Growth of government ‘TrustOps’ predicted in fight against deepfakes and disinformation
Forty percent of government organisations will establish dedicated ‘TrustOps’ functions by 2028 in an effort to combat deepfakes and disinformation, according to Gartner.
The analyst firm defines TrustOps as “a holistic, enterprise-wide approach to managing trust through operational policies, technology and cross-functional teams”.
Highlighting disinformation threats such as impersonation of leaders, attempts to compromise biometric authentication, and social engineering, Gartner calls on government organisations to establish stronger trust capabilities and move “from reactive fact-checking to a proactive trust architecture”.
“Deepfakes can undermine or even weaponise notions of digital identity, attacking the credibility of the state itself,” said Daniel Nieto, senior director analyst at Gartner. “If citizens cannot distinguish a legitimate prime minister’s announcement or a secure tax agency portal from a replica, the foundational architecture of truth collapses.”
Despite the specific risks they face, Gartner predicts that government adoption will lag the private sector, with half of enterprises expected to have invested in TrustOps by 2027.
“The deepfake phenomenon threatens to induce digital regression, reversing the ROI of digital transformation by forcing a retreat to high-friction, paper-and-in-person interactions,” said Nieto.
Read more: On the defensive: strengthening government cybersecurity in a changing landscape
Building TrustOps
To build TrustOps in practice, Gartner advises specific actions, including establishing a ‘trust council’ in consultation with stakeholders in IT, legal, communications and HR to “manage the digital identity issues and manage inward/outward disinformation activity”.
It also calls on governments to “harden business processes” by auditing high-risk administrative workflows, such as financial disbursements, and implementing security measures that require multiple approvers and application-level authentication to eliminate single-point-of-failure vulnerabilities that could be exploited by voice cloning. Formal data and security governance strategies and programmes should focus on these high-risk workflows, it says, then subsequently expand to others as necessary.
A further step Gartner identifies is developing “deepfake verification procedures” that use technology to assess suspicious digital interactions and identify content that may have been synthetically generated by AI.
“Long-term, government organisations can consider implementing solutions such as the C2PA protocol,” said Nieto. The C2PA (Coalition for Content Provenance and Authenticity) is an open technical standard designed to certify the origin, history and edits of digital content.
He added: “They should mandate outbound content grounding by adopting the C2PA protocol, embedding tamper-proof cryptographic metadata into all official digital media. They can also market the use of content provenance to constituents and stakeholders to assert trust.”
Read more: Governments take action against Grok AI tool over sexualised images
Area of government concern
Concerns about the impact of AI-generated disinformation are already shaping policy actions and discussions.
Earlier this year, the UK government announced plans to develop and implement a framework to detect “harmful and deceptive” deepfake content in collaboration with tech firms, academics and experts, in what it claimed was a world first.
In April, London mayor Sadiq Khan warned that London is facing a “dark blizzard of disinformation” online, accusing social media companies of allowing organised networks to profit from a “division dividend”.
Research by the Greater London Authority City Intelligence Unit found that London is increasingly the target of online narratives portraying the city as unsafe or in decline, and that topics such as knife crime, violence against women and girls, migration and policing are frequently incorporated into this framing.
Using large-scale analysis of anonymised data across online platforms, it found that between March 2024 and March 2026, ‘London in decline’ narratives increased by around 150–200%, and migration-related narratives referencing London increased by over 350%.
“There are clear signs of coordinated and inauthentic activity,” the analysis said. “These include high volume, repetitive posting and the use of AI-generated content to produce and amplify misleading, emotive or unverified claims.”
It added that: “A range of platforms and actors appear to be involved, both within the UK and internationally. This includes extreme right-wing groups in the UK, as well as accounts aligned with Russian or Chinese state interests and US-related political movements.”
Khan has called for social media companies to be more open and transparent with their data so disinformation can be challenged.
Read more: Lessons from Canadian cyber-defence
About Sarah Wray
Sarah has over 15 years’ experience as a journalist with a specialism in the public sector and topics such as digitalisation and climate action. Sarah was formerly the editor of Cities Today and Smart Cities World, as well as a specialist video-based publication in the aerospace sector. She has also written for publications including Smart Cities Dive, Mobile Europe, Mobile World Live and Computer Weekly.
