Forging Authenticity: Experts’ workshop on Deepfake Technology, Risks and Governance
In September, I had the privilege of attending the Swiss Re Centre for Global Governance in Zürich, Switzerland for a two-day conference on deepfakes.
The conference was hosted by the International Risk Governance Center (IRGC), whose objective is to better understand emerging and systemic risks, as well as the governance of opportunities and risks associated with new technologies. Because the conference was subject to the Chatham House Rule and a paper from the event is forthcoming, I can’t go into too much detail. However, I thought it might be nice to set out in broad terms the topics of discussion, and a few comments on what I found most interesting…. as well share some photos!
As the conference was scheduled for Monday and Tuesday, I flew out to Switzerland on the Sunday evening. In retrospect this was a very good decision, because the British Airways strike began the following day, and I was pleased to not have to worry about travel problems!
I woke up bright and early for the chance to have a morning walk through central Zürich, having never been to the city before. My hotel was right on the shore of the Zürichsee (Lake Zürich) and I had a really nice croissant for breakfast at Confiserie Sprüngli! I walked along Bahnhofstrasse, which is Zürich’s main downtown street and also one of the world’s most expensive and exclusive shopping avenues. I was also feeling somewhat nervous about the conference – in a good way, of course! – so stepping out into the fresh autumnal air was a nice way to mentally prepare for the day ahead.
SWISS RE CENTRE FOR GLOBAL DIALOGUE
For those of you who might not know, Swiss Re is the world’s second largest reinsurance company. Their Centre for Global Dialogue is located just outside of Zürich, with breathtaking views of Lake Zürich and the Alps. From my hotel room (pictured below), I could even see the lake!
SETTING THE SCENE: DEEPFAKE TECHNOLOGY
The conference itself began in the early afternoon with a panel discussion by experts from IBM Watson, California-based tech company NVIDIA, and IDIAP, which is the research arm of the Ecole Polytechnique Fédérale de Lausanne. In this technology session, we discussed:
- The technologies that have enabled deepfake creation and distribution.
- The plausible trajectory for these technologies, and what the deepfake ecosystem might look like in five years.
- Promising technologies for countering deepfakes, and what research advances might help reduce risks
- Whether or not there are “information hazards” arguments for restricting access to research in this area, to prevent its use for malicious purposes.
Three things from this session really stuck in my mind. Firstly, the reminder that from a security standpoint, humans really are the biggest risk to any technological system. In particular, burnout poses a challenge, because we cannot stay hyper-vigilant at all times. Secondly, I found it interesting to note that detection is unlikely to be a winnable arms race. Watermarking and fingerprinting are good ideas in theory, but it would be difficult to create workable solutions. By way of example, if we require watermarks for certain media, would a lack of a watermark indicate that it’s a fake? Watermarks can be easily removed or added. The general consensus of the group was that the biggest risk posed by deepfakes is the degradation of standard notions of trust.
DEEPFAKE RISKS & VULNERABILITIES
The second session was led by representatives from Zurich Insurance, the French banking giant BNP Paribas, and the Swiss Federal Institute of Technology in Zurich. In this session covering various deepfake risks, we focused on the following points:
- Are there reasons to worry more about deepfakes than about the other forms of deception and manipulation we’ve used throughout history?
- Who or what is most at risk of harm: individuals, businesses, public institutions, or society at large?
- What kinds of harm are of greatest concern? Harms could include fabricated evidence (such as insurance claims or judicial evidence), reputational damage, abuse/intimidation/extortion, manipulation of public opinion (including elections), and market manipulation.
- Are there beneficial uses of deepfake technologies that need to be excluded from regulatory interference?
The key point of this discussion concerned the slippery slope between risk minimisation on the one hand, and the protection of certain liberties and economic freedoms on the other. It’s important to note that traditionally, threats posed by technology have been used to force through pernicious changes in the law or government surveillance. Just think back to post-9/11 USA PATRIOT Act, or even more recently to the UK’s Snoopers Charter. To minimise deepfake risks, we could certainly utilise certain forms of data monitoring, profiling and censorship, but to what end?
DINNER AT THE VILLA
After an intense day of discussions and debate, we headed across the courtyard of the Centre to this beautiful Villa for drinks and dinner.
LEGAL & REGULATORY RESPONSES
This session, covering things from a legal and regulatory perspective, was probably my favourite. It was also special for me, because it was my first time ever moderating a panel discussion! We discussed what existing laws/regulations can be applied to problematic deepfakes: for example, those concerning fraud, privacy, defamation, stalking, and electoral law.
Legislatures in the United States as well as the United Kingdom have for several years now sought to address online sexual harassment, with numerous jurisdictions criminalising so-called “revenge porn”. Given their initial popularity as manipulated pornographic videos, it seems only reasonable that some lawmakers have proposed specific bans of deepfakes which show obscene sexual activity. Furthermore, as of September 2019 Texas became the first state to criminalise deepfake videos made with intent to injure a political candidate or influence an election.
But are these legal instruments sufficient to address deepfake risks, or are new laws needed? In addition to the above, we also discussed:
- The potential impact of deepfakes on the legal/judicial system, for example in terms of admissibility of audio/video evidence.
- Whether or not there there is any need for – or prospect of – converging responses to deepfakes in different jurisdictions.
BREAK-OUT GROUP: CORPORATE
After our coffee break on Tuesday, we divided up into smaller groups. I chose the Corporate and Insurance group – and I’m so glad I did, because I learned so much! Our main discussion focused on the potential financial risks to companies, investors, and markets more generally. Such risks could include fraud against customers, to deepfakes designed to manipulate company stock prices or whole markets. From an insurance perspective, we discussed whether deepfake technologies create new challenges for the insurance, in terms of vulnerability to fraudulent claims.
You may be wondering why the insurance industry cares about manipulated videos. In essence, it comes back to the point above about truth and trust. Today, many insurance claims can be supported through online evidence submissions: take, for example, a photograph of your car after someone rear-ends it. If insurance fraud goes up through the use of deepfakes – despite detection software – this increased risk will be transfers to the insured, and the premium will be raised. Without a doubt, we are living in a data-driven world, as insurance is gathering more and more data about activities connected to the policies. There is an ever-growing amount of data available thanks to the Internet of Things (IoT), credit checking websites, and public information: it’s easy to imagine the ways that deepfakes could threaten that stability.
There’s only so much a group of lawyers, insurers, and computer scientists can cover in two days. In our final session, we discussed the questions that are likely to be unanswered… at least, for now.
- What are the potential societal implications of deepfakes, in terms of levels of trust, standards of truth, and electoral manipulation?
- What is the value of trust in the digital age?
- What role do “technologies of trust” have in response to the decline of older norms and patterns of social trust?
- At an individual and societal level, can anything be done to reduce the viral sharing of false and harmful content?
- What are the immediate priorities — what decisions could be taken now to improve incentives around content authenticity and integrity?
- Are there wider lessons to be learned from the deepfake phenomenon about the governance of emerging technologies?
There were so many insightful and thought-provoking moments during this conference. In conclusion, I just have to wonder if maybe we have taken “easy evidence” for granted. Was this technological evolution inevitable? Will the rise of the deepfake require us to place more faith in non-recorded instances of trust and truth, such as eye-witness reports? Perhaps the special privilege we have afforded to video — to digital truth — is ending.