AI, GANs, and the Law of Synthetic Data
The federal government is looking into ways to spot manipulated content, prevent security issues
IT DIDN’T TAKE long for someone to turn generative adversarial networks (GAN)—a machine learning technique that seemed benign and of somewhat limited utility at its unveiling—into a tool with the ability to cause real harm. It took Congress much longer to pass responsive legislation to focus the federal government’s attention on the technology. Passed at the end of 2020 during a tumultuous presidential election season, the Identifying Outputs of Generative Adversarial Networks (IOGAN) Act requires two federal agencies to study the role GANs play in producing false media content and report their findings back to respective House and Senate committees. This was seen as a prelude to possible future laws and regulations, including federal criminal statutes, targeting those who intentionally deploy GANs that deceive or cause harm. But, as we’ve seen in other areas of AI governance, individual state legislatures have had to pass their own laws in the absence of federal action.
A GAN involves a machine learning process that attempts to cause a generator artificial neural network (G) and a discriminator artificial neural network (D) to compete against each other to become more accurate in their function and outputs, through which the generator and discriminator create a feedback loop. This causes the generator to produce increasingly higher-quality artificial outputs and the discriminator to increasingly improve it ability to detect such artificial outputs.
GANs were introduced to the AI world in 2014 when Ian Goodfellow, then a Ph.D student at the University of Montreal, conceived of and helped develop a technique for synthesizing new labelled image data, an essential ingredient in the development of machine learning models in the field of computer vision. After Goodfellow and his colleagues published their seminal paper on the topic, the original idea was exploited in ways that they and many others likely did not foresee, as researchers in China and elsewhere reported.
Indeed, in the years after its introduction, GANs have been used, along with other AI tools, to superimpose existing celebrity faces onto actors, including in pornographic videos—a so-called “deep fake” video—seamlessly making it appear as if the celebrity is the person depicted in the video. In a similar way, GANs have been used in the creation of videos of politicians uttering sentences they never expressed (a notable example is a technology demonstration video involving Barrack Obama appearing to be speaking but whose words are actually those of actor Jordan Peele).
Although GANs were developed around the same time as other advances in deep learning, the technology was not deployed in the same harmful ways as other developments at the time, at least not right away. Disinformation bots, for example, proliferated on social media before and during the 2015-2016 presidential primary and general election cycle by domestic and foreign actors intent on spreading and amplifying false and misleading content.
Also around that time, content recommender systems permeated social media platforms, which some attribute to fomenting divisiveness and creating echo chambers that continue to this day.
While those use cases were and continue to be troubling, GANs-based technologies, by themselves or combined with other technologies like auto-encoders and automated speech recognition (ASR), are on a whole different level when it comes to the potential for deception and direct harm.
Indeed, it’s one thing to spread disinformation on social media, but to spread it in the form of an influential person falsely appearing to speak in a video while an algorithm behind the curtain pulls the levers raises the stakes for what is real and what is fake in our modern connected society. Video and image newsmedia are more likely to be accepted by the public and thus viewed as being more trustworthy compared to written newsmedia. Compounding the problem is the relative low barrier to access and use of GANs; it doesn’t take a data scientist or an AI engineer steeped in GANs know-how to create deepfakes and other nefarious implementations of the technology. The code and related instructions for its use and deployment are readily available on the Internet.
The federal response, in the form of the IOGAN Act, was introduced by Sen. Catherine Cortez Masto (D-NV). The measure passed both the House and Senate in early December 2020 and was signed into law on December 23, 2020, becoming Public Law 116-258. The law expressed lawmakers’ sentiment that outputs from GANs raise “grave” national security and societal impacts concerns, but noted that “[g]aps currently exist on the underlying research needed to develop tools that detect videos, audio files, or photos that have manipulated or synthesized content, including those generated by generative adversarial networks.”
The IOGAN Act requires the National Science Foundation (NSF) and National Institute of Standards and Technology (NIST) to produce reports to Congress about needed research and educational outreach in areas of manipulated or synthesized content from GANs. Funding for these areas of research were provided under the National Defense Authorization Act for FY 2021, which included spending targets for NSF and NIST in areas overlapping with the IOGAN Act.
At the state level, California’s legislature passed AB730 , which became effective for a three-year period beginning January 1, 2020, to give political candidates the right to sue to stop others from using materially deceptive audio or visual media in political advertising, including media created with the help of GANs. AB602 was enacted the year before and created a private right of action for a “depicted individual” who, as a result of digitization, appears in a video or image to be giving a performance they did not actually perform or to be performing in an altered depiction.
In Texas, the legislature passed SB751, effective September 1, 2019, which makes it a criminal offense to fabricate a deceptive video with intent to influence the outcome of an election, where a deceptive video, or “deep fake,” is one that appears to depict a real person performing an action that did not occur in reality.
In Virginia, lawmakers in 2019 updated existing law 18.2-386.2, making it unlawful to disseminate or sell without permission or authorization certain nude images of another person that includes a person whose image was used in creating, adapting, or modifying a videographic or still image with the intent to depict an actual person and who is recognizable as an actual person by the person’s face, likeness, or other distinguishing characteristic. The law has been interpreted to apply to GANs-produced deep fake videos.
In New York, a deceptive media law, enacted on December 1, 2020, amended the state’s civil laws to add Section 52-C, a “Private right of action for unlawful dissemination or publication of a sexually explicit depiction of an individual.” The law applies to “depicted individuals,” who are individuals that appear, as a result of digitization, to be giving a performance they did not actually perform or to be performing in a performance that was actually performed by the depicted individual but was subsequently altered to be in violation of the law. “Digitization” is defined as to realistically depict the nude body parts of another human being as the nude body parts of the depicted individual, computer-generated nude body parts as the ude body parts of the depicted individual or the depicted individual engaging in sexual conduct, as defined in subdivision ten of section 130.00 of New York’s penal law, in which the depicted individual did not engage.
Lawmakers are not alone in reacting to GANs. Both in academia and the tech community, researchers’ efforts to develop ways to detect synthetic media continues today even without a legal mandate to do so (though, for technology companies, economic factors certainly contribute to their focused attention on the matter). Whether these efforts will keep up with those seeking to create nearly-undetectable fake media is an open question.