Signing authentic content - and what it means to be able to do so.
As Hany Farid says, the threat of deepfakes isn’t just that we won’t know whether the evidence fake—it’s that we won’t know whether anything we see is real. Soon, we may not be able to detect deepfakes reliably. We may need some other mechanisms outside of image forensics to help us.
Cryptography gives us some tools. One tool is the cryptographic signature: using a secret key, you can “sign” a file; when someone else gets that file, they can verify that you signed it, and it was that particular file that you signed—not some modified version of it.
Playing the scenario out: if I take a photo on my phone, I could sign that photo. (OS integration could make that seamless: my phone could do this for me automatically and invisibly).Later, when you see that signed photo—be it on Twitter or TMZ—you could assure that it was I who marked the content as authentic.
Now, that doesn't prove to you that I took the photo. Nor does it prove that the image is “real,” whatever that might mean. Anyone could take a picture from the Internet and sign it. And I could just as easily sign a deepfake. But, my signature shows you that I sign off on the content. It provides evidence that I at least approve it.
A concrete example: if there's a video of the president, and the office of the POTUS has their cryptographic signature on that video, we can at least trust that it’s official content—authentic in the sense of being sanctioned.
Now, what “authenticity” or “reality” means in a deepfakes-are-everywhere world would still be very much up in the air. But those concepts have always been up in the air. Empowering people to mark something cryptographically, and to verify that authenticity in a usable way, is much better than what we have now. It’s certainly better than our conventions for “signing” legal documents. (Some 2D scribbles on a PDF? If you can deepfake a video, surely you can deepfake a black and white doodle.)
The idea of using cryptographic signatures for social purposes is nothing new. Estonia’s oft-lauded identity system provides a signing functionality too, which citizens can use to sign off on almost any legal document.
If you’ve ever played around in the world of cryptocurrencies, you’ve probably used wallets. Cryptocurrency wallets provide similar functions to the Estonian identity system: they hold cryptographic keys and mediate your access to them, exposing them for some predefined uses while trying to prevent you from mishandling them. While the technical specifications vary in practice, the differences between cryptocurrency wallets and ID cards are slight.
Cryptography is slowly but irreversibly converging on legal notions of personhood, be it through decentralized wallets or state-backed ID cards. Cryptocurrencies offer one set of solutions. National governments like Estonia’s propose another. Soon, corporations may get in on the game, too. It occurs to me that Facebook integrated the Signal protocol into Whatsapp; that means that every Whatsapp user has a set of cryptographic keys ready to use for signing—or anything else.And that’s not to mention upstarts like Spruce Systems or BrightID.
These systems equate identity with cryptographic keys rather than with the body or with natural persons per se. I call this cryptographic personhood.
So what? Liberatory potential
BrightID boldly claims that “identity is a human right.” What kind of entities get to have identities? Reading between the lines, BrightID equates identity with the natural-born “human” that has fundamental “rights.” This notion of atomized humans is the product of particular Western Enlightenment traditions.
What kind of entities get to have identities? Western traditions have, to put it euphemistically, struggled with this question. Women. Native people. Black people. Chinese and Japanese people. Redefining what kinds of entities get to have identities sounds radical, but it’s happened before, and it’s played a critical role in various liberatory struggles over the centuries.
What kind of entities get to have identities? Western traditions aren’t the only game in town. In many indigenous traditions, “man is neither height nor centre of creation,” to quote Jason Edward Lewis. These systems center notions of “kin,” which extend beyond humans, perhaps even to machines.
There is real liberatory potential with cryptographic personhood. By shedding references to bodies, cryptographic personhood makes room for identities that are not normatively embodied. It makes room for identities that make kin. These new kinds of identity systems could provide groundwork for tribal sovereignty,new kinds of governance, new kinds of states. Radically voluntary, non-geographic types of citizenship and membership.
At the same time, cryptographic personhood enables the usual suspects to recreate the same exclusionary systems of identity and citizenship, perhaps with even more control. States and corporations alike. I think of Snow Crash here.
How do we bend these futures toward the good ones? The answer probably has much to do with the streets and the halls of power as it does with technical practice.
Or someone with access to your key. How do we protect keys? That’s the subject of a future post.
I’m eliding a lot of technical detail here. The Wikipedia article on the subject could stand to be improved. Key concepts include checksums and hashing, and public-key cryptography. If anyone knows of a better explainer for cryptographic signatures, let me know.
Good operating system support for private key management is a critical prerequisite for several technologies. It’s a key bottleneck for broader adoption of cryptocurrencies, for example. Currently, users need to install wallets as browser extensions, standalone software, or weird physical devices. Needles to say, this mishmash of extensions and infrastructures often goes wrong.
See Estonia’s PR on their cryptographic identity cards. Hooking into the theme of last week’s post, Tomas Jermalavičius positions this identity system very explicitly as a vector of soft power.
Facebook’s cryptocurrency, Libra, is now called Diem. It’s not fully decentralized—it’s a more federated model, similar conceptually to what the People’s Bank of China might be cooking up.
As of April 27, 2021, a search for “cryptographic personhood” is a Googlewhack. A measure of success for this concept will be the extent to which those search queries expand!
Lewis, Jason Edward, et al. “Making kin with the machines.” Journal of Design and Science (2018).