Malaysia Removes Over 11,600 Deepfake Videos as AI Misuse Complaints Skyrocket

The Malaysian government has removed over 11,600 instances of deepfake content from social media platforms since 2024, signalling an intensifying crackdown on artificial intelligence misuse across the country's digital ecosystem. Deputy Communications Minister Teo Nie Ching disclosed the figure during parliamentary proceedings, outlining the extent of the enforcement action undertaken by the Malaysian Communications and Multimedia Authority (MCMC) following formal takedown requests submitted to major platform operators.

The velocity of complaints lodged regarding deepfake material has accelerated dramatically over the past eighteen months, revealing a concerning trend in how malicious actors are exploiting generative AI technology. Beginning with 917 reported cases in 2024, the volume surged to 3,612 by 2025, and has continued its upward trajectory to reach 7,967 complaints as of mid-June this year. This eightfold expansion in reported incidents underscores the growing sophistication of those deploying AI-generated content for fraudulent, defamatory, or destabilising purposes within Malaysian society.

To address this escalating challenge, the government has implemented a regulatory framework centred on the Risk Mitigation Code (RMC) embedded within the newly enacted Online Safety Act 2025. This legislative instrument compels all licensed social media platforms operating in Malaysia to establish and maintain comprehensive risk mitigation protocols specifically designed to combat AI-generated content that poses threats to public safety, individual privacy, and electoral integrity. The framework represents a significant shift towards holding technology companies directly accountable for the quality of content moderation on their networks.

Teo elaborated on the government's monitoring approach during parliamentary question time, explaining that the MCMC has undertaken systematic engagement with licensed platform operators to evaluate their compliance with these newly mandated obligations. Rather than adopting a purely punitive stance, the ministry has adopted a collaborative model that combines assessment, guidance, and verification of platform commitments to implement adequate safeguards. This bilateral engagement strategy aims to ensure that tech companies understand the regulatory expectations and possess the technical capacity to meet them effectively.

Beyond merely identifying and removing problematic content, the MCMC has positioned itself as a critical technical resource for Malaysia's law enforcement community. The authority provides valuable assistance to investigating agencies by supplying profiling information, conducting sophisticated digital forensic analysis, and enabling the tracing of content origins. Additionally, the MCMC maintains proactive surveillance systems that continuously scan social media environments for newly emerging AI-generated content, allowing for swift intervention before such material gains widespread circulation or causes irreversible reputational damage.

The government's response extends beyond deepfakes to encompass the broader ecosystem of digital fraud. Licensed platforms are now required to implement robust advertiser verification protocols, drawing upon official channels such as the Companies Commission of Malaysia to confirm the legitimacy of accounts seeking to place paid content. This verification mechanism aims to prevent fraudulent entities from exploiting advertising networks to distribute scam-related material, a practice that has victimised numerous Malaysian consumers and eroded confidence in digital commerce.

The enforcement teeth embedded within the regulatory structure provide substantial deterrence against non-compliance. Platforms that breach their obligations under the Risk Mitigation Code face the prospect of court prosecution, with convicted operators liable to penalties reaching RM1 million in fines, supplemented by additional financial sanctions of up to RM10 million. These graduated penalty structures reflect parliamentary recognition that technology companies possess the financial resources and technical capabilities to implement stringent content controls, and should therefore bear meaningful consequences for inadequate performance.

The context surrounding this regulatory tightening reflects Malaysia's broader positioning within a global landscape where generative AI has created new vulnerabilities in information integrity and democratic processes. Unlike some other nations that have taken predominantly litigation-based or self-regulatory approaches, Malaysia has opted for a codified statutory framework that establishes clear expectations and creates enforcement mechanisms. This approach aligns with the country's regulatory philosophy in telecommunications and media governance, where the MCMC functions as both industry interlocutor and enforcement authority.

For Malaysian businesses and citizens, the implications are multifaceted. Organisations face increased pressure to implement internal verification and authentication systems, recognising that platform-level controls may not provide complete protection against deepfake-based impersonation or fraud targeting their stakeholders. Simultaneously, individuals should remain vigilant regarding the authenticity of video content, audio recordings, and visual materials encountered on social media, particularly those claiming to depict public figures or making extraordinary claims.

The deployment of technical forensic capacity by the MCMC represents a comparative advantage for Malaysian law enforcement, placing the country among jurisdictions with sophisticated capabilities for tracing digital deception back to its sources. This technical infrastructure becomes increasingly valuable as deepfake creation tools proliferate and become more accessible to amateur operators, enabling authorities to distinguish between state-sponsored information warfare and opportunistic fraud.

Sector observers note that the regulatory framework remains a work in progress, with questions persisting regarding whether platform compliance mechanisms will prove adequate to address the exponential growth in AI-generation capabilities. The 2025 legislative amendments represent the government's first comprehensive intervention in this domain, but may require refinement as threat actors develop countermeasures and as technology companies report on their implementation experiences.

The parliamentary discourse also underscores that deepfakes constitute merely one manifestation of AI misuse within Malaysia's digital environment. Fraud-related synthetic content, election-period information manipulation, and non-consensual intimate imagery generated through AI technology remain persistent challenges. The government's articulated strategy of combining verification requirements, enforcement action, and technical assistance suggests recognition that combating AI misuse demands multi-layered intervention rather than singular regulatory mechanisms.