Deepfakes are images or videos generated using machine learning models, usually generative adversarial networks. What differentiates them from regular artificial media is that they’re used to replace or impersonate someone.
In this post, we’re going to talk about the benefits and harms of deepfakes, what to do about them, and what their existence means for us and the media.
Why you should care
Deepfakes have been used for some cool things. In one of Kendrick Lamar’s latest music videos they morph him into different people. They de-aged actors in Martin Scorsese’s the Irishman. And there’s the amazing TikTok account with fake Tom Cruise just doing different things. I’m not sure about that but it looks to me that they might have de-aged Eleven in the latest season of Stranger Things too.
I encourage you to check out some of these. They’re impressive.
On the other hand, they’ve been used for pretty worrisome things. Recently, several European leaders participated in a video call with fake Vitali Klitschko. They discussed some things related to the war in Ukraine. Apparently, none of them had any clue. The mediocre quality of video calls and its junky audio made the spectacle easier. But it goes to show that current lack of perceived threat in a video call can be dangerous.
What’s more, the porn industry has already started to embrace them. Whatever your opinion on pornography or sex work is, in many countries it’s legal, and people give informed consent to participate. However, it becomes troublesome not only when they don’t but also, when their image is used to slander them. As it is the case with revenge porn.
Say hello to deepfakes, the best way of putting someone’s face into an existing nude photo or video. Unfortunately, there’re many cases of such harassment already (read more here or here). To my knowledge, Virginia is the only state that explicitly includes deepfakes under their revenge porn law.
Now that we established that deepfakes can be used to cause harm, let’s discuss what can be done to prevent them. There’re two ways to go about it: detection and provenance.
Detection
Detection works… sort of. Yes, we come up with new methods that can spot algorithmic artifacts in generated images. We can compare it to natural images, et voilà, we have a deepfake detector.
But then we can use these detection algorithms to create better ways of crafting deepfakes. As usual in security research, new defenses lead to better attacks, which lead to better defenses, and so on. It ends up being a whack-a-mole game between attackers and defenders.
Even though it may seem like a Looney Tunes show, it’s a good thing. We are guaranteed improvement until we reach some sophisticated stalemate.
However, if we speed up the whole process a couple of years, maybe decades, we arrive at the situation where deepfakes are indistinguishable from benign, legitimate photos. As a result, detection would not be effective anymore.
Provenance
In computer science, when we talk about provenance, we usually mean a kind of verifiable history or a series of steps/actions that happen to an entity. For example, all transformations that we apply to a chunk of data in our workflow, or all intermediate steps that occur when deploying a resource such as a virtual machine in the cloud.
Instead of detecting deepfakes, we’d like to have a provenance system that captures everything that happens to a video/photo from the moment it’s recorded, to the moment it’s consumed on a device.
In more detail, we want to:
- confirm that some media was taken with a given device.
- verify any edits that it undergoes.
- validate its integrity when uploaded onto a website or a social media platform.
- once again validate its integrity but once displayed on a phone/computer/TV.
Ideally, we’d have a cryptographic signature system for each of these steps. Perhaps chained in some way but I don’t know if it’s relevant or even possible because I’m not that well-versed in crypto.
As it turns out there are several coops that try to do this. Project Origin which was founded by Microsoft and BBC, Content Authenticity Initiative announced by Adobe with Twitter and NY Times, and lastly Coalition for Content Provenance Authenticity which is a coalition for standard development.
They all try to standardise ways to trace and validate the originality of various media. They design standards, author white-papers, and write software libraries.
Unfortunately, such provenance is not without any flaws. Some people, rightfully, argue that it can be used by oppressive governments to trace people that upload e.g. incidents of police brutality, or crimes committed by high rank officials.
Moving forward
A random video of a prime minister warning about an incoming nuclear strike can spread quickly, and cause panic. All your acquaintances will see that vengeful deepfake lewd of you shared around by your ex or a jealous stalker, and taint your reputation. It doesn’t matter that both are fake and will be marked as fake 20 minutes later.
We have collectively learnt not to trust images. We understand that photos can be edited to look better or portray things that didn’t happen; be it by professional editors, or social media filters. We know that a plane crash in a movie is just special effects (unless you’re Christopher Nolan).
Detection may be possible for the time being, while provenance systems that validate the integrity may or may not be an alternative. However, now’s the time to realise that deepfakes exist and can be used to deceive us.
I think it’s one of these generational phenomena that younger people will know to distrust. Sort of like our parents and grandparents believing TV, ads, or photos. It isn’t all doom and gloom though. I look forward to new-wave art and performances enabled by the advances in deepfakes, and generative media as a whole.
If you want to read more, this paper is a good starting point.