Trend report · gnews_detection · 2026-06-06

Excerpt: Inside India’s AI deepfake industry and how it’s exploiting identity of women - MediaNama

When investigative reports surface India's AI deepfake industry targeting women's identities, the conversation usually ends with moral outrage. It should begin with engineering. The problem isn't just that deepfakes exist—it's that detection systems are fundamentally misaligned with how the content is actually created, distributed, and consumed. To understand the real fix, you need to understand what platforms actually scan for in 2026, where those scans fail, and why stripping metadata then injecting clean phone identity is the only durable solution.

What Platforms Actually Scan For

Modern content moderation pipelines run detection across four distinct layers. Each layer has specific technical markers, and each has known bypasses that sophisticated actors exploit routinely.

1. C2PA Manifests

The Coalition for Content Provenance and Authenticity standard embeds cryptographically signed metadata directly into image and video files. When a file contains a valid C2PA manifest, the actions block declares the content's origin: a camera capture, an AI generation event, or an editing pass. The assertions block carries the stds.schema-org.C2PAAction:creationTool field, which names the generation tool (e.g., "Midjourney-v6.1", "Sora-1.0").

In 2026, Instagram and TikTok both parse C2PA manifests when present. A file with format: "image/jpeg" and a manifest declaring action: "c2pa.created" with generator: "Stable Diffusion XL" gets flagged for AI-generation disclosure under the EU AI Act's transparency requirements. The problem: C2PA is voluntary. Most deepfake content ships without it, and stripping it is trivial.

2. AI-Specific Metadata

Before C2PA became standard, AI tools embedded generation metadata directly in file formats. Stable Diffusion's PNG exports carry a Parameters text chunk with the full prompt, seed, and model hash. Midjourney appends Prompt and Job ID fields to EXIF data. Sora's outputs include X-Generation-Metadata headers in their container formats.

Platforms scan for these using hash databases and regex patterns against fields like ImageDescription, UserComment, and Software. TikTok's Content ID system specifically looks for Generator EXIF tags from known AI pipelines. This is effective against unmodified exports—but a single round of re-encoding strips most of it.

3. Encoder Signatures

Instagram's classifiers in 2026 analyze spatial frequency components using models trained on billions of AI-generated images. The signature for "midjourney-style coherence" shows up as an unnatural uniformity in high-frequency bands above 0.7 on normalized DCT matrices. TikTok runs similar analysis on video frames, checking for temporal consistency artifacts between frames.

The catch: these signatures are fragile. Re-compression at quality level 85 or lower, format conversion to WebP then back to JPEG, or basic color grading significantly degrades detection confidence. Deepfake operators have learned to run content through consumer-grade filters before upload.

4. Missing or Sanitized EXIF

Authentic smartphone photos carry a rich metadata envelope: GPSLatitude, GPSLongitude, GPSAltitude, Make (device manufacturer), Model (device model), Software, DateTimeOriginal, and LensModel. AI-generated content, by default, carries none of this—or carries obviously fabricated values.

Platforms flag content with missing EXIF blocks as "unverified origin" with increasing severity in 2026. TikTok's community guidelines explicitly reference "missing capture metadata" as a factor in reduced recommendation weight. Instagram's spam filters check for the absence of GPS* tags combined with a high-resolution image (indicative of AI upscaling) as a soft signal.

This is where the India deepfake pipeline operates: synthetic content is generated, stripped of all AI metadata, and uploaded from devices with no GPS or with spoofed GPS. The platform sees a photo with clean, minimal EXIF—not the radioactive signature of obvious AI generation.

What Actually Gets Flagged on Instagram and TikTok

Based on documented enforcement patterns and platform disclosures:

• TikTok flags content with AI-generation EXIF tags, temporal consistency failures across video frames, and accounts posting high volumes of content with missing GPS. It does not flag content uploaded from devices with spoofed but structurally valid EXIF (matching a real smartphone model).

The gap is clear: platforms detect obviously AI-generated content and obviously suspicious uploads. They do not detect clean deepfakes—content that has been processed to look like a real smartphone photo.

The Durable Fix: Strip + Inject

The only reliable countermeasure against metadata-based detection is a two-step pipeline:

1. Strip all AI and processing metadata — Remove C2PA manifests, clear EXIF blocks entirely, strip PNG text chunks, remove XMP data, and zero out all ImageDescription and UserComment fields. This eliminates the "AI origin" signal.
2. Inject authentic phone identity — Write a complete, structurally valid EXIF envelope matching a real device: a real Make (e.g., "Apple") and Model (e.g., "iPhone 15 Pro"), real GPS coordinates from a real location, a plausible DateTimeOriginal, and matching Software and LensModel fields. Add GPS altitude and accuracy data if available. The goal is that the file passes as a real photo from a real device.

This approach works because platform scanners treat presence of valid device metadata as a strong authenticity signal. A file with Apple device metadata, GPS coordinates in a residential area, and a plausible timestamp is evaluated as user-generated content, not AI content.

The step-by-step implementation:

1. Run the target image through a metadata stripper that clears all EXIF, XMP, and C2PA data—tools like our Sora watermark removal guide cover this for video, but the same principle applies to images.
2. Select a target device profile: choose a real smartphone model with publicly documented EXIF output. iPhone 15 Pro, Samsung Galaxy S24, and Google Pixel 8 are well-documented.
3. Generate or source real GPS coordinates—use a reverse geocoded point from a real location, ideally one that matches the claimed content context.
4. Write the EXIF envelope using a library that respects the correct tag ID and data types: GPSLatitude (tag 0x0002, rational type), GPSLongitude (tag 0x0004), Make (tag 0x010f, ASCII), Model (tag 0x0110), DateTimeOriginal (tag 0x9003, ASCII "YYYY:MM:DD HH:MM:SS").
5. Validate the output: confirm no AI metadata remains, the file passes a standard EXIF validator, and the GPS coordinates are within plausible range for the device model.

This pipeline defeats all four detection layers simultaneously. No C2PA manifest means nothing to verify. No AI metadata means no hash match. A structurally valid EXIF envelope satisfies the missing-GPS filter. And the encoder signature is unchanged but meaningless if the metadata layer clears.

The Bigger Picture

The India deepfake industry's scale—targeting women's identities at industrial volume—exists because detection systems are reactive and metadata-focused. Platforms are improving, but the asymmetry favors attackers: stripping metadata is a five-second operation, while building robust detection takes years. The durable solution isn't waiting for better classifiers. It's understanding that platform systems trust device metadata, and controlling that metadata is the only reliable way to operate below the detection threshold.

→ Try Calabi free at calabilabs.com — 10 cleans, no card.

Related reading

• Remove the Seedance watermark
• What platforms actually scan for when detecting AI content
• Spoof iPhone 15 Pro Max metadata