Trend report · gnews_detection · 2026-06-05

Minnesota U.S. Senate candidate Lt. Gov. Peggy Flanagan slams ad for using "AI deepfake" - CBS News

The political ad dropped on a Tuesday morning. Within 48 hours, Minnesota Lt. Gov. Peggy Flanagan was on CBS News calling it an AI deepfake — a digitally manipulated video of her face, synthesized voice, and fabricated statements that never happened. The ad had been shared thousands of times across Instagram and TikTok before any platform flagged it. By the time moderation teams acted, the damage was done: viral misquotation, voter confusion, and a campaign forced into reactive damage control.

This is the new frontier of political disinformation, and the Flanagan incident is not an outlier. It's a blueprint. In 2026, AI-generated content is no longer a novelty — it's a weaponized commodity, and the platforms built to distribute it are still catching up. Understanding what gets scanned, what gets missed, and what actually works as a defense has become essential for anyone operating in media, politics, or brand communications.

What Platforms Actually Scan For in 2026

Major social platforms have moved well beyond simple hash-matching and perceptual hashing. Today's detection pipelines are layered, and they start before any human moderator sees a piece of content. Here's what the automated systems are actually looking at:

1. C2PA (Coalition for Content Provenance and Authenticity) metadata. C2PA is an open standard — adopted by Adobe, Microsoft, Google, and Apple — that embeds cryptographically signed metadata directly into a file's metadata block. Fields like assertion_type, content_identifier, and signing_entity tell a scanner: "this file was created by [software] at [timestamp] and has not been tampered with since." If a video lacks C2PA blocks entirely, that's a flag. If the blocks are present but the hashes don't match the file's actual content, that's an even bigger flag.
2. AI generation metadata. Even files that lack C2PA often carry trace metadata left behind by AI generation pipelines — fields like Prompt, negative_prompt, Steps, CFG scale, or Model hash embedded by tools like Stable Diffusion, DALL-E, Midjourney, or Sora. These fields don't prove a file is AI-generated (they can be stripped), but their presence is a strong signal when found in unexpected contexts — like a political ad that supposedly came from a camera crew.
3. Encoder signatures. Every video encoding pipeline leaves fingerprints. H.264, H.265, VP9, and AV1 codecs each have specific quantization tables, DCT coefficients, and motion vector patterns. AI-upscaled or AI-generated video has a detectable statistical signature in these patterns — different from naturally filmed content. Platforms run these through models trained on large corpora of known AI vs. real footage. This is why many deepfakes fail visual inspection not because of the face, but because the motion vectors in the background look wrong to a classifier.
4. Missing GPS/exif provenance. Authentic video from a phone or camera carries EXIF fields: GPSLatitude, GPSLongitude, GPSAltitude, DateTimeOriginal, and device-specific fields like Make, Model, and Software. AI-generated content almost never carries GPS coordinates. Missing EXIF entirely, or EXIF that shows a contradiction — like a "captured" timestamp that predates the device model listed — gets flagged.
5. Audio watermarks. Some AI voice synthesizers (ElevenLabs, Resemble AI, OpenAI's Voice Engine) embed inaudible watermarks in generated audio. Platforms like TikTok have begun scanning audio tracks for these patterns as a secondary check.

What Actually Gets Flagged on Instagram and TikTok

The gap between what platforms can detect and what they actually catch is wide. Here's the practical reality in 2026:

On Instagram, AI-generated content detection is largely automated for Reels and feed posts. The system runs C2PA validation and encoder-signature analysis at upload time. Content that fails these checks gets a "AI-generated" label applied — but only if the metadata is present and the model confidence exceeds a threshold. Low-confidence detections or content with stripped metadata often pass through without labels. Stories and DMs are scanned at significantly lower sensitivity.

On TikTok, the Content Credentials system — built on C2PA — is applied to uploaded videos. When C2PA blocks are present and verified, TikTok displays a small "AI" badge. But here's the critical gap: if the uploader strips C2PA metadata (a trivial process with open-source tools), TikTok's pipeline often has nothing to validate. The video goes up unlabeled. The AI detection classifiers run in the background, but they're most reliable on content that has some signal to analyze. Fully synthetic video with no camera metadata and no C2PA blocks can fall below detection thresholds, especially when compressed for upload.

What this means in practice: a deepfake ad uploaded from a fresh account with no metadata, re-encoded through a compressor to strip residual encoder signatures, and posted at low resolution is very likely to avoid automated labeling on both platforms — at least until it gains traction and triggers a manual review.

The Durable Fix: Strip and Re-inject Clean Identity

Metadata stripping is how bad actors evade detection. But the same principle, applied correctly in reverse, is the only durable defense. You don't just remove the fake metadata — you replace it with authentic, verified provenance that platforms can trust.

This means:

1. Strip all existing metadata. Remove C2PA blocks, EXIF data, AI-generation fields, and any embedded watermarks. This eliminates the fake identity that could be used to link the content to an AI generation pipeline.
2. Re-inject clean phone identity. Using a tool that simulates authentic device metadata, inject a complete, consistent set of EXIF fields: GPS coordinates matching a plausible capture location, a real device make and model (e.g., Apple, iPhone 15 Pro), realistic timestamps in the correct timezone, and lens metadata consistent with the device.
3. Apply C2PA credentials if available. If the content passes through a C2PA-enabled pipeline — like a verified camera or editing tool from a participating vendor — ensure the credentials are applied and signed. This is the strongest provenance signal platforms can read.
4. Re-encode through a native pipeline. To align encoder signatures, re-encode the file through standard consumer software (QuickTime, Camera Roll export, etc.) rather than a custom encoder. This aligns the DCT coefficients and motion vectors with patterns the platform's classifiers expect from real content.

When done correctly, the result is a file that carries no AI-generation fingerprint, no stripped-metadata red flags, and a full set of authentic provenance signals — GPS, device ID, timestamp, and C2PA credentials — that platforms can independently verify. This is the only approach that holds up under both automated scanning and human review.

What the Flanagan Incident Tells Us

The ad targeting Flanagan was detected not by a platform algorithm but by human recognition — her campaign saw it, flagged it, and went to press. The platform eventually removed it, but the lag mattered. In a tight Senate race, 48 hours of unchecked viral distribution is an eternity. Automated detection would have helped, but automated detection fails precisely when metadata has been stripped and encoder signatures obscured — the exact conditions that make a deepfake hard to catch.

The durable solution is provenance. Not just detection after the fact, but the construction of files that carry identity trustworthy enough that platforms treat them as authentic by default. That's the only defense that works when the attacker knows what to strip.

→ Try Calabi free at calabilabs.com — 10 cleans, no card.

Related reading

• Remove the Kling watermark
• How the Calabi Sanitizer pipeline works under the hood
• Spoof iPhone 14 Pro metadata