Did you have a childhood dream of becoming a super hero or a pop star? Perhaps you wanted to be Indiana Jones or Lara Croft; something that seemed impossible. But nowadays it can be real, with the help of AI. Using just your phone, you can become the star in your own film. Simply open up the Reface app, make a few clicks, wait several seconds and you have achieved your childhood dream. Perhaps you have already tried this, or at least heard of the application given its international popularity (with millions of new downloads every month). For those who haven’t, in this app you can swap your face in any image or video you want. And it generates astonishing results.
Where the Reface app is merely for fun, less innocent applications of swapping someone’s face into a video exist. For instance, letting politicians say things they have never said or tricking grandparents into giving money to their apparent grandchildren, resulting in disinformation and distrust. The driver of this risk is the sophisticated technology underneath, which makes fake content increasingly more difficult to distinguish from real content. A similar technique, for instance, generates portraits of people that have never existed before.
The technology behind Reface is called deepfakes. Deepfakes are fake content generated by AI that is indistinguishable from real content, generally in the form of images, videos, or spoken text. And that poses a potential threat. Bloomberg, for instance, states that it could wreak havoc on politics. Moreover, scientists place this as the most dangerous AI development for criminal use in the next 15 years, even above AI-driven military robots according to this article.
Deepfakes are here. It is happening. It is capturing the attention of the broader audience through news outlets and users experimenting with the technique through apps like Reface. However, the understanding of the technology behind deepfakes receives little attention. Most discussions mention the concept of the technology briefly or not at all. Moreover, the discussions are one-sided, focused on either the risks or the opportunities. We suggest focusing on leveraging the opportunities of this technique, while mitigating the risks.
To properly judge the deepfake technology we will unpack the black box, explain the concept with its input and processes, and show how this relates to the opportunities and risks. Finally, we question how to use deepfakes responsibly and how we can combat them.
The beating heart of deepfakes is an algorithm called Generative Adversarial Networks, or in short GANs. It is a new concept, which has grown from an idea to full-fledged applications for everybody with a phone in a mere six years.
To explain GANs, consider a situation with counterfeiters and police. Counterfeiters try to create fake money indistinguishable from real money and the police try to distinguish the fake from the real money. At first, the counterfeiters use monopoly money and the police catch them easily. Then they try something more advanced and they fool the police. As a reaction the police improve their detection methods. This continues until the counterfeiters are producing fake money in the same way as the real money; they are indistinguishable.
This is the essence of GANs, two parts competing against each other. They are called the generator and the discriminator. The generator first imitates the input content. The discriminator then receives these imitations together with real content and is tasked to classify them into “real” and “imitation”. From each iteration, both parts learn and become better at beating each other. The discriminator for instance distinguishes portraits with three eyes as fake, but not imitations with two eyes. The generator learns that portraits with three eyes are not convincing, whereas it teaches the discriminator to be more suspicious of portraits with two eyes; they can be fake too. This process of self-honing continues until the discriminator cannot distinguish real from generated. Or in other words, both the counterfeiters and police cannot learn any new tricks from each other anymore.
Now that we understand the main components of GANs and thus how deepfakes work, we will expand upon its applications, both the positive and negative aspects.
The most promising direction of deepfakes is that it will be easier to create high-quality content, without having any photoshop skills or using automated tools to do it for you. As an application, deepfakes can take personalized content generation to the next level, where content is generated automatically and tuned towards the preferences of your clients. Either in the tone of voice, the message that they see, or the layout of the content itself. This is especially promising for marketing automation use cases which have a high demand for personalized content, but where generating content is time consuming.
Another, yet similar, example is to use deepfakes in your video marketing efforts. Here, the same marketing ad can be synchronized in multiple languages, while using the same voice of your actor and without a mismatch between lip movements and audio.
Furthermore, deepfakes offer promising opportunities to strengthen existing interactions with customers. For instance, chatbots have seen impressive improvements in recent times, but they can still seem too artificial for people to fully accept them. Enhancing them with videos generated by deepfakes creates a more realistic interaction.
Contrastingly, the same concept can be used for harm. A grandparent is more likely to give their well-earned pension money to one of their grandchildren after talking to them via video call, than to a stranger over email contact. In the future, it will only take a picture and a short voice recording to deepfake a video call where the grandparent believes they are actually talking to their grandchild. Banks are currently focusing heavily on combating fishing, but we think that deepfakes imitations will be their next priority.
In the jural system, every piece of evidence is carefully submitted and inspected. Photographs can be important pieces of evidence, but low-resolution footage from a surveillance camera can make it a challenge to recognize someone’s face or read a license plate correctly. Deepfakes can solve this issue. Instead of creating an image from scratch, the technique gets input: a low-resolution image. The algorithm then creates a believable high-resolution image. This can enhance the trustworthiness of photographic evidence.
On the other hand, it can compromise evidence too. A criminal could, for instance, create a false alibi using deepfakes leading to a false accusation. Or even worse, deepfaked evidence can be submitted to a trial whilst the lawyer or the judge does not know it is fake. This drives clear urgency for law firms to embrace AI knowledge and capabilities within their cooperation.
Are we defenseless against GANs? Well luckily not, as popular as deepfakes have become, so has tracking down deepfakes. Microsoft, Facebook, Amazon, and academics have bundled their strengths. Together they have set up the Deepfake Detection Challenge (DFDC), in which researchers and other interested parties are stimulated to innovate on new techniques and algorithms to help detect deepfakes and manipulated media. This challenge was held on Kaggle, a platform for machine learning and data science challenges, with a total prize pool of one million dollars.
These innovations could help to determine fact from fiction. Is it really a win over deepfakes though? Remember the counterfeiters and police story? This challenge creates super-police and while it might not be the goal, these super-police can be used to create super-counterfeiters. Responding to deepfakes with an even better detection method might not be a permanent solution for this technology, it could amplify it.
We can place the development of deepfakes in a broader context, namely that of the risks and opportunities of AI in general. With AI quickly progressing in its applications, there is also an increased need for responsible AI (also called ‘ethical AI’). How to use artificial intelligence in a way that is responsible and morally acceptable? From that perspective, deepfakes are a notably tricky development.
Today, responsible AI is no longer the sheer concern of philosophers, but of all who use AI, whether it is in their organization or personal life. With new developments like deepfakes happening at this very moment, we should decide which applications of AI we endorse and which are unacceptable. Indeed, such ethical considerations are hardly ever clear-cut answers. It is therefore paramount to start this discussion.
While the term ‘responsible AI’ covers a variety of dimensions, such as fairness, privacy and human control, two aspects are particularly relevant in the case of deepfakes: the do no harm and transparency principle. Firstly, as the examples above illustrate, deepfakes can be used for good, but are equally capable to bring about harm. Secondly, one of their largest risks is that people are no longer able to discern real from artificially created images. Non-transparent AI applications are generally regarded undesirable, and in the case of deepfakes this becomes truly critical.
The emergence of techniques such as deepfakes displays the need for taking responsible AI seriously. Not only on a societal level, but also on an organizational level, where we leverage the opportunities and mitigate the risks. It should not simply concern the awareness and direct consequences of technologies, but also the understanding of the techniques and how these concepts result in the consequences for society. Only then can we leverage the emerging technologies properly and mitigate the dangers.
Through demystifying the technique behind deepfakes, we can start a broader discussion. This discussion should focus on both the opportunities and the risks of deepfakes. This will inspire companies and politicians to structurally incorporate proper safeguards for deepfakes and AI in general, while reaping the benefits. We hope this blog has succeeded in the first step towards that.