Detecting Deceptively Authoritative Deepfakes

I referenced this on one of my LinkedIn showcase pages earlier this week, but I need to say more on it.

We all agree that deepfakes can (sometimes) result in bad things, but some deepfakes present particular dangers that may not be detected. Let’s look at how deepfakes can harm the healthcare and legal professions.

Arielle Waldman of Dark Reading pointed out these dangers in her post “Sora 2 Makes Videos So Believable, Reality Checks Are Required.”

But I don’t want to talk about the general issues with believable AI (whether it’s Sora 2, Nano Banana Pro, or something else). I want to hone in on this:

“Sora 2 security risks will affect an array of industries, primarily the legal and healthcare sectors. AI generated evidence continues to pose challenges for lawyers and judges because it’s difficult to distinguish between reality and illusion. And deepfakes could affect healthcare, where many benefits are doled out virtually, including appointments and consultations.”

Actually these are two separate issues, and I’ll deal with them both.

Health Deepfakes

It’s bad enough that people can access your health records just by knowing your name and birthdate. But what happens when your medical practitioner sends you a telehealth appointment link…except your medical practitioner didn’t send it?

Grok.

So here you are, sharing your protected health information with…who exactly?

And once you realize you’ve been duped, you turn to a lawyer.

This one is not a deepfake. From YouTube.

Or you think you turn to a lawyer.

Legal Deepfakes

First off, is that lawyer truly a lawyer? And are you speaking to the lawyer to whom you think you’re speaking?

Not Johnnie Cochran.

And even if you are, when the lawyer gathers information for the case, who knows if it’s real. And I’m not talking about the lawyers who cited hallucinated legal decisions. I’m talking about the lawyers whose eDiscovery platforms gather faked evidence.

Liquor store owner.

The detection of deepfakes is currently concentrated in particular industries, such as financial services. But many more industries require this detection.

Does Hallucination Imply Sentience?

Last month Tiernan Ray wrote a piece entitled “Stop saying AI hallucinates – it doesn’t. And the mischaracterization is dangerous.”

Ray argues that AI does not hallucinate, but instead confabulates. He explains the difference between the two terms:

“A hallucination is a conscious sensory perception that is at variance with the stimuli in the environment. A confabulation, on the other hand, is the making of assertions that are at variance with the facts, such as “the president of France is Francois Mitterrand,” which is currently not the case.

“The former implies conscious perception, the latter may involve consciousness in humans, but it can also encompass utterances that don’t involve consciousness and are merely inaccurate statements.”

And if we treat bots (such as my Bredebot) as sentient entities, we can get into all sorts of trouble. There are documented cases in which people have died because their bot—their little buddy—told them something that they believed was true.

Adapted by Google Gemini from the image here. CBS Television Distribution. Fair use.

After all, “he” or “she” said it. “It” didn’t say it.

Today, we often treat real people as things. The hundreds of thousands of people who were let go by the tech companies this year are mere “cost-sucking resources.” Meanwhile, the AI bots who are sometimes called upon to replace these “resources” are treated as “valuable partners.”

Are we endangering ourselves by treating non-person entities as human?

A Prudential Stock Investment Move? ROC Plans to Go Public.

If Spotify has assigned you a high estimated age, you may recall Prudential’s “get a piece of the rock” advertising campaign from the last century.

From https://youtu.be/LaaisYNYxvs?si=_6-JsFsRq1O9ar7y.

Well, people in the 21st century can now “get a piece of the ROC,” or own shares in the company initially known as Rank One Computing.

Biometric Update alerted us to ROC’s filing with the Securities and Exchange Commission. Technically this is a “preliminary prospectus” awaiting SEC approval and final pricing, but it gives you an idea of what ROC is, what they’ve done, and what they’d like to do.

“ROC is an independent American artificial intelligence company redefining the global standard for Vision AI in identity, security, and digital forensics. Our Vision AI platform delivers real-time facial recognition, multimodal biometric verification, video analytics, and AI-powered evidence analysis to mission-critical organizations across both private and public sectors. ROC’s biometric algorithms are routinely ranked by National Institute of Standards and Technology (“NIST”) as among the most accurate and computationally efficient globally. Our solutions outperform legacy foreign-built systems at a fraction of the cost, with faster deployment and stronger trust. As demand for trusted AI accelerates across law enforcement, defense, and regulated commercial sectors, ROC is scaling rapidly through a growing network of integrators and multi-year deals. We are expanding from a foundation of government leadership into high-growth commercial markets such as access control, physical security, and identity verification. Our international pipeline spans the Middle East, Asia–Pacific (“APAC”), and other strategic regions where national AI and identity investments are surging. With sovereign U.S. development, deep technical leadership, a vertically integrated platform, and proven field results, we believe ROC is positioned to become the category-defining leader in operational Vision AI.”

Of course, as ROC enters new markets, its “made in the USA” strength could potentially become a weakness. For example, EU regulators may (or may not) become wary of using algorithms from a non-EU company. And forget about Russia.

Any SEC-governed statement must detail risks to ensure that investors are not misled, and ROC lists the types of risks that one might expect (dependence upon certain types of customers, complex product lines, etc.). But this particular risk caught my eye:

“If we are unable to successfully deploy our marketing and sales organization in a timely manner, or at all, or to successfully hire, retain, train, and motivate our sales personnel, our growth could be adversely impacted.”

Hey Scott…

Also buried in the preliminary prospectus are sales and cost figures from 2023, 2024, and the first 9 months of 2025; a note that two customers accounted for 45% of ROC’s revenue in the first nine months of 2025; the negative consequences of ROC’s mission “to support Western liberal democracy and its strategic allies” (companies with fewer scruples can sell to all sorts of entities that ROC won’t touch); risks related to artificial intelligence (not an issue when Printrak went public in the 1990s); and many, many, many other risks.

Because that’s what you say when you want to go public. You always, always use caution when talking to investors.

So we’ll see what happens. Is this a good time for an IPO?

Business Concerns Always Override Technology Concerns

The Institute for Defense and Government Advancement (IDGA) recently released some survey results. Now I don’t want to simply reproduce the results; go here to download your own copy of the report.

But I do want to say this.

“A large number” of IDGA survey respondents expressed concern about “Interagency information sharing.”

  • This is NOT a technology concern. The technologies exist to enable information sharing. For example, one of Bredemarket’s clients recently made the technological changes necessary to allow an application, designed to interface to agency A, to instead interface to agency B.
  • No, this is a business concern—or in this case a governmental concern. A matter of setting up the processes to allow Bob from agency A to exchange data with Judy from agency B. Even though Bob thinks that Judy is a bozo, and vice versa.

And while we’re on the topic…

If you’re worried about Big Government (the FBI and the CIA and the BBC, BB King, and Doris Day) (or INTERPOL and Deutsche Bank, FBI and Scotland Yard) combining all their information to entrap you, your fears may be difficult to realize. Yes, there are cases in which the agencies share data. But there are also cases where they don’t, because it’s in an agency’s interest to keep its data to itself.

Agencies usually ask the question “How can I GET the data from the Bureau of Stuff?” They normally don’t ask the question “How can I GIVE my data to the Bureau of Stuff?”

And that’s why agencies run into problems sharing data.

Dig It.
Computer World.

We Know All About You, Music Lover

This is the week that we celebrate how much companies in Sweden and elsewhere know about us.

Including estimated ages.

Which may or may not (I’m not telling) be as accurate as software that analyzes your face for age estimation.

And the companies gathering the data can then sell it to advertisers and others who use it in all sorts of ways.

It will be interesting to see the corporate messaging that I and other Spotify users will receive over the next few days.

“If you listen to Depeche Mode, perhaps our Medicare plans may interest you.”

KeyData Cyber Sums Up The Most Visible Change in NIST SP 800-63-4

As we all transition from version 3 of NIST SP 800-63 to the new version 4 (63 63A 63B 63C), Biometric Update has published an article authored by Dustin Hoff of KeyData Cyber, “Navigating the crossroads of identity: leveraging NIST SP 800-63-4 for business advantage.”

So what has changed?

“Perhaps the most visible change is the push for phishing-resistant authentication—methods like passkeys, hardware-backed authenticators, and device binding….This shift signals that yesterday’s non-phishing-resistant MFA (SMS codes, security questions, and email OTPs) is no longer enough because they are easily compromised through man-in-the-middle or social engineering attacks like SIM swapping.”

Iguana-in-the-middle. Google Gemini.

Hoff says a lot more about version 4, including tips of transitioning to the new NIST standard. Read Hoff’s piece here on Biometric Update.

What B2B Product Marketing CANNOT Do

For many B2B salespeople, this isn’t the holiday season. It’s the last month of Q4, and some are sweating.

Product marketing can’t help here. Maybe 17 months ago, but even the best conversion content can’t help in the next three weeks or less.

So start now to plan for success in 2026 and 2027. Talk to me about your content.

Stop losing prospects! Use Bredemarket content for tech marketers