Lessons for AI Regulation in Rashmika Mandanna Deepfake Incident

Artificial Intelligence is hailed as one of the greatest developments in technology in our era after the invention of Internet and WWW. But the recent incidents of use of AI for creating viruses, sending phishing messages, Voice Cloning and now Deep fake video raise an alarm which opens up a debate on how reliable is Internet in general.

If Rashmika Mandanna video can be deep faked, it is also possible for deep fake of Narendra Modi by the unscrupulous opposition to create false narrative and alter the course of an election. It will be naive to assume that such an attempt is not already in place in the labs of the opposition.

If we recall the growth of Internet as an information superhighway, we can note that the history of Internet , suggests that Internet was officially born on January 1, 1983 when the TCP/IP protocol was officially adopted by ARPANET and expanded into the WWW network and became a global information exchange system on 30th April 1993 when the European Organization for Nuclear Research (CERN) placed it in public domain.

Since then, the Internet has been adopted by the world as a way of life.

When Internet was adopted for E Commerce the need for identity of internet actors became paramount. In this phase of development, “Trust” was the key for Internet activity. Digital Signatures and KYC are products of this phase.

This phase of growth of “Identified human beings acting on the Internet” converted the Netizen population to a Netizen-Citizen population with every netizen identifying himself as a citizen of a sovereign country. This gave birth to the concept of Cyber Space being recognized as an aggregation of Cyber Spaces belonging to the individual sovereign states with separate Cyber Laws.

In the meantime, Social Media became a society of its own with a direct user to user interaction and purveying news across the globe. Social Media was a mix of self declared identified activities in physical space and “Pseudonymous” internet activity. In this phase the Cyber Crimes grew as criminals used the pseudonymous nature of Social Media to commit crimes on identified users of the Internet.

As Internet took this journey of Anonymity to Identity and reverted back to Pseudonymity and a mix of population on the Internet with Citizens, Netizens working along together, came into existence, the need for a new set of Cyber Laws in the “Privacy” area emerged.

This is the era in which we now live in at the end of 2023. Now a new era of Artificial Intelligence (AI) is coming up which is set to re-write the nature of information on the Internet.

AI as a technology has its inherent “Bias” created out of the learning data used for the development which renders every AI algorithm as a creature with a specific cultural background in which the AI was developed. For example, an AI algorithm developed out of data in US will reflect the US culture while AI algorithm developed in Gaza will carry the Gaza culture and an AI algorithm developed in India will carry the Indian culture. Just as the “Upbringing” of an individual in a family and society has profound influence on the character of an individual, AI will develop a character which reflects the learning environment.

This can be considered as “Bias” when the algorithm is used in a jurisdiction outside the place from which the learning data was sourced. But this is nothing different from a Japanese or a Chinese having a different perspective on life from an Indian Hindu or a Taliban Muslim. It is part of the development process of the AI.

In other words, we need to recognize that AI which in the coming days express through humanoid robots will reflect the culture of the society in which the AI was developed. Hence a “Sophia” may have a western culture while a “Laxmi” may have an Indian culture.

An incident was reported recently that when a Chat GPT version of the Microsoft was posed a question in India to create a poem, it created a poem which could be considered as derogatory of the Indian women highlighting the inherent bias of the algorithm. It is probable that the poem might not be considered derogatory in the US society where the algorithm was developed.

This recognition of the “Cultural Bias” in the AI algorithms is a significant factor to be taken into consideration by countries like India when they form their AI regulations by providing a “Culture Tag” to the AI.

One of the unusual problems that AI has brought in to the society is the development of fake news and the problem of Voice cloning and Deep fake Video.

These problems are set to grow in the future and the recent incident of a deep fake involving an actress Rashmika Mandanna is a serious issue to take note. While we can appreciate deepfake being used to re-create a Kannada actor Rajkumar or a Tamil actor MGR and bring them back into the film world, use of deep fake to present a false identity of a living person in the manner it was used in the case of Rashmika Mandanna is criminally defamatory.

Government of India has to now show that the Indian Cyber Law in the form of “Information Technology Act 2000 (ITA 2000)” has the necessary teeth to punish those who created the deep fake video of Rashmi Mandanna.

Under the law, Creation of Deepfake video is an offence under Section 66 of ITA 2000 and could be defamatory under Section 499/500 of IPC. It is also an unauthorized act of the data fiduciary under DPDPA 2023. Additionally the “Unauthorized modification” is a contravention under section 43 of ITA 2000 which provides for compensation which can be invoked against the Intermediaries for their negligence under sections 79 and 85 of the ITA 2000.

There is no need to seek the new Digital India Act to consider a modified video as an offence under ITA 2000 nor wait for the formation of DPB under DPDPA 2023. Action can be taken now if the Government has the will to do so.

Despite the noises being made, and the law enabling stringent punishment being available, we cannot be sure if the Government will really take action against the Rashmi Mandanna deepfake case.

I have a specific experience of bringing a Cyber Terrorism incident to the attention of the Meity and CERT-In with no action being taken. The proverbial Kid-glove approach to Cyber Crimes is one of the reasons why Cyber Criminals have got emboldened in India.

Let us see if the Government has learnt its lessons that for rooting out Cyber Crimes, a strong will is required by the Government besides the law.

In this incident, Government should put an inter-state investigation team to identify where the deepfake originated and charge all persons involved in the crime starting from the software person who created the deepfake, to the companies involved in production, distribution and display of the video charge. The software developer may be called upon publicly to be an approver so that he can be granted remission while the other parties involved my be suitably punished.

If the Government has a reward system to recognize whistleblowing in such instances, perhaps more such instances could be brought to light.

I would like to warn MHA that if they donot put down the perpetrator of Rashmi Mandanna deep fake video creation team with iron hand, treating it as an “Attempt” corrupt the the social media and a national security threat, we should be ready to see the fake videos of Mr Modi during the election campaign stating things which could sway the voters against him.

At the same time, Naavi.org invites any person having knowledge of when, where and how the Rashmika Mandanna deepfake was created to share the information with or without revealing their identity to the undersigned. Naavi.org would be happy to recognize such person with a special award for the same in a public event. Any information for this purpose may be shared before 15th November 2023.


About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.