Can Laws Stop Deepfakes? South Korea Aims to Find Out TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.Dark Reading Resource LibraryBlack Hat NewsOmdia CybersecurityAdvertiseNewsletter Sign-UpNewsletter Sign-UpCybersecurity TopicsRelated TopicsApplication SecurityCybersecurity CareersCloud SecurityCyber RiskCyberattacks & Data BreachesCybersecurity AnalyticsCybersecurity OperationsData PrivacyEndpoint SecurityICS/OT SecurityIdentity & Access Mgmt SecurityInsider ThreatsIoTMobile SecurityPerimeterPhysical SecurityRemote WorkforceThreat IntelligenceVulnerabilities & ThreatsRecent in Cybersecurity TopicsApplication SecurityAttackers Weaponize RubyGems for Data Dead DropsAttackers Weaponize RubyGems for Data Dead DropsbyAlexander CulafiMay 13, 20264 Min ReadСloud SecurityLatAm Vibe Hackers Generate Custom Hacking Tools on the FlyLatAm Vibe Hackers Generate Custom Hacking Tools on the FlybyAlexander CulafiMay 13, 20265 Min ReadWorld Related TopicsDR GlobalMiddle East & AfricaAsia PacificLatin AmericaSee AllThe EdgeDR TechnologyEventsRelated TopicsUpcoming EventsPodcastsWebinarsSEE ALLResourcesRelated TopicsResource LibraryNewslettersPodcastsReportsVideosWebinarsWhite Papers Partner PerspectivesDark Reading Resource LibraryVulnerabilities & ThreatsCyber RiskIdentity & Access Management SecurityNewsBreaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia PacificCan Laws Stop Deepfakes? South Korea Aims to Find OutSouth Korea's local elections next month will be a test bed for how effective regulations might be to stymie the flow of deepfakes.Alexander Culafi,Senior News Writer,Dark ReadingMay 18, 20266 Min ReadSource: Xinhua via Alamy Stock PhotoSouth Korea will hold local elections on June 3, and for the first time will enforce two laws aiming to curb the use of AI deepfakes to support political campaigns. The big question is: will it be enough?While not the most dramatic issue facing voters, deepfakes remain a problem for elections worldwide. In 2024, some New Hampshire voters received a robocall claiming to be from then-US President Joe Biden asking residents not to vote in the state primary. South Korea, meanwhile, has faced everything from fake videos of political candidates on social media to AI-generated television news reports and more. Leading up to South Korea's presidential election next year, a video was widely shared which falsely showed President Lee Jae-myung ending his hunger strike. At the time, he was not only the election frontrunner but also the opposition party leader.Deepfakes have been around for years, but their quality and access have increased alongside the sophistication of generative AI. Related:Maximum Severity Cisco SD-WAN Bug Exploited in the WildBrian Long, CEO and co-founder of Adaptive Security, a firm that specializes in threat awareness training for things like phishing emails and deepfakes, tells Dark Reading that two years ago, generating a convincing deepfake required real technical skill."Today, consumer tools produce convincing audio, video, and synthetic text in minutes," he says.Long says the June 3 elections will be the first real stress test of South Korea's full regulatory framework. Clear legal infrastructure, he says, allows investigators to act faster while giving platforms clearer obligations to remove violating content. The problem exists in the channels that regulators can't clearly reach."Deepfakes distributed through encrypted messaging apps, targeted SMS campaigns, and direct voice calls move faster than any fact-checker. By the time a platform removes a clip, it has already reached the people it was designed to reach," he says. "Laws address the supply side. Awareness addresses the demand side. Voters who approach political audio and video with the same skepticism they bring to a suspicious phone call are significantly harder to manipulate. Building that instinct at scale, before election season, is where most countries are still in early days."South Korea: A Unique Deepfake Test CaseSouth Korea is unique in that it has taken steps to restrict and penalize the use of deepfakes prior to elections at a codified scale. Article 82-8 of the Public Official Election Act, established in 2023, prohibits the use of virtual sounds, images, or videos that are difficult to distinguish from reality for 90 days prior to election day. This is specifically to prevent individuals or campaigns from generating deepfakes intended to influence the outcome of an election, such as content clearly labeled as generated or content created to encourage voting. Related:'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux DistrosA person who violates Article 82-8 "shall be punished by imprisonment with labor for not more than 7 years or by a fine of not less than 10 million won but not more than 50 million won," according to the law (approximately between $6,700 USD and $33,500 USD). In addition to this, there's also the AI Basic Act, established early last year and put into effect this January. While the legislation is substantial and aims to regulate many aspects of AI, one relevant portion comes in the form of Article 31, paragraph 3."Where AI systems generate virtual audio, images, or video that are difficult to distinguish from real content, AI business operators shall notify or indicate to users, in a manner that allows clear recognition, that such content has been generated by an AI system," the law reads. "Provided, that where such outputs constitute, or form part of, artistic or creative works, such notification or indication may be made in a manner that does not interfere with their exhibition or enjoyment."Related:Cyber Espionage Group Targets Aviation Firms to Steal Map DataThe AI Basic Act also, broadly speaking, requires businesses generating deepfake AI content to make clear that content is AI generated, such as through a watermark. Any business that does not transparently disclose the use of deepfake content as described by the act can face an administrative fine not exceeding 30 million Korean won (approximately $20,000 USD). To facilitate its investigations, South Korea's National Police Agency (KNPA) developed a deepfake detection tool it deployed in 2024. It's notable that a country is putting their best foot forward to combat deepfakes, especially South Korea, which has had to combat a surge in AI-generated sexually explicit content in recent years. A 2023 report from identity theft research firm Security Hero found that globally, "South Korean singers and actresses constitute 53% of the individuals featured in deepfake pornography and are the most commonly targeted group." Combined, this marks an early example of comprehensive AI law at the national level.For comparison, in the US there is no comprehensive law explicitly regulating the use of deepfakes to influence elections, but multiple states such as California and Texas do. The FBI and Department of Justice can also investigate deepfakes under current laws related to election interference and identity theft.Europe has the EU AI Act, which requires that users of an AI system that manipulates images, audio, or video that resembles a person, object, place, or entity in real life must disclose that the content has been artificially generated or manipulated. Deepfake Regulations Just a StartAs a deterrent, results have thus been mixed. Leading up to its local election season in 2024, South Korea's National Election Commission said it caught 129 deepfakes in violation of the election laws between Jan. 29 and Feb. 16. And this year, before local elections in June, reports suggest South Korean election officials are still actively fighting deepfakes on a day-to-day basis. Dr. Hany Farid, co-founder at GetReal Security (a vendor that specializes in deepfake detection), says that South Korea deserves credit for moving faster than most governments. But he says regulation only sets a floor — not a ceiling — on solving the issue of deepfakes."The core issue is speed and asymmetry," he says. "A realistic deepfake of a presidential or mayoral candidate can be produced using publicly available tools and can spread across the Internet within seconds. The legal machinery to detect it, investigate it, and remove it operates on timescales of days or weeks. That gap is where the damage is done. By the time an election commission confirms something is synthetic, it may have been viewed millions of times."Social platforms are difficult to police, and threat actors operating outside the country face no practical liability. While regulations are helpful, Farid adds, they're not sufficient on their own. Organizations need a layered approach, such as ways of holding social media platforms accountable, using detection infrastructure (which South Korea does), and promoting media literacy.Farid says the US is in a difficult position going into its midterms this fall, as the country has a patchwork of state laws that vary enormously in scope, enforcement, and constitutional durability.To combat this, he says, the government must bake detection into the election security apparatus and hold platforms accountable for the content economics that make deepfake disinformation profitable to spread. The use of provenance tools can also authenticate where content originated from. Some companies like TikTok and Meta apply automatic AI markers to certain content according to standards established by the Coalition for Content Provenance and Authenticity (C2PA). Adaptive Security's Long says the US will have an opportunity to build on what South Korea has learned."A federal framework with clear timelines, labeling requirements, and enforceable penalties would give every jurisdiction consistent ground rules heading into the 2026 midterms," the CEO says. "The work done now sets the conditions for what voters experience in November."Read more about:DR Global Asia PacificAbout the AuthorAlexander CulafiSenior News Writer, Dark ReadingAlex is an award-winning writer, journalist, and podcast host based in Boston. After cutting his teeth writing for independent gaming publications as a teenager, he graduated from Emerson College in 2016 with a Bachelor of Science in journalism. He has previously been published on VentureFizz, Search Security, Nintendo World Report, and elsewhere. At Dark Reading, he covers a variety of cybersecurity topics, including the cybercrime ecosystem, open source security, and the intersection between AI and threat actors. In his spare time, Alex hosts the weekly Nintendo podcast, "Talk Nintendo Podcast," and works on personal writing projects, including two previously self-published science fiction novels.He has received numerous awards, including TechTarget's Writer of the Year in 2022 as well as more than 10 Azbee awards for his reporting between 2022 and today. See more from Alexander CulafiWant more Dark Reading stories in your Google search results?Add Us NowMore InsightsIndustry ReportsHow Enterprises Are Developing Secure ApplicationsInside RSAC 2026: security leaders reveal the risks redefining your defense strategyHow Enterprises Are Harnessing Emerging Technologies in CybersecurityDitch the Data Center: Understanding Flexible Cloud Infrastructure Security Management2025 State of MalwareAccess More ResearchWebinarsHow Security Teams should apply Threat Intelligence into their DefensesYour Guide to Securing AI Adoption in Your OrganizationWhat is the Right Role for Identity Threat Detection and Response (ITDR) in Your Organization?The New Attack Surface: How Attackers Are Exploiting OAuth to Own Your Cloud WorkspacePrompt Injection Is Just the Start: Securing LLMs in AI SystemsMore WebinarsEditor's ChoiceThreat IntelligenceFrom Stuxnet to ChatGPT: 20 News Events That Shaped CyberFrom Stuxnet to ChatGPT: 20 News Events That Shaped CyberbyDark Reading Editorial TeamMay 6, 202631 Min ReadCyber RiskPhysical Cargo Theft Gets a Boost From CybercriminalsPhysical Cargo Theft Gets a Boost From CybercriminalsbyRobert LemosMay 4, 20265 Min ReadWant more Dark Reading stories in your Google search results?Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.SubscribeRSAC 2026: key news & insightsAt RSAC 2026, Dark Reading captured critical intelligence on AI, new attack methods, geopolitics, and much moreGet Your RecapWebinarsHow Security Teams should apply Threat Intelligence into their DefensesThurs, June 11, 2026 at 1pm ESTYour Guide to Securing AI Adoption in Your OrganizationTues, June 9, 2026 at 1pm ESTWhat is the Right Role for Identity Threat Detection and Response (ITDR) in Your Organization?Wed, June 3, 2026 at 1pm ESTThe New Attack Surface: How Attackers Are Exploiting OAuth to Own Your Cloud WorkspaceWed, June 24,2026 at 1pm ESTPrompt Injection Is Just the Start: Securing LLMs in AI SystemsTues, May 26, 2026, at 1pm ESTMore WebinarsBlack Hat USA | Mandalay Bay, Las VegasThe premier cybersecurity event of the year returns to Mandalay Bay with a re‑engineered, six‑day program built to ignite innovation, push boundaries, and bring the global security community together like never before. Use code: DARKREADING to save $200 on a Briefings pass or $100 on a Business pass.GET YOUR PASSDiscover MoreBlack HatOmdiaWorking With UsAbout UsAdvertiseReprintsJoin UsNewsletter Sign-UpFollow UsCopyright © 2026 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466.Home|Cookie Policy|Privacy|Terms of UseYour Privacy Choices

South Korea is testing its effectiveness in regulating artificial intelligence deepfakes by using upcoming local elections as a trial for its existing legal framework. This initiative stems from the global proliferation of deepfakes, where the increasing sophistication of generative AI has made creating convincing audio, video, and synthetic text accessible in minutes, posing a significant threat to electoral integrity, as evidenced by instances such as fake videos of political candidates circulating on social media. Experts note that while technological capabilities advance rapidly, the legal infrastructure often lags behind, creating a critical gap between how quickly disinformation spreads and how long regulatory bodies require to investigate and remove content.

The legal measures enacted by South Korea represent a unique, codified attempt to combat deepfakes in the context of elections. Specifically, Article 82-8 of the Public Official Election Act establishes a prohibition on using virtual sounds, images, or videos that are difficult to distinguish from reality for ninety days leading up to an election. This provision is designed to prevent the use of deepfakes intended to sway electoral outcomes, applying penalties ranging from imprisonment to significant fines. Furthermore, the nation has implemented the AI Basic Act, which includes Article 31, paragraph 3, mandating that business operators generating virtual content must notify or indicate to users whether the content was created by an AI system, allowing for clear recognition. Failure to transparently disclose the use of deepfake content can result in administrative fines. To assist in enforcement, the National Police Agency developed a deepfake detection tool in 2024. This comprehensive approach is particularly notable as South Korea has also had to address a surge in AI-generated sexually explicit content, where a 2023 report indicated that South Korean performers constitute a significant percentage of the individuals targeted in deepfake pornography globally.

Despite these legislative steps, experts caution that regulation alone is only a starting point for solving the deepfake problem. Dr. Hany Farid suggests that the fundamental difficulty lies in the asymmetry of the process: realistic deepfakes can be produced and disseminated across the internet in seconds, whereas the legal machinery for detection, investigation, and removal operates on timescales of days or weeks. This delay allows synthetic content to reach millions of viewers before official confirmation is reached. Consequently, relying solely on legal action is insufficient. To effectively combat this threat, experts advocate for a layered strategy that includes holding social media platforms accountable for the economics that allow disinformation to proliferate, developing robust detection infrastructure, and promoting media literacy among the electorate. This approach emphasizes building public skepticism toward political media, much like skepticism applied to suspicious phone calls.

In comparison, different jurisdictions approach this challenge with varying levels of structure. While the United States lacks a singular federal law explicitly regulating deepfakes influencing elections, various states have enacted their own laws, creating a patchwork system. The European Union has taken a more comprehensive approach with the EU AI Act, which requires disclosure for content that has been artificially generated or manipulated. The experience of South Korea provides a model for national-level AI law that integrates specific electoral concerns, setting a precedent that other jurisdictions might build upon to establish consistent, enforceable standards and timelines for handling synthetic media in the context of democratic processes.