I’ve been thinking a lot about deepfakes lately. That’s probably because it was one of the main topics I spoke about last week at CoinDesk’s Consensus conference. In a session called From Taylor Swift to the 2024 Election: Deepfakes vs. Truth, I explored why the deepfake problem is so vexing in today’s media environment, dissecting the issue alongside many of the people working on it.
The reason there is no easy way to deal with the problem is because it’s really multiple problems, each with its own variables and solutions. But we shouldn’t shy away from the complexity of the deepfake issue, since broad-spectrum remedies can have secondary effects that may be just as bad.
More on that in a minute, but first I’d like to spend a second introducing you to some of our hand-picked affiliate partners. They’re all great services, and we encourage supporting them if you have a need (we may earn a commission if you click on one of our links).
Incogni is a personal data removal service that scrubs your personal information from the web. Get 55% off with the code COPILOT.
Frase.io is a purpose-built AI writer that crafts SEO-focused articles, with detailed guidance on keywords and how to rank higher than competitors
Surfshark is a budget-friendly VPN with all the perks, highly ranked by PCMag and TechRadar. Use our link to save 86%, plus get 3 months free.
Deepfakes — images or audio that are simulations of a real person, usually a celebrity or politician, or a news event — have been part of our information ecosystem for years. The term officially became part of our online vocabulary in the late 2010s as face-swapping software started popping up in various apps like Snapchat.
Most early deepfakes were crude and fairly easy to spot. To create convincing deepfakes required quite a bit of effort and specialized knowledge. With generative AI, however, that’s no longer the case: pretty much anyone can create synthetic images of real people from a text prompt.
I’ll stop here to clarify: this isn’t necessarily always a bad thing. Certainly, where the subject has consented, it’s incredibly useful to be able to create simulations of a person’s image or voice. And even outside of that consent bubble, free expression (many deepfakes are satirical in nature) needs to be protected.
Of course, there are no end to examples of deepfakery used for nefarious purposes. From the Biden robocalls to the fake attack on the Pentagon to the violative images of Taylor Swift that were widely distributed online earlier this year, there are a litany of incidents that, taken together, cry out for some kind of solution.
Generally, we want an information ecosystem that discourages and disincentivizes bad information and violative acts. At the same time, it should protect the right of free expression and allow the sharing of imagery that entertains or satirizes subjects. But since the boundaries between those things often aren’t the same for everyone, we need a way of dealing with the deepfake issue that provides the right tools for participants in the system to make their own judgments.
The Two Types of Harmful Deepfakes
With regard to deepfakes that are harmful, almost all of them fall into one of two buckets:
Deepfakes intended to mislead. If you think about the Biden robocalls, or the recent spate of social media ads with cloned celebrity voices (lip-synced to footage), these incidents are explicitly meant to fool people.
Deepfakes that violate a person’s image. The biggest problem in this category is nonconsensual pornography, where the likeness of someone (almost always a woman) is deepfaked into content of a sexual nature. The damage of these images isn’t that they’re misleading, but violative.
Both types of harmful deepfake are a problem, but each requires different solutions. Misleading deepfakes can often be interpreted as a form of free expression (think: the Hillary Clinton video that showed her endorsing Ron DeSantis but ended with her saying, “Hail Hydra”), so solutions tend to focus on filtering deliberately misleading images and debunking.
But the free-expression argument is less persuasive with violative deepfakes. Solutions to this problem, which is becoming rampant, concentrate on preventing the creation and distribution of the images, since once they’re online, the damage is done.
This is the start of a framework for thinking through solutions to deepfakes. To figure out what to do and where to apply the remedy, it’s helpful to think about solutions in layers — ones that we can apply at different stages in the life of a deepfake:
Creation: This involves preventing the creation of a deepfake at the source. This generally requires censorship built into the software and even AI models themselves. However, attacking deepfakes at this layer will also affect legitimate use cases as well. Although not about deepfakes per se, the tinkering that Google did with Gemini’s image creator (creating Asian Nazis et al.) is a goo example of what happens when you get this balance wrong.
Filtering: Once a deepfake gets out in the wild, it’s imperative that distribution platforms are equipped to filter out ones that may be harmful or misleading. The big variable, of course, is the quality of the filter: not enough and problematic images will seep through; too much and you risk quashing legitimate expression. And for violative deepfakes, filtering won’t prevent the damage they can cause, but it can help mitigate it.
Debunk: Once a deepfake is widely circulated, humans will inevitably debunk it, which tends to happen relatively quickly. However, it still happens at the speed of humans, and in the case of market- or reputation-damaging misinformation, that’s often not fast enough.
In our current ecosystem, we tend to rely on the debunking layer to weed out deepfakes much more than the other layers, although that’s changing. And in the case of violative deepfakes, it’s very much fixing the barn door after the horse has left town.
The Road to a New Standard
To improve things at the creation and filtering layers, we need new standards. Luckily, that’s being worked on. This is what the entire topic of content provenance is about, and there’s been progress, with the Adobe-backed Content Authenticity Initiative industry group leading the charge.
One of the standards to come out of that group is the C2PA spec, which would embed a complete record of an image’s existence within its metadata. Not only would that metadata identify whether or not an image was AI-generated or -modified, it would also reveal any relevant modification to the image to anyone viewing it, just by clicking on a informational icon next the image.
I’ve written about “invisible QR codes” attached to images before, and I explored the topic of content authenticity with the CEO of Livepeer, a company that builds video infrastructure, last week. The point being there are many people working towards a system to identify and and interpret image metadata, and if it can reach widespread adoption, we can start to design better filters against harmful deepfakes.
That’s a big if, though. The fact is, for such a system to work it would need to be comprehensive. In other words, it would need to be applied at every stage in the ecosystem, including
Cameras and image generators
Editing software
Content providers (especially the media)
Distribution platforms
The infrastructure underlying it all
History suggests getting all the relevant parties in all of those areas to swim in the same direction will be next to impossible, but looking at the CAI’s membership list is encouraging.
The Real Solution: Changing Incentives
Even if that happens, though, there are still three other major challenges to overcome for our collective deepfake response to be effective.
First, there’s education. Once there’s a standard, it needs to spread to everyone in the chain. You’ll also need a vocabulary that takes into account the nuance within content metadata, so there’s a common understanding of what’s normal editing, and what’s fakery. Often it’s simple context: My friend Ricky Sutton creates images of tech CEOs doing weird things for his Substack all the time, but they’re clearly satire.
Organizations can do their part here by having clear guidelines on the use of generative imagery in content. Even absent a technical standard, there can be increased scrutiny on imagery that appears to “break news” with its content.
Second is the legislative and regulatory side of things. There are several bills and regulatory measures making their way through the halls of government. Finding the right balance between free expression and enforcing penalties for harmful content will likely take quite some time, but for violative deepfakes in particular, this will likely be a key part of any comprehensive solution.
The most effective way to deal with deepfakes, however, would be to change the incentives surrounding their use. And by that I mean financial incentives. To discourage harmful content, you would need to make it undesirable to put deepfakery into the system in the first place.
In the media ecosystem, the advertising side of things is often more technically advanced, and it could help lead the way. Thinking back the glut of ads on social networks with deepfaked celebrity voices: Imagine if there was a technical standard for content authenticity in place, and all of the ad networks had required any creative material to adhere to that standard. The problem would get solved overnight.
The Challenge Ahead
It’s a nice thought, but returning to the reality of the present, it feels like a long way off. With an election on the horizon and AI-powered tools getting more sophisticated by the day, the need for a more comprehensive system against deepfakes feels more urgent than ever.
Absent a technical standard backed by thoughtful processes, the world will fall back on a different standard: the Liar’s Dividend — a world where everyone casts doubt on information — good or bad — by declaring it “AI.” People are already doing that, of course, but it’s a huge problem when you can’t easily verify something to instantly retort those claims.
The sudden deluge of deepfakes is one of the biggest challenges to our media ecosystem. Rising to that challenge will take coordination and hard work on a massive scale, but it’s essential that we face that challenge. There will always be bad information in the world, but with new standards and a smarter system, we’ll at least have something to point at when we don’t know what to believe.
Leave a Reply