White House will fight deepfakes with cryptographic verification


Deepfake and generative AI scams are on the rise and seemingly unstoppable. The White House, though, says their official releases, including President Joe Biden’s addresses, will be cryptographically verified. What does it mean?

Just recently, a fake robocall impersonating Biden made rounds in the state of New Hampshire, urging Democrats not to vote in the primary. This, of course, raised concerns about AI-amplified electoral misinformation.

The government is now taking action. First, the Federal Communications Commission (FCC) outlawed unwanted robocalls generated by AI – to deter bad actors, the states will now be able to prosecute creators of unsolicited spam robocalls.

ADVERTISEMENT

“It seems like something from the far-off future, but it is already here,” the FCC chairwoman Jessica Rosenworcel said in a statement (PDF).

“Bad actors are using AI-generated voices in unsolicited robocalls to extort vulnerable family members, imitate celebrities, and misinform voters. Now, we will have another tool to go after voice cloning scams and get this junk off the line.”

Of course, there are also video deepfakes, and they might be even more confusing. The public needs to be able to tell that Biden’s statements are real and not generated by easy-to-use AI tools.

The White House has already released its executive order on AI, and the Department of Commerce is developing guidance for content authentication and watermarking to label AI-generated content clearly.

But now, Ben Buchanan, Biden’s special advisor for AI, told Business Insider that specific action is to be taken regarding official White House communications. According to Buchanan, the aim is to “essentially cryptographically verify” everything from the White House, whether it’s a statement or a video.

What is it? One common method for doing cryptographic verification is a private and public key pairing. The source for a piece of information generates a hash value for any given video or document and encrypts it using its private key.

However, the hash can only be decrypted by the public key, which is available to all and attributed to the original author. This way, successful decryption using the public key confirms the owner of the private key – verifying the source.

Any third-party attempts to alter the file would not contain the original hash value and so would not be able to verify themselves as authentic.

ADVERTISEMENT

There are broader risks, though. In order to believe that information coming out of the White House is authentic, the majority of the public needs to trust the administration, and it would really be a close call given the current divisive state of the political landscape in the US.

There’s also a possibility of the President – whoever he or she might be – making a serious mistake or gaffe during an official video but then activating undemocratic damage control and deciding not to cryptographically sign the content and thus disavow it as fake.