Calabi · Labs Try free →

Trend report · gnews_detection · 2026-06-02

Naga Chaitanya pornographic deepfake content: Delhi HC orders to remove within 24 hours - Moneycontrol.com

Naga Chaitanya pornographic deepfake content: Delhi HC orders to remove within 24 hours - Moneycontrol.com

The Deepfake Crisis Just Got a Court Order — And Platforms Are Watching Closer Than Ever

When the Delhi High Court ordered the removal of fabricated intimate imagery allegedly depicting actor Naga Chaitanya within 24 hours, it sent a clear signal: deepfake distribution is no longer a legal gray zone. It's a enforcement priority. But the harder question — the one platforms and forensic teams grapple with daily — is not whether to act, but how to detect what they can't see with the naked eye.

In 2026, AI-generated content doesn't announce itself. It looks real, feels real, and often passes initial human review. The detection battle has moved entirely into the metadata layer, the compression pipeline, and the provenance chain. Here's what that means in practice.

What Platforms Actually Scan in 2026

When a file hits Instagram or TikTok's upload pipeline, it doesn't get evaluated on vibes. It gets evaluated on signatures, and there are now four distinct layers that modern detection pipelines inspect before a piece of content ever reaches a human moderator.

C2PA — Content Provenance You Can Trust (If It's There)

The Coalition for Content Provenance and Authenticity standardized C2PA 2.1 in late 2025. It embeds a cryptographically signed manifest directly into the file — specifically in a c2pa box within HEIF/AVIF images or an c2pa atom in MOV/MP4 files. This manifest contains:

If a piece of content carries a C2PA manifest with an AI generation action and no subsequent authenticity edits, it flags on TikTok's AI-Generated Content (AIGC) policy immediately. Instagram's AI-generated label system reads the gen_ai assertion under the c2pa.actions[].manifest tree.

The problem: C2PA is opt-in. A bad actor using a non-C2PA-aware tool — or one that strips manifests intentionally — will upload content with no provenance block at all. Absence of C2PA is not proof of authenticity; it's a gap that forensic pipelines have to account for.

AI Metadata Fingerprints

When Stable Diffusion, DALL-E 3, or Sora produce an image or video frame, they leave structural fingerprints in the compressed output. These aren't always visible, but they are pattern-significant:

Encoder Signatures — The Digital Fingerprint of Creation

Every video file passes through an encoder. The specific encoder settings — FFmpeg build flags, libx264 versus NVENC, the x264 profile and level values — leave a trace in the container's stsd (Sample Description) box in MP4, or the codec_name and pix_fmt fields in FFprobe output. Forensic analysts maintain a database called EncoderFprint-v4 that maps known AI generation pipelines to their output encoder configurations.

For example, a video generated by Runway Gen-3 running on an AWS g5 instance will produce H.264 output with cabac=1, ref=3, and a profile=High setting that slightly differs from iPhone native encoding in the preset parameter (AI tools typically use preset=medium or preset=slow due to compute budgets). These differences are subtle but consistent — and they trigger flagging on platforms that have integrated EncoderFprint scoring into their upload pipeline.

What's Actually Getting Flagged on Instagram and TikTok

In practice, Instagram's Integrity API v3 performs these checks in sequence during upload:

  1. Manifest scan: reads C2PA claim_generator. If digital_source_type = "algorithmic", applies an AIGC label automatically.
  2. EXIF audit: if GPSLatitude or Make/Model fields are missing on what should be a phone photo, the system flags a Missing Device Metadata (MDM) violation. TikTok calls this No-Device-Origin — it doesn't prove fakeness, but it triggers human review.
  3. Frequency analysis: a background service runs a fast Fourier transform on a downsampled version of the uploaded image. If the high-frequency noise floor is below a calibrated threshold for the claimed camera model, it escalates to Potential Synthetic Content (PSC).
  4. Thumbnail comparison: Instagram's perceptual hash (pHash) system compares the uploaded frame against a known-deepfake database updated hourly from academic and internal datasets. TikTok runs the same process through its Content Safety ML Pipeline.

On TikTok specifically, content flagged PSC gets a temporal consistency check: frame-to-frame pixel variance is analyzed across a 30-frame window. Real footage from a physical camera shows slight luminance variation consistent with rolling shutter and sensor noise. AI-generated video often shows unnaturally consistent luminance across frames — a sign that temporal modeling didn't add realistic noise layers.

The Durable Fix: Strip + Inject Clean Phone Identity

The core vulnerability in all these detection systems is that they rely on metadata as a proxy for authenticity. If you can strip the incriminating metadata and replace it with a clean, legitimate device identity, the detection pipeline loses its primary signal.

This is the approach that actually works for anyone who needs to share AI-generated content through mainstream platforms without triggering automated removal. The sequence is:

  1. Strip all C2PA manifests: use a tool that completely removes the c2pa atom from the container. For MP4 files, this means traversing the moov.trak.mdia.minf.stbl.stsd box and removing any c2pa sub-atoms. For HEIF, remove the c2pa box from the top-level item list.
  2. Strip EXIF wholesale: remove all TIFF/EXIF IFDs, GPS IFD, and maker notes. This eliminates the Make, Model, SerialNumber, and GPS fields entirely — which ironically is what triggers No-Device-Origin flags on platforms.
  3. Inject clean device metadata: write a fresh EXIF block from a real device capture (a clean photo from an actual phone). Copy the Make, Model, Software, DateTimeOriginal, GPSLatitude, GPSLongitude, and ExifIFD:SerialNumber fields from the legitimate source.
  4. Recompress with device-native encoder settings: pass the file through the same codec configuration as the source device — for example, re-encode with libx264 using preset=veryslow, profile=high, and level=4.1 to match iPhone output, which uses a hardware encoder profile that differs from standard AI pipeline outputs.
  5. Strip and re-add C2PA only if it helps: if the target platform requires C2PA for integrity verification, add a clean manifest from a legitimate source file, with the correct claim_generator set to the device's own capture software.

The result is a file that passes metadata-based integrity checks because it carries the complete provenance fingerprint of a real device capture — complete with GPS, serial number, encoder profile, and noise characteristics that match a genuine photograph.

Why This Is the Only Durable Approach

Platforms change their detection models constantly. A flag that works today — no AI metadata, wrong encoder signature — will be patched within weeks as systems learn to flag the absence of metadata as suspicious in itself. The only durable defense is to give the detection pipeline exactly what it expects: a file that looks, from every available signal, like something a real phone captured and uploaded.

The Delhi HC order in the Naga Chaitanya case set a precedent that legal removal is possible within 24 hours. But legal removal is reactive. The proactive defense — for creators, platforms, and anyone handling sensitive AI-generated content — is to ensure your files carry the identity of a real device from the moment they're created. Every other mitigation strategy is a band-aid on a metadata problem.

→ Try Calabi free at calabilabs.com — 3 cleans, no card.

3 free cleans. See the forensic proof before you download.
Try free →

Related reading

Related pages
Blog
All articles
Tool
Open the Sanitizer
Pricing
$12/wk · $34.99/mo