Problem of Provenance of Digital Content Roadmap to Solution

From IIW

Problem of Provenance of Digital Content Roadmap to Solution

Wednesday 8C

Convener(s): Kathryn Harrison (Deep Trust Alliance

Notes-taker(s): Sarah Allen

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Katherine Harrison

Deep Trust Alliance

Why are people here?

- Supply chain - media, ads

- Gov ID - root of trust, how do you know the provenance of public keys

- provenance of research, starting with real-world objects, creating a chain of trust


- Long term solution around understanding digital provenance

- Start with digital content, chain of custody

Digital Provenance

  1. Something happens in the real world and you take a photo
    1. Potential for standard in the h/w (heavy lift, h/w provider)
    2. New iPhones use specific points to identify your face, could you get a standard, register an identifier, so you can identify a specific image ==> Unique Identifier (UID)
  2. Then there are a number of manipulations, chain of custody all tied to that original UID, see chain of actions (attestation of what happened)
    1. Contrast
    2. Crop
  3. Send to internet, track this chain of custody (That others can add to)

What do you need?

- Standard set of data

- Tons of meta data standards (figure out what small amount of info will persist)

- Some kind of UI (e.g. little blue checkmark, which you can click into and see this chain of provenance)

Not saying the content is real,. Good or correct, just that we know the provenance 

What about governments going after sources?  Is there potential for unintended consequences?

Need a privacy layer to avoid Orwellian authoritarian state

Each edited asset then has a new UID

Use case:  figure out if a specific image is valid

Movies, Images already have fingerprints that can detect user misbehavior

What about the user detecting media company misbehavior?

Chaos computer club — series of videos about system that is live in North Korea

- Put an image in, it gets watermarked, the government can find the computer and the human who uploaded that image

Corp use case: insurance

Attempting to track back to a source

Each step of the chain could have specific requirements for a specific context

Digital cert at each step

Turn It In — system for student plagiarism

“Is this image trustworthy?” —> this is not the question 

rather “Does this photo/video have the context for the viewer to decide whether to trust it?”

The question is about object integrity.  Difference about integrity and trust.

It’s a pipeline problem.


- Create a centralized corpus of deep fakes

- Companies continue to own them, yet provide decentralized access to them

- Companies could contribute source material, build provenance into this niche data set to identify these sources

- Would need to have a system of authorization around this

Can the beneficial outcome be described in more detail?

Consider toy sources that could serve the same purpose… maybe a demo “We want to do this, but at a bigger scale”

Want to see mapping out use cases

Careful about making tools for the Deep-Fake-Creators

— see Genomics for ways that resesarchers / publishers have found ways to create “protective wrappers”