Realistic Fake Videos Threaten Democracy

Uploaded on 2018-11-02 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Disinformation and distrust online are set to take a turn for the worse. Rapid advances in deep-learning algorithms to synthesize video and audio content have made possible the production of “deep fakes”, highly realistic and difficult-to-detect depictions of real people doing or saying things they never said or did. 

As this technology spreads, the ability to produce bogus yet credible video and audio content will come within the reach of an ever-larger array of governments, non-state actors, and individuals. As a result, the ability to advance lies using hyper-realistic, fake evidence is poised for a great leap forward.

The array of potential harms that deep fakes could entail is stunning. A well-timed and thoughtfully scripted deep fake or series of deep fakes could tip an election, spark violence in a city primed for civil unrest, bolster insurgent narratives about an enemy’s supposed atrocities, or exacerbate political divisions in a society. 

The opportunities for the sabotage of rivals are legion, for example, sinking a trade deal by slipping to a foreign leader a deep fake purporting to reveal the insulting true beliefs or intentions of US officials.

The prospect of a comprehensive technical solution is limited for the time being, as are the options for legal or regulatory responses to deep fakes. A combination of technical, legislative, and personal solutions could help stem the problem.

Background: What Makes Deep Fakes Different?

The creation of false video and audio content is not new. Those with resources, like Hollywood studios or government entities, have long been able to make reasonably convincing fakes. The “appearance” of 1970s-vintage Peter Cushing and Carrie Fisher in Rogue One: A Star Wars Story is a recent example.

The looming era of deep fakes will be different, however, because the capacity to create hyper-realistic, difficult-to-debunk fake video and audio content will spread far and wide. Advances in machine learning are driving this change. 

Most notably, academic researchers have developed “generative adversarial networks” (GANs) that pit algorithms against one another to create synthetic data (i.e., the fake) that is nearly identical to its training data (i.e., real audio or video). Similar work is likely taking place in various classified settings, but the technology is developing at least partially in full public view with the involvement of commercial providers. 

Some degree of credible fakery is already within the reach of leading intelligence agencies, but in the coming age of deep fakes, anyone will be able to play the game at a dangerously high level. 

In such an environment, it would take little sophistication and resources to produce havoc. Not long from now, robust tools of this kind and for-hire services to implement them will be cheaply available to anyone.

The information-sharing environment is well suited to the spread of falsehoods. In the United States and many other countries, society already grapples with surging mis-information resulting from the declining influence of quality-controlled mass media and the growing significance of social media as a comparatively unfiltered, many-to-many news source. 

As of August 2017, two-thirds of Americans reported to Pew that they get their news at least in part from social media. This is fertile ground for circulating deep fake content. Indeed, the more salacious, the better.

Foreign Policy Implications

The arrival of deep fakes has frightening implications for foreign affairs and national security. They could be potent instruments of covert action campaigns and other forms of disinformation used in international relations and military operations, with potential for serious damage. 

The information operation against Qatar in 2017, which attributed pro-Iranian views to Qatar’s emir, illustrates how significant fraudulent content can be even without credible audio and video.

For example, a credible deep fake audio file could emerge purporting to be a recording of President Donald J. Trump speaking privately with Russian President Vladimir Putin during their last meeting in Helsinki, with Trump promising Putin that the United States would not defend certain North Atlantic Treaty Organisation (NATO) allies in the event of Russian subversion. 

Other examples could include deep fake videos depicting an Israeli soldier committing an atrocity against a Palestinian child, a European Commission official offering to end agricultural subsidies on the eve of an important trade negotiation, or a Rohingya leader advocating violence against security forces in Myanmar.

Democracy could suffer as well. The circulation of a plausible video clip depicting a candidate uttering despicable things twenty-four hours before an election could control the outcome. 

Short of that, deep fakes would allow for more effective disinformation operations similar to Russia’s efforts against the US presidential election in 2016. As the technology diffuses, a widening circle of non-state actors and individuals would be able to cause similar problems.

The Challenge of Limiting the Harms

There is no silver-bullet solution to this problem, and certainly no option of rolling back the technological progress that makes deep fakes possible. Worse, some of the most plausible responses carry significant costs of their own.

Ideally, this technology-driven problem could be addressed adequately through technological solutions. But though strong detection algorithms are emerging (including GAN-based methods), they are lagging behind the innovation found in the creation of deep fakes. 

Even if an effective detection method emerges, it will struggle to have broad impact unless the major content distribution platforms, including traditional and social media, adopt it as a screening or filtering mechanism. 

The same is true for potential solutions involving digital provenance: video or audio content can be watermarked at its creation, producing immutable metadata that marks location, time, and place and attests that the material was not tampered with. To have a broad effect, digital provenance solutions would need to be built into all the devices people use to create content, and traditional and social media would need to incorporate those solutions into their screening and filtering systems. 

However, there is little reason to expect convergence on a common standard for digital provenance, let alone to expect that such technology would be adopted in those ways.

Another option would be for Congress to intervene with regulatory legislation compelling the use of such technology, but that approach would entail a degree of market intervention unlike anything seen previously with respect to these platforms and devices. 

This option would also run the risk of stifling innovation due to the need to pick winners even while technologies and standards continue to evolve.

Legal and regulatory frameworks could play a role in mitigating the problem, but as with most technology-based solutions they will struggle to have broad effect, especially in the case of international relations. Existing laws already address some of the most malicious fakes; a number of criminal and tort statutes forbid the intentional distribution of false, harmful information. 

But these laws have limited reach. It is often challenging or impossible to identify the creator of a harmful deep fake, and they could be located outside the United States. Foreign actors creating deep fakes can be named and shamed, but the ongoing fallout from Russian election interference in 2016 illustrates the limits of that approach.

Another possibility is to pressure traditional and social media platforms to do more to identify and suppress deep fakes, a familiar proposition in today’s ongoing debate about disinformation and social media. 

Companies like Facebook are in a bottleneck position well-suited for preventing the broad distribution of harmful content. Facebook, and some other platforms, have responded to recent congressional pressure by showing serious interest in improving the quality of their filtering systems. Still, past performance suggests the need for a dose of skepticism in relation to such efforts.

Social media platforms have long been insulated from liability for distributing harmful content. Section 230 of the Communications Decency Act of 1996 broadly immunises online service providers in relation to harms caused by user-generated content, with only a few exceptions. 

Congress could give platforms stronger incentives to self-police by limiting that immunity. It could, for example, make Section 230 immunity contingent on whether a company has made reasonable efforts to identify and remove falsified, harmful content either at the upload stage or upon receiving notification about it after it is posted. 

However, such a legislative effort would certainly be met with stiff resistance from companies, as well as those who question whether such screening can be performed without an imposition of political or ideological bias.

Deep fakes do not always require a mass audience to achieve a harmful effect. From a national security and international relations perspective, the most harmful deep fakes might not flow through social media channels. Instead, they could be delivered to target audiences as part of a strategy of reputational sabotage. 

This approach will be particularly appealing for foreign intelligence services hoping to influence decision-making by people without access to cutting-edge detection technology.

Recommendations

The challenges of mitigating the threat of deep fakes are real, but that does not mean the situation is hopeless.

Enhancing current efforts by the National Science Foundation, Defense Advanced Research Projects Agency (DARPA), and Intelligence Advanced Research Projects Agency (IARPA) could spur breakthroughs that lead to scalable and robust detection capacities and digital provenance solutions. 

In the meantime, the current wave of interest in improving the extent to which social media companies seek to prevent or remove fraudulent content has pushed companies to take advantage of available detection technologies, flagging suspect content for further scrutiny, providing clear warnings to users, removing known deep fakes, and sharing such content in an effort to help prevent it from being reposted elsewhere, following a model used to limit the spread of child pornography. 

While by no means a complete solution, all of this would be a useful step 
forward.

The United States should also improve its efforts to combat hostile information operations that target US democracy and social cohesion, whether they feature deep fakes or not. One of the most potent tools available to the US government is its ability to issue targeted economic sanctions. This capacity has been used to a limited extent in response to Russian election interference in 2016. 

The executive branch needs to make clear that it can and will take similar measures anytime a foreign power attempts to distort US electoral processes, and that the reaction will be especially robust if the interference involves fraudulent materials along the lines of a deep fake. 

If the provocation is sufficiently serious, the US government could use cyber means to disrupt a hostile foreign information operation of this kind. In addition to traditional covert action, a series of provisions in the newly enacted John S. McCain National Defense Authorisation Act clarifies that US Cyber Command has the authority to use offensive cyber operations in response to such scenarios.

For some organisations and individuals, the best defense against deep fakes would be to establish highly credible alibis regarding where they have been and what they have been doing or saying. In practical terms, politicians and others with reputations to protect could have an increased interest in life-logging services. 

Such services would help insulate individuals and organizations from sabotage by ensuring they can prove where they were and what they were saying or doing at any given time. Service providers could sell life-logging equipment (such as tiny cameras) and authenticated storage services, similar to body cameras for police officers, and integrate these services with the screening mechanisms employed by major social media platforms, enabling rapid alibi-checking. 

However, this would increase the amount of surveillance in society and further erode notions of privacy, forcing some to choose whether their reputation and security is worth the price of privacy.

Finally, there is the simple option of spreading public awareness of the idea of deep fakes and encouraging skepticism of video and audio “evidence.” 

Yet this approach entails its own risk, the more people doubt their eyes and ears when faced with apparent evidence, the easier it becomes for liars to dispute legitimate proof of their misdeeds, a phenomenon known as the liar’s dividend. 

Those who hope to avoid accountability for legitimate video and audio evidence can exploit that skepticism. The cry of “fake news” will become the shout of “deep-fake news.” 

Problems such as declining receptivity to the idea of objective truth, or truth decay, and a growing tendency toward rejecting unwelcome evidence already exist, and a campaign to raise awareness about the danger of deep fakes would only pour fuel on that fire.

Notwithstanding these challenges, the public should be made aware that deep fakes exist.

Deep fakes are a profoundly serious problem for democratic governments and the world order. 

The United States should begin taking steps, starting with raising awareness of the problem in technical, governmental, and public circles so that policymakers, the tech industry, academics, and individuals become aware of the destruction, manipulation, and exploitation that deep fake creators could inflict.

Defense One:

You Might Also Read:

A Breakthrough In Video Analytics

AI Applied To Video Analytics

« School Training On Child Abuse And Cyber Security
Election Hacking Threatens US Mid-Terms »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Exclusive Networks

Exclusive Networks

Exclusive Networks accelerate market entry and growth for innovative cybersecurity, networking and infrastructure technologies.

Arista Networks

Arista Networks

Arista Networks is an industry leader in data-driven, client to cloud networking for large data center, campus and routing environments.

HireVergence

HireVergence

HireVergence is a full service IT staffing and recruiting firm with a focus on cyber and information security.

Information-Technology Promotion Agency (IPA) - Japan

Information-Technology Promotion Agency (IPA) - Japan

IPA is an implementing agency in Japan with a role to address Information Security, IT Systems Reliability and IT Resource Development.

DomainTools

DomainTools

DomainTools helps security analysts turn threat data into threat intelligence.

Netsafe

Netsafe

Netsafe is an independent, non-profit New Zealand organisation focused on online safety. We help people stay safe online by providing online safety education, advice and support.

Griffeshield

Griffeshield

Griffeshield is a company specialised in new information technologies used to protect Intellectual Property.

CWSI

CWSI

CWSI provide a full suite of enterprise mobility, security and productivity solutions to many of Ireland and the UK’s most respected organisations across a wide range of industry and public sectors.

HALOCK Security Labs

HALOCK Security Labs

HALOCK is an information security consultancy providing both strategic and technical security offerings.

Testhouse Ltd

Testhouse Ltd

Testhouse is a thought leader in the Quality Assurance, software testing and DevOps space. Founded in the year 2000 in London, UK, with a mission to contribute towards a world of high-quality software

Polestar Industrial IT

Polestar Industrial IT

Polestar work on both sides of the IT & OT divide. Network, Data & Asset Security is our priority. Polestar installations are robust and resilient and comply with the appropriate security.

coc00n

coc00n

coc00n secures the devices of high-value and high-interest individuals against cyber attacks.

DART Consulting & Training

DART Consulting & Training

DART is a leading cyber training and consultancy company. We enhance our clients’ cyber capabilities by growing and strengthening their frontline defense – the cyber teams.

Silobreaker

Silobreaker

Silobreaker is a SaaS platform that enables threat intelligence teams to produce high-quality and relevant intelligence at a faster pace.

IS4IT Kritis

IS4IT Kritis

IS4IT is your partner for the successful planning, introduction and implementation of company-specific information security concepts.

Frenos

Frenos

The Frenos Platform helps enterprises understand their most probable attack paths while highlighting the most effective risk mitigations to deter and defend against today’s adversaries.