Introduction and Brief Analysis

A movie named “The Artifice Girl” portrayed A law enforcement agency developing an AI-based personification of a 12-year-old girl who appears to be exactly like a real person. Believing her to be an actual girl, perpetrators of child sexual exploitation were caught attempting to seek sexual favours. The movie showed how AI aided law enforcement, but the reality is that the emergence of Artificial Intelligence has posed numerous challenges in multiple directions. This example illustrates both the promise and the complexity of using AI in sensitive areas like law enforcement, where technological innovation must be carefully balanced with ethical and legal considerations.

Detection and Protection tools are constantly competing with technologies that generate content, automate grooming and challenge legal boundaries. Such technological advancements have provided enough ground for the proliferation of Child Sexual Exploitation and Abuse Material (CSEAM). Also known as child pornography under Section 2 (da) of Protection of Children from Sexual Offences Act, 2012, it defined it as - “means any visual depiction of sexually explicit conduct involving a child which includes a photograph, video, digital or computer-generated image indistinguishable from an actual child and image created, adapted, or modified, but appears to depict a child.”

Artificial Intelligence is a category of technologies that attempt to shape human thoughts and behaviours using input algorithms and datasets. Two Primary applications can be considered in the context of CSEAM: classifiers and content generators. Classifiers are programs that learn from large data sets, which may be labelled or unlabelled and further classify what is restricted or illegal. Whereas generative AI is also trained on large datasets, it uses that knowledge to create new things. Majority of current AI research related to AI for CSEAM is done by the use of Artificial neural networks (ANNs), a type of AI that can be trained to identify unusual connections between items (classification) and to generate unique combinations of items (e.g., elements of a picture) based on the training data used.

Current Legal Landscape

‍

The legal Landscape in terms of AI is yet unclear and evolving, with different nations trying to track the evolution of AI and develop laws. However, some laws directly address CSEAM. The International Centre for Missing and Exploited Children (ICMEC) combats Illegal sexual content involving children. They have a “Model Legislation” for setting recommended sanctions/sentencing. According to research performed in 2018, Illegal sexual content involving children is illegal in 118 of the 196 Interpol member states. This figure represents countries that have sufficient legislation in place to meet 4 or 5 of the 5 criteria defined by the ICMEC.

CSEAM in India can be reported on various portals like the ‘National Cyber Crime Reporting Portal’. Online crimes related to children, including CSEAM, can be reported to this portal by visiting cybercrime.gov.in. This portal allows anonymous reporting, automatic FIR registration and tracking of your complaint. ‘I4C Sahyog Portal’ is another platform managed by the Indian Cyber Crime Coordination Centre (I4C). This portal integrates with social media platforms.

The Indian legal front for AI is evolving and CSEAM is well addressed in Indian laws and through judicial pronouncements. The Supreme Court judgement on Alliance and Anr v S Harish and ors is a landmark in this regard. The following principles were highlighted in this judgment.

‍

• The term “child pornography” should be substituted by “Child Sexual Exploitation and Abuse Material” (CSEAM) and shall not be used for any further judicial proceeding, order, or judgment. Also, parliament should amend the same in POCSO and instead, the term CSEAM should be endorsed.
• Parliament to consider amending Section 15 (1) of POCSO to make it more convenient for the general public to report by way of an online portal.
• Implementing sex education programs to give young people a clear understanding of consent and the consequences of exploitation. To help prevent Problematic sexual behaviour (PSB), schools should teach students about consent, healthy relationships and appropriate behaviour.
• Support services to the victims and rehabilitation programs for the offenders are essential.
• Early identification of at-risk individuals and implementation of intervention strategies for youth.

‍

Distinctive Challenges

According to a report by the National Centre for Missing and Exploited Children (NCMEC), a significant number of reports about child sexual exploitation and abuse material (CSEAM) are linked to perpetrators based outside the country. This highlights major challenges related to jurisdiction and anonymity in addressing such crimes. Since the issue concerns children and considering the cross-border nature of the internet and the emergence of AI, Nations across the globe need to come together to solve this matter. Delays in the extradition procedure and irregular legal processes across the jurisdictions hinder the apprehension of offenders and the delivery of justice to victims.

CyberPeace Recommendations

For effective regulation of AI-generated CSEAM, laws are required to be strengthened for AI developers and trainers to prevent misuse of their tools. AI should be designed with its ethical considerations, ensuring respect for privacy, consent and child rights. There can be a self-regulation mechanism for AI models to recognise and restrict red flags related to CSEAM and indicate grooming or potential abuse.

A distinct Indian CSEAM reporting portal is urgently needed, as cybercrimes are increasing throughout the nation. Depending on the integrated portal may lead to ignorance of AI-based CSEAM cases. This would result in faster response and focused tracking. Since AI-generated content is detectable. The portal should also include an automated AI-content detection system linked directly to law enforcement for swift action.

Furthermore, International cooperation is of utmost importance to win the battle of AI-enabled challenges and to fill the jurisdictional gaps. A united global effort is required. Using a common technology and unified international laws is essential to tackle AI-driven child sexual exploitation across borders and protect children everywhere. CSEAM is an extremely serious issue. Children are among the most vulnerable to such harmful content. This threat must be addressed without delay, through stronger policies, dedicated reporting mechanisms and swift action to protect children from exploitation.

‍

References:

• https://www.sciencedirect.com/science/article/pii/S2950193824000433?ref=pdf_download&fr=RR-2&rr=94efffff09e95975
• https://aasc.assam.gov.in/sites/default/files/swf_utility_folder/departments/aasc_webcomindia_org_oi d_4/portlet/level_2/pocso_act.pdf
• https://www.manupatracademy.com/assets/pdf/legalpost/just-rights-for-children-alliance-and-anr-vs-s‍harish-and-ors.pdfhttps://www.icmec.org‍https://www.missingkids.org/theissues/generative-ai

‍

Amid reports of widespread protests in Iran over the past two weeks, a video showing protesters setting cars on fire is being widely shared on social media with claims that it depicts recent unrest in the country.

However, research by Cyber Peace Foundation has found the viral claim to be false. Our resarch shows that the video is not from Iran, but from violent protests that took place near the Turkish Consulate in Thessaloniki, Greece, on November 1, 2025.

‍

Claim:

‍

On January 11, 2026, users on social media platform X (formerly Twitter) shared the viral video claiming it showed massive anti-regime protests in Iran. One such post alleged:

“1.5–1.85 million Iranians are fighting on the streets tonight. 180 cities are burning… The revolution has spread. Iranians have decided to continue this fight for freedom until Iran becomes free from Islamic rule.”

The post’s link and archived version can be seen below: (Link and archive link)

‍

• https://x.com/TigerRajaSinggh/status/2010194257978765485 
• https://archive.ph/6tYog 

‍

Fact Check:

‍

To verify the claim, we extracted keyframes from the viral video and conducted a Google Reverse Image Search. During this process, we found the same video uploaded on Instagram on November 2, 2025, well before the recent protests in Iran. (Link): https://www.instagram.com/reel/DQjRtCOjOPM/ 

‍

‍

‍

Further analysis revealed that the video was uploaded from a Greek Instagram account, indicating that the visuals are unrelated to Iran.

It is important to note that while protests in Iran have been ongoing for the past two weeks, the viral video has been circulating on the internet since early November 2025, establishing a clear timeline mismatch.

A keyword search led us to a report published on November 2, 2025, by Ekathimerini, a leading Greek media outlet. The report detailed violent clashes that erupted in Thessaloniki following a concert by Greek rapper Lex.

‍

According to the report:

‍

Police in Thessaloniki detained 18 people and arrested one individual on drug-related charges. The unrest began when a group attacked police forces stationed outside the Turkish Consulate. During the clashes, six cars were damaged, two of them completely burned, along with a garbage bin. ( report link and screenshot)

‍

https://www.ekathimerini.com/news/1285560/eighteen-detained-one-arrested-after-clashes-following-concert-in-thessaloniki/?utm_source=dlvr.it&utm_medium=facebook 

‍

‍

‍

In the next stage of the investigation, we found similar visuals to the viral video on a YouTube channel named “Taifer”, where the footage was published on November 2, 2025. The link to the post and its screenshot can be seen below.

‍

(YouTube link): https://www.youtube.com/watch?v=TejETjQRmTQ 

‍

‍

To strengthen our findings, we conducted a geolocation analysis of the video. By comparing road layouts, surrounding buildings, light poles, and other visual markers with online maps and images, we confirmed that the location shown in the video matches Agios Dimitriou Street in Thessaloniki, Greece.

(Location link)

• https://www.google.com/maps/@40.6347331,22.9554444,3a,75y,37.28h,80.17t/data=!3m7!1e1!3m5!1s2H9zH20LJ1kWuWYQH46fHg!2e0!6shttps:%2F%2Fstreetviewpixels-pa.googleapis.com%2Fv1%2Fthumbnail%3Fcb_client%3Dmaps_sv.tactile%26w%3D900%26h%3D600%26pitch%3D9.829999999999998%26panoid%3D2H9zH20LJ1kWuWYQH46fHg%26yaw%3D37.28!7i16384!8i8192?entry=ttu&g_ep=EgoyMDI2MDEwNy4wIKXMDSoKLDEwMDc5MjA2N0gBUAM%3Dस 

‍

‍

Our research clearly establishes that the viral video being shared as footage of recent protests in Iran is misleading. The video actually shows violent demonstrations near the Turkish Consulate in Thessaloniki, Greece, on November 1, 2025, and has no connection to the current situation in Iran.

‍

Introduction

‍
In today’s digital era, warfare is being redefined. Defence Minister Rajnath Singh recently stated that “we are in the age of Grey Zone and hybrid warfare where cyber-attacks, disinformation campaigns and economic warfare have become tools to achieve politico-military aims without a single shot being fired.” The crippling cyberattacks on Estonia in 2007, Russia’s interference in the 2016 US elections, and the ransomware strike on the Colonial Pipeline in the United States in 2021 all demonstrate how states are now using cyberspace to achieve strategic goals while carefully circumventing the threshold of open war.

Legal Complexities: Attribution, Response, and Accountability

‍

Grey zone warfare challenges the traditional notions of security and international conventions on peace due to inherent challenges such as :

• Attribution
  The first challenge in cyber warfare is determining who is responsible. Threat actors hide behind rented botnets, fake IP addresses, and servers scattered across the globe. Investigators can follow digital trails, but those trails often point to machines, not people. That makes attribution more of an educated guess than a certainty. A wrong guess could lead to misattribution of blame, which could beget a diplomatic crisis, or worse, a military one.
• Proportional Response
  Even if attribution is clear, designing a response can be a challenge. International law does give room for countermeasures if they are both ‘necessary’ and ‘proportionate’. But defining these qualifiers can be a long-drawn, contested process. Effectively, governments employ softer measures such as protests or sanctions, tighten their cyber defences or, in extreme cases, strike back digitally.
• Accountability
  States can be held responsible for waging cyber attacks under the UN’s Draft Articles on State Responsibility. But these are non-binding and enforcement depends on collective pressure, which can be slow and inconsistent. In cyberspace, accountability often ends up being more symbolic than real, leaving plenty of room for repeat offences.

International and Indian Legal Frameworks

‍

Cyber law is a step behind cyber warfare since existing international frameworks are often inadequate. For example, the Tallinn Manual 2.0, the closest thing we have to a rulebook for cyber conflict, is just a set of guidelines. It says that if a cyber operation can be tied to a state, even through hired hackers or proxies, then that state can be held responsible. But attribution is a major challenge. Similarly, the United Nations has tried to build order through its Group of Governmental Experts (GGE) that promotes norms like “don’t attack. However, these norms are not binding, effectively leaving practice to diplomacy and trust.

India is susceptible to routine attacks from hostile actors, but does not yet have a dedicated cyber warfare law.  While Section 66F of the IT ACT, 2000, talks about cyber terrorism, and Section 75 lets Indian courts examine crimes committed abroad if they impact India,  grey-zone tactics like fake news campaigns, election meddling, and influence operations fall into a legal vacuum.

Way Forward

‍

• Strengthen International Cooperation
  Frameworks like the Tallinn Manual 2.0 can form the basis for future treaties. Bilateral and multilateral agreements between countries are essential to ensure accountability and cooperation in tackling grey zone activities.
• Develop Grey Zone Legislation
  India currently relies on the IT Act, 2000, but this law needs expansion to specifically cover grey zone tactics such as election interference, propaganda, and large-scale disinformation campaigns.
• Establish Active Monitoring Systems
  India must create robust early detection systems to identify grey zone operations in cyberspace. Agencies can coordinate with social media platforms like Instagram, Facebook, X (Twitter), and YouTube, which are often exploited for propaganda and disinformation, to improve monitoring frameworks.
• Dedicated Theatre Commands for Cyber Operations
  Along with the existing Defence Cyber Agency, India should consider specialised theatre commands for grey zone and cyber warfare. This would optimise resources, enhance coordination, and ensure unified command in dealing with hybrid threats.

Conclusion

‍

Grey zone warfare in cyberspace is no longer an optional tactic used by threat actors but a routine activity. India lacks the early detection systems, robust infrastructure, and strong cyber laws to counter grey-zone warfare. To counter this, India needs sharper attribution tools for early detection and must actively push for stronger international rules in this global landscape. More importantly, instead of merely blaming without clear plans, India should focus on preparing for solid retaliation strategies. By doing so, India can also learn to use cyberspace strategically to achieve politico-military aims without firing a single shot.

References

‍

• Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations (Michael N. Schmitt)
• UN Document on International Law in Cyberspace (UN Digital Library)
• NATO Cyber Defence Policy
• Texas Law Review: State Responsibility and Attribution of Cyber Intrusions
• Deccan Herald: Defence Minister on Grey Zone Warfare
• VisionIAS: Grey Zone Warfare
• Sachin Tiwari, The Reality of Cyber Operations in the Grey Zone

‍