‘Time is running out’: can a future of undetectable deepfakes be avoided?
With more than 4,000 shares, 20,000 comments, and 100,000 reactions on Facebook, the photo of the elderly woman, sitting behind her homemade 122nd birthday cake, has unquestionably gone viral. “I started decorating cakes from five years old,” the caption reads, “and I can’t wait to grow my baking journey.”
The picture is also unquestionably fake. If the curious candles – one seems to float in the air, attached to nothing – or the weird amorphous blobs on the cake in the foreground didn’t give it away, then the fact the celebrant would be the oldest person in the world by almost five years should.
Thankfully, the stakes for viral supercentenarian cake decorators are low. Which is good, since as generative AI becomes better and better, the days of looking for tell-tale signs to spot a fake are nearly over. And that’s created a race against time: can we work out other ways to spot fakes, before the fakes become indistinguishable from reality?
“We’re running out of time of still being able to do manual detection,” said Mike Speirs, of AI consultancy Faculty, where he leads the company’s work on counter-disinformation. “The models are developing at a speed and pace that is, well, incredible from a technical point of view, and quite alarming.
“There are all kinds of manual techniques to spot fake images, from misspelled words, to incongruously smooth or wrinkly skin. Hands are a classic one, and then eyes are also quite a good tell. But even today, it is time-consuming: It’s not something you can truly scale up. And time is running out – the models are getting better and better.”
Since 2021, OpenAI’s image generator, Dall-E, has released three versions, each radically more capable than the previous. Indie competitor Midjourney has released six in the same period, while the free and open source Stable Diffusion model has hit its third version, and Google’s Gemini has joined the fracas. As the technology has become more powerful, it’s also become easier to use. The latest version of Dall-E is built into ChatGPT and Bing, while Google is offering its own tools for free to users.
Tech companies have started to react to the oncoming flood of generated media. The Coalition for Content Provenance and Authenticity, which includes among its membership the BBC, Google, Microsoft and Sony, has produced standards for watermarking and labelling, and in February OpenAI announced it would adopt them for DallE 3. Now, images generated by the tool have a visible label and machinereadable watermark. At the distribution end, Meta has started adding its own labels to AI-generated content and says it will remove posts that aren’t labelled.
Those policies might help tackle some of the most viral forms of misinformation, like in-jokes or satire that spreads outside its original context. But they can also create a false sense of security, says Spiers. “If the public get used to seeing AI-generated images with a watermark on it, does that mean they implicitly trust any without watermarking?”
That’s a problem, since labelling is by no means universal – nor is it likely to be. Big companies like OpenAI might agree to label their creations, but star