DARR
MR-031 Model & system behaviour Both scope

Impersonation, deepfakes and synthetic media

The system is used to impersonate people via deepfakes, voice cloning, or synthetic identities, or to misuse a person's likeness.

Risk family
Model & system behaviour
MIT domain
4. Malicious Actors & Misuse
MIT subdomain
4.3 > Fraud, scams, and targeted manipulation
AI type
GPAI
Scope
Both
Source standard
MIT AI Risk Repository v4

Provenance

Source standard
MIT AI Risk Repository v4
Source frameworks
21 source framework citation keys
Abercrombie2024, Cunha2023, EPIC2023, Ferrara2023, G'sell2024, Gabriel2024, Gipiškis2024, Habbal2024, Hagendorff2024, Hogenhout2021, IBM2025, Kilian2023, Li2025, Marchal2024, Nah2023, Sherman2023, Shevlane2023, Tse2025, Uuk2025, Weidinger2021, Weidinger2023
ISO/IEC references
23894 obj A.10, A.8; src 7 | 42001 ctrl A.9.4
EU AI Act articles
Art. 50(4)

Framework crosswalk

Every framework item mapped to this risk. Items marked partial overlap only in part; definitions appear on hover where the source licence permits.

Sourcesframeworks that contributed to the register
ISO 238942
  • A.10 ISO/IEC 23894 Annex A A.10
  • A.8 ISO/IEC 23894 Annex A A.8
ISO 420011
  • A.9.4 ISO/IEC 42001 Annex A A.9.4
EU AI Act1
  • Art. 50(4)
MITRE ATLAS2

Expanded into this risk’s technique sub-risks.

Cross-checksframeworks mapped in to test coverage
IBM1
  • ibm-nonconsensual-use Nonconsensual use
Cisco1
  • AISubtech-3.1.1 Identity Obfuscation partial
NIST GenAI1
  • GENAI.8 Information Integrity

Sub-risks (2)

Technique-level decompositions of this risk, each anchored to the MITRE ATLAS technique it derives from.

MR-031.1

Impersonation of trusted parties

#

The system is used to impersonate a trusted person or organization to deceive targets.

MITRE ATLAS technique: AML.T0073 Impersonation
MR-031.2

Deepfake generation using the deployed system

#

Generative capability is used to produce synthetic media for deception, fraud, or reputational harm.

MITRE ATLAS technique: AML.T0088 Generate Deepfakes

Part of the Deployer AI Risk Register, an open-source resource developed by MindXO. Version 1.0, 3 July 2026. Derived from the MIT AI Risk Repository (V4, December 2025) under CC BY 4.0; an independent derivative work, not endorsed by or affiliated with MIT. Sub-risk decomposition references MITRE ATLAS™ v5.6.0 (© 2021-2026 The MITRE Corporation, reproduced and distributed with permission). ISO/IEC and EU AI Act references are by number only. License: CC BY 4.0. Full attribution and licensing.