
Criminal Defence for Deepfakes as Criminal Evidence
Criminal defense through expert challenge of deepfakes submitted as evidence and representation of victims of AI visual manipulation.
Last updated:
A deepfake is audiovisual content generated or modified by generative artificial intelligence (GAN, diffusion models) that replaces a person's face, voice or body with increasing verisimilitude. In criminal process it appears in two opposite positions: (1) as prosecution evidence, when an apparently incriminating video or audio is submitted that may have been manipulated; and (2) as instrument of the offense, when used for sexual extortion, slander, identity impersonation or fraud. Each position demands a different strategy: in the first we defend the accused by challenging the authenticity of the material; in the second we represent the victim by exercising the private prosecution.
Technical Anatomy of a Deepfake
Understanding how a deepfake is built is the first step to challenging it. The most widespread techniques are face-swap (replacing one face with another frame by frame), lip-sync or facial reenactment (the lip movement is altered to make someone appear to say something they did not) and voice synthesis from short samples. Behind all of them lie two families of models: generative adversarial networks (GAN), in which a generator and a discriminator compete until they produce a plausible result, and diffusion models, which reconstruct the image from noise. Both, however, leave statistical traces in the image and the sound that are imperceptible to the naked eye but detectable through expert analysis. Knowing the technique used guides the detection method and helps anticipate the weak points of the material submitted by the opposing party.
Forensic Detection Methods
Forensic detection of deepfakes combines several methods: frequency analysis (generative models leave signatures in the frequency domain), GAN artifact search (ocular asymmetries, anomalies in hair and edges), biometric inconsistencies (blinking patterns, microexpressions, heart rate visible in skin), metadata analysis (EXIF, encoding, traces of editing software) and regulatory watermarks imposed by EU Regulation 2024/1689 (the Artificial Intelligence Act) on providers to mark synthetic content. No method is infallible in isolation, but their combination markedly reduces the false-negative rate. Evidence with procedural value requires an expert report with documented and reproducible methodology; public automatic detectors, with high error rates, do not suffice on their own to found a judicial conviction.
Criminal Qualification of the Deepfake
The deepfake is not an autonomous criminal offense, but the means of committing offenses already set out in the Criminal Code. When it distributes or threatens to distribute content of a sexual nature —even if false but plausible— it may constitute the offense of non-consensual distribution of intimate images (Art. 197.7 CP), in concurrence with the offense against moral integrity of Art. 173 CP depending on the severity of the harm. If it attributes a criminal act to a person or damages their reputation, slander or libel (Arts. 205 and 208 CP) comes into play. The use of another's identity to defraud may fall under fraud (Arts. 248 and 250 CP) and, where applicable, identity impersonation (Art. 401 CP). The specific qualification depends on the content, the means of distribution and the harmful result, and frequently requires resolving a concurrence of offenses.
Defense Against Suspicious Evidence
When a video or audio that may have been manipulated is submitted against the client, we structure the defense on two planes. On the technical plane, we request a challenge expert report with combined methodology (frequency, biometric and metadata) and reconstruct the chain of custody of the material from its origin to its incorporation into the case file, to locate the opportunities for alteration. On the procedural plane, we seek early evidence exclusion during the instruction phase, before the material contaminates the judicial conviction, and we work a dual defense line: challenging authenticity (arguing it is a deepfake) and, subsidiarily, disputing the context (that, even if authentic, it does not establish the elements of the offense). The burden of proving the authenticity and integrity of the digital evidence lies with the party that submits it.
Victim's Criminal Action
A person who is the subject of a deepfake has several avenues, frequently cumulative. In the criminal order, we file a complaint for the corresponding offense (sextortion, slander, impersonation or fraud) and seek urgent precautionary measures for the removal of the material on platforms, social networks and servers. In the civil order, there is protection of honor, privacy and one's own image under LO 1/1982. In the administrative order, a complaint before the Spanish Data Protection Agency (AEPD) for unlawful processing of biometric data. The Digital Services Act (DSA) reinforces the platforms' duty to remove the content following a substantiated notification. Early action is decisive to halt the viral spread and preserve evidence of the distribution.
The Article 197.7 gap for fully synthetic deepfakes
Article 197.7 of the Criminal Code punishes anyone who, without the consent of the person affected, disseminates intimate images or recordings that they had obtained with that person's agreement in a home or place beyond the reach of third parties. The defence turns on one word: the image must have been obtained from the victim, meaning it must be a real image captured from their body. When pornographic content is generated entirely by artificial intelligence, without starting from any prior recording of the person, there is no obtained image and the conduct does not fit within Article 197.7. This distinction is not a minor technicality but the very line between non-criminality through this route and a conviction.
Two scenarios that are often confused must be kept apart. The first is the manipulated real image: there is an authentic photograph or video of the victim whose context is altered or to which sexual elements are added; here there is a medium obtained from the person, and classification under intimacy offences is more solid. The second is a face or body recreated entirely by a generative model from public data: nothing has been captured from the victim's private sphere. The technical defence of each case depends on establishing through expert evidence which of the two scenarios applies, because the applicable provision, and even the existence of an offence, hinge on that finding.
Alternative routes: defamation, moral integrity and civil image rights
Once Article 197.7 is ruled out for a purely synthetic deepfake, the prosecution usually redirects the facts to other offences. The defamation provisions of Articles 208 to 210 protect honour against the imputation of facts or expressions that harm dignity by damaging reputation; a sexual deepfake may amount to serious defamation committed with publicity, but it requires the intent to defame and compliance with the complaint and pardon rules that govern these privately prosecuted offences. The offence against moral integrity under Article 173.1, in turn, requires degrading treatment that seriously undermines moral integrity, a demanding threshold that not every manipulation reaches.
Alongside the criminal route, the affected person has the civil protection of image rights, honour and privacy under Organic Law 1/1982. This route allows for an order to cease dissemination, removal of the content and compensation for moral damage, with a standard of proof different from the criminal one and without the need to prove an intent to defame. In practice, the most effective strategy combines a swift civil response to stop the content going viral with a careful assessment of the criminal complaint, avoiding forcing a classification that the offence cannot support. We work to fit each set of facts into the figure that genuinely corresponds to it.
Virtual and technical child pornography: Article 189 does cover the synthetic
The reasoning about the Article 197.7 gap does not carry over to material involving minors. Article 189 of the Criminal Code, after the reform introduced by Organic Law 1/2015, defines child pornography to include realistic images of a minor or of a minor's sexual organs for sexual purposes, even where they do not correspond to a real person. This covers both so-called virtual pornography, a complete artificial creation, and technical pornography, in which an adult is presented as a minor. A deepfake that sexually depicts a person who is a minor can therefore be a criminal offence even though it was generated entirely by artificial intelligence without starting from any real image.
The penological consequences are substantially more serious than in cases involving adults. The production and dissemination of child pornography is punishable by prison terms that may exceed five years where aggravating circumstances apply, and mere possession is also punished. The defence in these cases must pay particular attention to the expert evidence on the nature of the material, the apparent age depicted and the subjective element, without losing sight of the fact that the boundary of adulthood and the sexual purpose are decisive for the classification and the applicable penalty.
Jurisdiction, lawful digital evidence and limitation
The investigation of these offences falls to the Investigating Court of the place of commission. Trial is assigned to the Criminal Court where the maximum penalty does not exceed five years of imprisonment, and to the Provincial Court where it exceeds that limit. The National Court has no jurisdiction unless there is an express connection with one of the situations set out in Article 65 of the Organic Law of the Judiciary. Gathering digital evidence requires respect for the secrecy of communications under Article 18.3 of the Constitution: the interception of electronic communications is governed by Articles 588 bis a) onwards and 588 ter a) onwards of the Criminal Procedure Act, and access to the content of mass storage devices by Article 588 sexies a), always under a reasoned judicial authorisation and in accordance with the principles of specificity, suitability, exceptionality and proportionality.
The chain of custody and the forensic imaging of the material are where the defence is most often decided: a defective authorisation, an unproven link between the device and the person under investigation, or imaging without guarantees may render the evidence void under Article 11.1 of the Organic Law of the Judiciary. As for limitation under Article 131 of the Criminal Code, the periods are calculated on the maximum penalty laid down for the offence, with no three-year band: where that penalty does not exceed five years, the offence becomes time-barred after five years; where it exceeds five and does not exceed ten, after ten years. Defamation and slander, by contrast, become time-barred after one year under Article 131 itself. If the classification that ultimately holds is the civil one under Organic Law 1/1982, the four-year caducity rule of Article 9.5 of that law applies, not the criminal periods.
Penalties & Consequences: Criminal Defence for Deepfakes as Criminal Evidence
| Type / Scenario | Criminal Penalty |
|---|---|
| Sextortion with deepfake (Art. 197.7 CP) | Imprisonment 3 months to 1 year or fine 6-12 months for non-consensual distribution of sexual images. Applicable even if images are false but plausible. |
| Slander or libel (Arts. 205, 208 CP) | Imprisonment 6 months to 2 years or fine, according to criminal attribution and public distribution. |
| Fraud (Art. 248 CP) | Imprisonment 6 months to 6 years when patrimonial transfer is obtained through deepfake deception. |
* Penalties shown are indicative. The actual penalty depends on case circumstances, applicable mitigating and aggravating factors.
Defense Strategy: Criminal Defence for Deepfakes as Criminal Evidence
Early Evidence Exclusion
Request expert evidence during instruction to disqualify the deepfake before it contaminates judicial conviction.
Dual Defense Line
Challenge authenticity (it is deepfake) and, subsidiarily, context (even if real, does not establish the type).
Precautionary Content Removal
For the victim: urgent precautionary measure for elimination of material on platforms, social networks and servers.
Cybercrime in Spain: Hacking, Phishing & Digital Fraud — Defence Guide
Cybercrime encompasses illegal access to computer systems (Art. 197 bis CP), computer damage and ransomware (Art. 264 CP), phishing and digital fraud (Art. 249.1.a CP), and the production or distribution of hacking tools (Art. 197 ter). Spain's prosecution of cybercrime has intensified dramatically, with specialised units in the National Police (BIT) and Guardia Civil (GDT) leading investigations. Defence requires a unique combination of criminal law expertise and advanced technical knowledge.
Penalty Table: Cybercrime
| Offence | Article | Description | Penalty |
|---|---|---|---|
| Illegal access to systems | Art. 197 bis | Unauthorised access breaching security measures | 6 months – 2 years |
| Interception of data | Art. 197 bis.2 | Intercepting non-public data transmissions | 3 months – 2 years |
| Production/supply of hacking tools | Art. 197 ter | Creating or distributing tools designed for cybercrime | 6 months – 2 years |
| Computer damage (basic) | Art. 264.1 | Deleting, damaging or making data inaccessible | 6 months – 3 years |
| Aggravated damage (critical infrastructure) | Art. 264.2 | Affecting essential services or critical infrastructure | 2 – 5 years prison |
| Cyber fraud (phishing) | Art. 249.1.a | IT manipulation to obtain unlawful transfer of assets | 6 months – 3 years |
Key Defence Strategies
IP Attribution Challenge
An IP address does not identify a person. Shared Wi-Fi networks, VPNs, Tor exit nodes and NAT configurations mean multiple users may share one IP. The prosecution must prove the accused was the actual user at the relevant time.
Chain of Digital Custody
Digital evidence is extremely fragile. If the police failed to image the hard drive with a write-blocker, if hash values don't match, or if evidence was handled improperly, the defence can seek exclusion of the entire digital evidence chain.
Authorised Security Testing
Ethical hacking and penetration testing carried out with the system owner's authorisation is legal. If the defendant had a written engagement contract, bug bounty agreement or responsible disclosure policy, there is no criminal offence.
Lack of 'Breaching Security Measures'
Art. 197 bis requires that security measures were breached. If the system had no password, no firewall, or the access point was public, the element of 'breaching security' may be absent, negating the offence.
Key Case Law
The Supreme Court confirmed that 'access' requires effectively entering the system, not merely attempting it. The prosecution must prove: (1) access occurred, (2) it was unauthorised, and (3) security measures were breached. Port scanning alone does not constitute the offence.
The Court ruled that ransomware attacks may constitute a concurrent offence of computer damage (Art. 264) and extortion (Art. 243 CP). The encryption of data satisfies the 'damage' element even if data is technically recoverable upon payment.
In phishing operations, the Court distinguished between the organiser and the 'money mule' (account holder). The mule's liability depends on proof of knowledge that the funds were illicit. Wilful blindness may suffice, but mere negligence does not.
Why Choose Us?
Need a criminal defense lawyer for this type of offense? Here's how we work:
Do you need specialised legal assistance?
The judicial system is complex. We have the criminal-law specialisation and technical resources required to take on the defence.