Combating Deepfakes: Does It More Than Just a Matter of Willpower
The internet is today’s primary medium for searching, reading, discovering, learning, and exploring topics from diverse sources worldwide, contributing significantly to human progress (excluding the dark web and government censorship in certain countries).
You can browse news websites, read business analyses, watch the latest footage, view pictures from around the globe, and listen to political speeches.
You read, listen, watch, and consequently, you trust what you experience!
The Downside of AI
However, LLMs, generative AI, and recent AI breakthroughs have completely redefined content generation. This began with text, but images, videos, and audio (essentially all media) quickly followed suit.
Today, it’s increasingly difficult to distinguish AI-generated images from real ones. The photorealism of the latest Imagen3 of Google is outstanding!
Recent demonstrations of real-time dubbing and video generation cast doubt on media value and authenticity.
Large companies like Google and Microsoft are aware of the potential negative impacts and misuse of such technology. That’s why they do not open widely these solutions broadly, only to selected and controlled customers to prevent any leakage.
However it’s only a matter of time before similar solutions appear in open-source platforms or on the dark web.
On the other hand, large companies that index global information, Google and Microsoft (yes, them again!), invest significant effort in detecting and removing deepfakes in images, videos, and text. This requires substantial effort, and the outcome is uncertain, relying solely on the quality of these companies’ algorithms.
Restoring Trust in Media
News significantly influences public opinion.
- What could happen if the truth is manipulated?
- If a politician’s speech is altered to declare war?
We need a way to make media trustworthy!
Google DeepMind has released SynthID, a new technology for watermarking AI-generated content. This ensures that all content created by Google AI solutions is clearly authenticated, promoting responsible use. While commendable, this solution is limited in its effectiveness.
It’s unrealistic to expect all malicious actors to use Google technology to generate content!
The solution cannot originate from a single (or a few) tech companies.
The initiative must come from media producers (news companies, agencies, etc.) with tech companies support.
Drawing Inspiration from Existing Concepts
Today, browsing the internet is generally considered safe. You trust it enough to shop on e-commerce websites and enter your credit card information.
You can check your bank account and make transfers anytime, anywhere.
Why do you trust the internet for these critical and sensitive operations?
SSL (originally) or TLS (today) encrypts communication between your browser and the remote web server, ensuring confidentiality and preventing data leaks.
This technology doesn’t operate in isolation; it requires several parties for its effectiveness:
- Certificate authorities verify companies’ existence and reliability, then issue TLS certificates (private keys) to them. These certificates expire after a few months or years.
- Companies configure their websites with TLS certificates, permitting only secure (encrypted) communication.
- Browsers adhere to the latest TLS specifications and establish secure connections with remote websites.
That’s for the happy path part. But there’s more.
- Certificate authorities also provide a web service listing revoked certificates.
- Browsers, in addition to checking website TLS certificate validity (expiration date), also verify if it was issued by a trusted Certificate Authority and if the company’s certificate hasn’t been revoked.
- A community of researchers, scientists, and standardization committees, potentially a non-profit organization like the W3C, is responsible for improving, deprecating, and editing rules, best practices, and specifications for the TLS protocol
In summary, we have four key players:
- A trusted third party (the Certificate Authority)
- Companies that implement this security mechanism
- Browser developers who comply with the latest security specifications and block/alert users in case of issues
- A research and standardization community, possibly a non-profit organization, that defines the rules for all participants.
The future of media security
The current TLS security model could be adapted to enable companies to offer trustworthy media. Instead of encrypting communication for security, the concept involves signing media to ensure authenticity.
The challenge in signing media lies in embedding the signature within the media itself, rather than as metadata. The technology for this already exists, adding information directly into media itself (pixels, sound wave,…).
Note: Text watermarking is difficult due to its ease of modification; this discussion focuses on binary media (images, audio, and video).
Now, we need our four key players, all are required:
- A trusted “Watermark Authority” with tools to watermark media or issue certificate-like keys for watermarking tools.
To check to whom the certificates are delivered - Media companies that sign their content using third-party watermarking tools.
To broadcast trustable content - Updated browsers that validate media signatures against the “Watermark Authority” and display warnings if issues arise.
To broadly deploy to end-users the feature - A new consortium dedicated to this emerging technology.
To make the technology accessible, scalable and sustainable
Challenges and limitations
While invisible watermarking technology exists, it’s not as simple as TLS security.
In TLS security, the current communication is secured. It lasts only seconds, or minutes, never more. Any new connections create a new handshake process that validates the certificate validity at the current time. It’s ephemeral.
However, signatures are proof of authenticity that must last for days, years, even centuries! Checking all media against different watermarking solutions and generations is challenging for a browser and for the “Watermarking Authority” which has to maintain signature certificates for a long time.
On the other hand, it’s not feasible to ask news companies (and others) to continually re-watermark their media; it would be expensive and impractical!
Beyond companies, individuals would also like access to the same level of technology to protect their work and copyright. The technology must be accessible (technically and financially) and scalable to billions of users and trillions of devices (smartphones, cameras, audio/video recorders, etc.).
Therefore, the solution should come from a new consortium that will work with all stakeholders, scientists, and researchers to develop a robust and scalable protocol for ensuring media trust on the Internet.
The need to move on
Making the Internet’s content safer and more trustworthy is a necessity for all of us. The Internet won’t be able to survive for long without a solution to reinforce users’ trust.
As shown in this article, the ideas and principles are already here; the technical implementation must be sustainable and scalable.
As of now, I do not know any initiative or consortium to lead such specification and implementation.
So now, all the brilliant minds out there must take action and help the world by delivering the solution we are all waiting for!
And so, in the end, it’s a matter of will!