TOP OF MIND

Welcome to 500 Words.

How do you know what is real on the internet?

Mike Isaac reports in The New York Times that Instagram is testing a program to create chatbots for top influencers. It might not matter how believable the Snoop Dogg chatbot is, because the thrill of interacting, even with a proxy, will be good enough.

Identity is a flexible concept online. If you’re not afraid of vertigo, click on the link below to watch the Mona Lisa perform rap. (Apologies if you click; you might need to hyperventilate for a while afterward.) For now, it’s a stunt to have a 500-year-old painting bang out some verses. As a viewer, you’re in on the joke. But what if you’re not?

Microsoft’s VASA-1 software needs just one still image of a person to create a video of that person speaking a script. (The link below has some examples.) The video is convincing for ten seconds or so. But just wait. Just as Amazon is being flooded with AI-written books, and Reddit swarms with AI-generated users, YouTube will be flooded with Deepfake YouTube Shorts. You might sign up for video sessions with a life coach and not be sure the person is really there. It might not matter to you–a synthetic life could work at a discounted hourly rate that a human life coach couldn’t offer.

In matters of financial fraud, you will feel differently. Is that really your financial advisor you’re on Zoom with? The swift progress of AI means that we’re going to need to know the provenance of everything we click on, look at, or listen to online. Just as a bank check has a watermark (paper money also), we will need to watermark the web.

FAKE OUT LOL

I asked Eric Wengrowski, Founder and CEO of Steg.AI, to answer some questions about embedding digital credentials online to help us tell the difference between real media and a deepfake. Our conversation is about visual deepfakes; I’ll have more about audio deepfakes in a later newsletter.

Eric and I corresponded through his comms team via email.

Q: Is watermarking the best way online to help us determine whether an image or video is a deepfake? 

A: Absolutely. Watermarking, particularly forensic watermarking, is a highly effective method in determining the authenticity of digital content, including potential deepfakes. This technique embeds a digital credential into media files which can withstand various alterations and manipulation, making for an invaluable tool for verifying the integrity and origin of the content.

Q: Would other methods of provenance disclosure have more impact? How and why?

A: I’ve been researching media forensics technology for the past 10 years through my PhD, postdoc, and involvement with various companies and U.S. government grants. Based on my experience, watermarking stands out as the most effective method for ensuring the provenance of digital content in the face of challenges such as deepfakes due to its ability to verify authenticity, ensure traceability, maintain robustness against manipulation, and provide legal protection without compromising the quality of the content. Key to Steg’s mission is combining our watermarking technology with other powerful technologies such as C2PA, an open-source standard for content credentials.

Q: What reliable watermarking systems are in place to help distinguish real from synthetic media? 

A: Steg.AI has developed state-of-the-art forensic watermarking technology for digital provenance, which embeds credentials directly into the pixels of digital content. Our approach of adopting a “default: untrusted” model, where digital media is assumed unverified without a detectable credential. Until now, the conventional wisdom was to assume that all digital media was authentic and trustworthy until presented with evidence to the contrary, such as an obvious artifact from editing. Deepfakes technology represents a paradigm shift where seeing is no longer believing– it’s no longer safe to trust digital content because it “looks real.” Steg’s model shifts from assuming authenticity to requiring explicit verification.

We’re not making a judgment call about the underlying content– many ‘deepfakes’ are benevolent, just as many ‘organic’ photos are misleading. Steg adds a new layer of credentials about the provenance or origin of digital content.

Q: Should watermarking be left to corporations or content creators? Or should the government get involved?

A: The purpose of watermarking is ultimately to convey truth, and defending the truth is a shared responsibility. Content creators are on the front lines here, and so they need the tools to defend their truth. Distribution platforms, like social media, serve as the interface between creators and users, and so there is a responsibility here to provide security tools and educate users about safe practices.

The key for any successful software solution is to make the process seamless for users, without requiring complex extra steps for users to realize the benefits. Steg is currently working with several international governments to deliver technology tools for trustworthy and truthful communication to better serve their populations.

Due to the pace at which the technology is evolving, it’s unwise for regulators to mandate specific watermarking technologies. But the U.S. government is really good at supporting the development of new research technologies. For instance, the National Science Foundation (NSF), a U.S. government entity, has invested in the research and development of AI safety tools, including Steg.AI’s forensic watermarking algorithms through SBIR grants. Regulators are most effective when enforcing limits on bad behaviors, not technologies themselves.

Q: Who will try to stop online watermarking efforts and why? 

A: As with other cybersecurity threats, there are bad actors working hard to promote fraud. Entities that benefit from the lack of transparency and accountability in digital media, such as those involved in spreading political misinformation or engaging in identity theft campaigns, are resisting watermarking efforts for enhanced cybersecurity. These threat actors thrive in an environment where the origins and authenticity of digital content are difficult to trace, and watermarking directly challenges this by enhancing transparency. 

One of Steg’s core missions is to enhance security while preserving privacy. Through our collaborations with industry groups, universities, and C2PA, we continue to educate ourselves about best practices for privacy preservation. Steg’s watermarks are not built for surveillance nor to infringe upon individual rights. Central to the challenges of building cybersecurity tools is a careful respect for both integrity and privacy, a core tenet of Steg.AI’s product philosophy.

Many thanks to Meagan Reid for facilitating this conversation.

REFERENCES

Ready for a Chatbot Version of Your Favorite Instagram Influencers?

Microsoft VASA-1

Mona Lisa rapping on X/Twitter

AI-Generated Books Flooding Amazon

Reddit slowly being taken over by AI-generated users

The AI-generated Garbage Apocalypse may be happening quicker than many expect