com/news/7020455528/sony-s-video-content-credentials-are-finally-here-on-cameras-you-will-recognize
• Nikon Authenticity Service: https://www.nikonusa.com/content/nikon-authenticity-service
• LinkedIn rollout: https://news.linkedin.com/2024/May/linkedin-rolls-out-c2pa-ai-generated-content-standard; critique: https://www.hackerfactor.com/blog/index.php?/archives/1034-Problems-with-C2PA-and-LinkedIn.html
• Meta AI Info: https://techcrunch.com/2024/07/01/meta-changes-its-label-from-made-with-ai-to-ai-info-to-indicate-use-of-ai-in-photos/
• TikTok C2PA: https://newsroom.tiktok.com/en-us/partnering-with-our-industry-to-advance-ai-transparency-and-literacy
• YouTube disclosures: https://blog.youtube/news-and-events/disclosing-ai-generated-content/
• Indicator.media audit: https://indicator.media/p/tech-platforms-fail-to-label-ai-content-c2pa-metadata
• Google SynthID: https://deepmind.google/models/synthid/
• EU AI Act Article 50: https://ai-act-service-desk.ec.europa.eu/en/ai-act/article-50; Code of Practice: https://digital-strategy.ec.europa.eu/en/policies/code-practice-ai-generated-content
• China labeling measures: https://www.cac.gov.cn/2025-03/14/c_1743654684782215.htm; https://www.insideprivacy.com/international/china/china-releases-new-labeling-requirements-for-ai-generated-content/
• TAKE IT DOWN Act: https://www.congress.gov/bill/119th-congress/senate-bill/146; https://www.whitehouse.gov/presidential-actions/2025/05/president-donald-j-trump-signed-s-146-into-law/
• DEFIANCE Act: https://www.congress.gov/bill/119th-congress/senate-bill/1837/text
• NO FAKES Act: https://www.congress.gov/bill/119th-congress/senate-bill/1367
• Trump EO 14179: https://www.whitehouse.gov/presidential-actions/2025/01/removing-barriers-to-american-leadership-in-artificial-intelligence/
• America’s AI Action Plan: https://www.whitehouse.gov/wp-content/uploads/2025/07/Americas-AI-Action-Plan.pdf
• CAISI announcement: https://www.commerce.gov/news/press-releases/2025/06/statement-us-secretary-commerce-howard-lutnick-transforming-us-ai
• California Kohls v. Bonta: https://globalfreedomofexpression.columbia.edu/cases/christopher-kohls-v-bonta/
• Tennessee ELVIS Act: https://www.tn.gov/governor/news/2024/3/21/photos—gov—lee-signs-elvis-act-into-law.html
• UK Data (Use and Access) Act 2025 §138: https://www.olliers.com/news/new-law-criminalises-deepfake-creation/
• NSA/CISA/FBI advisory: https://www.cisa.gov/news-events/alerts/2023/09/12/nsa-fbi-and-cisa-release-cybersecurity-information-sheet-deepfake-threats
• FBI PSAs: https://www.ic3.gov/PSA/2025/PSA250515; https://www.ic3.gov/PSA/2025/PSA251205
• Deepfake-Eval-2024: https://arxiv.org/abs/2503.02857; GenD: https://arxiv.org/abs/2508.06248; OpenFake: https://arxiv.org/abs/2509.09495
• M2F2-Det (CVPR 2025): https://openaccess.thecvf.com/content/CVPR2025/papers/Guo_Rethinking_Vision-Language_Model_in_Face_Forensics_Multi-Modal_Interpretable_Forged_Face_CVPR_2025_paper.pdf
• SIDA (CVPR 2025): https://openaccess.thecvf.com/content/CVPR2025/papers/Huang_SIDA_Social_Media_Image_Deepfake_Detection_Localization_and_Explanation_with_CVPR_2025_paper.pdf
• FakeShield (ICLR 2025): https://openreview.net/forum?id=pAQzEY7M03
• ForgeryGPT: https://arxiv.org/abs/2410.10238
• RAIDX: https://arxiv.org/pdf/2508.04524
• Thorn/NCMEC CSAM numbers: https://www.thorn.org/blog/the-enforce-act-critical-updates-to-federal-law-for-addressing-ai-generated-csam-offenses/
• NewsGuard German elections tracker: https://www.newsguardtech.com/special-reports/german-elections-misinformation-tracking-center/
• IARPA REASON: https://www.iarpa.gov/research-programs/reason
• CJR Tow Center practitioner review: https://www.cjr.org/tow_center/what-journalists-should-know-about-deepfake-detection-technology-in-2025-a-non-technical-guide.php
• Hany Farid PNAS Nexus July 2025: https://academic.oup.com/pnasnexus/article/4/7/pgaf194/8209913
• Wu et al. CHI 2025: https://dl.acm.org/doi/10.1145/3706598.3713711; Sohrawardi et al. CHI 2024: https://dl.acm.org/doi/fullHtml/10.1145/3613904.3641973; Sohrawardi 2025 dissertation: https://repository.rit.edu/theses/12387/; Springer chapter: https://link.springer.com/chapter/10.1007/978-3-031-89853-2_10