The rapid growth of deepfakes poses evolving risks for organizations. Deepfakes are synthetic content typically generated with artificial intelligence. According to Keepnet, deepfake content is growing exponentially, from 500,000 in 2023 to 8 million in 2025, and will continue to grow at a rate of 900% annually. Deepfakes pose threats to organizations both externally and internally. Externally, fraudsters are increasingly leveraging deepfakes to impersonate executives, vendors, or trusted colleagues, moving beyond traditional phishing schemes to execute more convincing social‑engineering attacks. Internally, employees may use deepfake tools for seemingly benign purposes, such as office humor or experimentation, but these technologies can also be misused to create false records, alter communications, or create misleading evidence. Many organizations are not considering the reputational, legal, and compliance consequences that deepfakes can introduce into their information environments.

Given these risks, organizations should proactively incorporate deepfake considerations into their information governance programs. Effective governance requires tracking information throughout its lifecycle while accounting for the possibility that information may be synthetic or manipulated. Companies should train employees to recognize deepfake threats and understand the potential impact on recordkeeping obligations, investigations, and litigation. In addition, organizations should implement clear policies governing the creation, use, and retention of synthetic media on company systems. A coordinated legal and information governance strategy can help mitigate risk, support compliance, and protect organizational trust in an era of increasingly sophisticated digital deception.

If your organization would like to update its information governance plan to address deepfakes, our team is ready to assist. At CODISCOVR, we deliver client-focused, defensible solutions that are tailored to each organization’s specific needs. Reach out to Nicholas Berenato, Information Governance Principal, CODISCOVR. Nick is an attorney who collaborates with clients to address legal and financial exposure from their information assets through information governance. He develops strategies and policies to enable clients to effectively manage their data in a manner that minimizes costs and allows clients to leverage their data to support their business processes.