Just this quarter, Netflix viewers were taken on a ride with the film Red Notice. Wondering about the uncanny feeling you got while watching the film, or how the world created seemed a little off? Welcome to the universe of deep fakes. Between the deep augmented backgrounds and the excessive use of deep fake, the film has been tagged as its twin or deepfake.
Instances like Red Notice are all fun and games, but such fake realities created with AI have come under major scrutiny in the past few years for security reasons. And rightly so, as you will realise today. This technology leverages deep learning models to create or manipulate audio, video or image media. These present hyper-realistic AI-generated images or videos of people doing or saying things that, in reality, they didn’t.
Sign up for your weekly dose of what's up in emerging technology.
Modern technology has created some of the best products of the decade, but as they develop at a fast pace, we need to take a step back, study its creation and recreate ethical boundaries.
From Hardware To Data Augmentation
Deep fakes are created on state-of-the-art deep learning models. To build such models, three major components need to align perfectly: sophisticated algorithms, hardware resources to support the model training and the data!
Historically, even though we were advancing on building algorithms, hardware resources like GPU and TPU were a challenge to access for scientists. Fast forward a few decades, the hardware challenge has been replaced with data, the foundational rock upon which every intelligent machine is created today. And to build a trustworthy machine, we need to overcome the challenge of gathering thousands of tons of data. So, scientists started synthesising data and working on models that would require very little data, one-shot learning or zero-shot learning. This led to the development of data augmentation, a technique that allows scientists to synthesise new data from the available data, effectively addressing the requirement of diverse training data.
Datasets are extremely crucial for use-cases involving unstructured data in the form of audio, image or video. Earlier, if there was any tampering done with audio, image, or video, it was easier to detect as it was mostly photoshopped. There was a superimposition of new audio, image, or video in this case. But with deep learning and data augmentation methods, we have a new class called deep fakes, which can be understood as AI-powered photoshopping.
Deep Dive Into The Technology
With AI-powered photoshopping, it is almost impossible to detect if the media is fake. And they are powerful, with the capacity to make undeniable changes. For instance, in March, the internet was shaken by a viral video of Barack Obama swearing at Donald Trump, until it was revealed that the video was indeed fake. Likewise, Tom Cruise fans had a blast watching the actor create viral TikTok videos, until that too, turned out to be a very well-created hoax.
Deepfakes can eerily do things as small as changing specific features to as huge as creating entirely new videos of people saying and doing things. Let’s look at a list of all things possible with deepfakes:
- Changing facial features
- Changing facial expressions
- Synthesising audio
- Synthesising facial expressions
- Synthesising/Eliminating entities from image/video
- Synthesising text data based on human writing patterns
- Creating new art based on the artist’s style – paintings/songs, etc.
These are extremely difficult to detect because of the precision of tampered aspects such as the skin tone, background merging, and audio features to match the original content. Having said that, the technology is still developing and tends to create loopholes in some features in the image/audio/video; humans can detect that.
Through Rose Tinted Glasses
Deep fakes are based on augmented reality and continue to be a marker of technology breakthroughs. The technology leverages state-of-the-art methods such as encoder-decoder, GAN or CNN, to create audio and visual deep fakes.
While this is being used in multiple applications, we will discuss some of its most popular use cases. Deep fakes can re-create the art of classically renowned artists. Devices such as Timecraft can learn how a painting was produced and recreate it with precise brushstrokes. With a ninety per cent success over existing benchmarks, the device was trained on hundreds of minutes of painting time-lapses. Researchers are also leveraging technology to make the paintings talk, such as the famous recent case of da Vinci’s “Mona Lisa” rolling her eyes and talking. Researchers from Moscow’s Samsung AI Center and Skolkovo Institute of Science and Technology manipulated such portraits to talk and move by identifying facial landmarks in the painting using AI.
Deep fakes are increasingly being used as a form of entertainment in films, videos and online games. In fact, people are also creating deep fakes of themselves as advanced virtual assistants. Virtually working companies are leveraging AI to create videos of their synthetic head or a virtual body double, termed virtual double ARIs. The assistant can speak and move its head while having the features of a real person. Deep fake also doubles up as a language augmented model that can translate across languages and give basic replies.
The Sharper End Of The Sword
But, the technology that can be used for entertainment can become real dystopian real soon. They can create real harm. We are already seeing the applications of this technology to infringe upon people’s privacies, create havoc by showcasing individuals making false statements, tricking people into deception, committing fraud and cybercrime.
Not too long ago, $76 million were stolen from the Chinese government by criminals manipulating personal data and feeding the facial recognition system with deep faked videos. That’s not even the tip of the iceberg of ugly deep fake applications. This was just one of the ways of biometric hacking. Biometric devices and facial recognition are being used for security purposes across the globe. And criminals everywhere are creating deepfake videos to break through these barriers.
Additionally, deep fakes kill privacy. The content is extremely convincing, and the regularly advancing technological development has made it a challenge to distinguish between actual and fake information. Considering the advanced technology needed to even classify them as fakes, laymen, if caught up in deep fake treachery, would not even be able to prove themselves easily. The technology infringes on the basic human rights to privacy or consent. Recently, a documentary on the life and death of the famous chef Anthony Bourdain came under a lot of controversies after the filmmaker used AI to narrate a few lines in the voice of Bourdain. The dead actor is certainly not present to consent to having his voice cloned, and yet, there he is, saying things he, in reality, did not.
With an increasing number of ‘breaking news’ related to deep fake crimes or controversies, leaders and AI-product making organisations are starting to raise concerns over technological usage.
Leaders Pitching In
We have reached a point where there is hardly any distinction between reality and augmentation, making it high time to take the necessary steps that ensure no harm is done via augmented reality in the coming years. For brands, it is important to segregate research and production. The creators of such deep fake models need to do thorough research on the ethical and legal concerns regarding the applications of the model and ensure the product is meeting the requirements of safety and security. Leaders can additionally incubate mandatory workshops and lectures to educate the employees on the ethical and legal standards of AI to abide by.
The future of deep fakes can be bright. But to ensure that deep fake applications are not misused, we ought to create boundaries. There is a pressing need to re-imagine a persona of the industry that has created guardrails for possibly dangerous applications. Deep fake models aren’t inherently harmful, but we need to ensure that we don’t make them so.
For an organization that wants to protect itself from any attack on their application using deepfakes, they can tackle it from two angles: security and AI.
- Employ the right personas – Have a dedicated chief security officer who can train the employees to create awareness about deepfakes. The team should be skilled to understand how a deepfake attack can affect the organization. Training should also focus on social engineering to understand how the attack could appear, how to detect deepfake attacks and what could be the action plan to mitigate damage.
- Placing guardrails – Apart from having deepfake attack detection which could be post-event, guardrails should be put in place to avoid any such attacks. From a model perspective, the model being used in an application that is prone to be attacked using deepfakes, could have a pre-set deepfake detection algorithm.
- Risk Mitigation – As much as technology can be planned to be full proof, that doesn’t always work; the organization should be having risk mitigation plans. Methodologies to attenuate the impact of deepfake attacks should be in place.
- Impact Evaluation – In case of a deepfake attack, an assessment about the impact should be done to understand which users could be affected and in what capacity, which other applications could be compromised and if it could cause the organization any monetary loss.
- Collaborative effort – Similar to cybersecurity guidelines or trusted cloud principles where organizations come together to solve a complex challenge, avoiding deepfake attacks is also a collaborative effort. Organizations could partner with other firms to strengthen the guardrails of their technology and put in place various strategies which could be set as standards for other companies to follow.
This article is written by a member of the AIM Leaders Council. AIM Leaders Council is an invitation-only forum of senior executives in the Data Science and Analytics industry. To check if you are eligible for a membership, please fill the form here.