How Apple, Google, and Microsoft can save us from AI deepfakes

The rise of AI-generated content has brought both innovation and concern to the forefront of the digital media landscape. Hyper-realistic images, videos, and voice recordings — once the work of expert designers and engineers — can now be created by anyone with access to tools like DALL-E, Midjourney, and Sora. These technologies have democratized content creation, enabling artists, marketers, and hobbyists to push creative boundaries.

However, with this accessibility comes a darker side — disinformation, identity theft, and fraud. Malicious actors can use these tools to impersonate public figures, spread fake news, or manipulate the public for political or financial gain.

Also: I tested 7 AI content detectors – they’re getting dramatically better at identifying plagiarism

Disney’s decision to digitally recreate James Earl Jones’ voice for future Star Wars films is a vivid example of this technology entering mainstream usage. While this demonstrates AI’s potential in entertainment, it also serves as a reminder of the risks posed by voice replication technology when exploited for harmful purposes.

As AI-generated content blurs the lines between reality and manipulation, tech giants like Google, Apple, and Microsoft must lead efforts to safeguard content authenticity and integrity. The threat posed by deep fakes is not hypothetical — it is a rapidly growing concern that demands collaboration, innovation, and rigorous standards. 

The role of C2PA in content authenticity

The Coalition for Content Provenance and Authenticity, led by the Linux Foundation, is an open standards body working to establish trust in digital media. By embedding metadata and watermarks into images, videos, and audio files, the C2PA specification makes it possible to track and verify the origin, creation, and any modifications of digital content.

In recent months, Google has significantly increased its involvement with C2PA, joining the steering committee. This step follows Meta’s decision to join the same committee in early September 2024, marking a significant increase in industry participation.

Also: Is that photo real or AI? Google’s ‘About this image’ aims to help you tell the difference

Google is now integrating C2PA Content Credentials into its core services, including Google Search, Ads, and, eventually, YouTube. By allowing users to view metadata and identify whether an image has been created or altered using AI, Google aims to combat the spread of manipulated content on a massive scale.

Microsoft has also embedded C2PA into its flagship tools, such as Designer and CoPilot, ensuring that all AI content created or modified remains traceable. This step complements Microsoft’s work on Project Origin, which uses cryptographic signatures to verify the integrity of digital content, creating a multi-layered approach to provenance.

<!–>

Although Google and Microsoft have taken significant steps by adopting content provenance technologies like C2PA, Apple’s absence from these initiatives raises concerns about its commitment to this critical effort. While Apple has consistently prioritized privacy and security in programs such as Apple Intelligence, its lack of public involvement in C2PA or similar technologies leaves a noticeable gap in industry leadership. By collaborating with Google and Microsoft, Apple could help create a more unified front in the fight against AI-driven disinformation and strengthen the overall approach to content authenticity.

Other members of C2PA

A diverse group of organizations supports C2PA, broadening the reach and application of these standards across industries. The membership includes:

• Amazon: Through AWS, Amazon ensures C2PA is integrated into cloud services, impacting businesses across industries.
• Intel: As a leader in hardware, Intel embeds C2PA standards at the infrastructure level.
• Truepic: Known for secure image capture, Truepic provides content authenticity from the moment media is created.
• Arm: Extends C2PA into IoT and embedded systems, broadening the scope of content verification.
• BBC: Supports C2PA to verify news media, helping combat misinformation in journalism.
• Sony: Ensures C2PA is applied to entertainment devices, supporting content verification in media.

Creating an end-to-end ecosystem for content verification

For deepfakes and AI-generated content to be properly managed, a complete end-to-end ecosystem for content verification must be established. This ecosystem would encompass operating systems, content creation tools, cloud services, and social platforms to ensure digital media is verifiable at every stage of its lifecycle.

• Operating systems like Windows, macOS, iOS, Android, and embedded systems for IoT devices and cameras must integrate C2PA as a core library. This ensures that any media file created, saved, or altered on these systems automatically carries the necessary metadata for authenticity, preventing content manipulation.
• Embedded operating systems are particularly important in devices such as cameras and voice recorders, which generate large volumes of media. For example, security footage or voice recordings captured by these devices must be watermarked to prevent manipulation or misuse. Integrating C2PA at this level guarantees content traceability, regardless of the application used.
• Platforms like Adobe Creative Cloud, Microsoft Office, and Final Cut Pro must embed C2PA standards in their services and product offerings to ensure that images, videos, and audio files are verified at the point of creation. open source tools like GIMP should also adopt these standards to create a consistent content verification process across professional and amateur platforms.
• Cloud platforms, including Google Cloud, Azure, AWS, Oracle Cloud, and Apple’s iCloud, must adopt C2PA to ensure that AI-generated and cloud-hosted content is traceable and authentic from the moment it is created. Cloud-based AI tools generate vast amounts of digital media, and integrating C2PA will ensure that these creations can be verified throughout their lifecycle.
• SDKs for mobile apps enabling content creation or modification must have C2PA as part of their core development APIs, ensuring that all media generated on smartphones and tablets is immediately watermarked and verifiable. Whether for photography, video editing, or voice recording, apps must ensure their users’ content remains authentic and traceable.

Social media and apps ecosystem

Social media platforms like Meta, TikTok, X, and YouTube are among the largest distribution channels for digital content. As these platforms continue integrating generative AI capabilities, their role in content verification becomes even more critical. The vast scale of user-generated content and the rise of AI-driven media creation make these platforms central to ensuring the authenticity of digital media.

Both X and Meta have introduced GenAI tools for image generation. xAI’s recently released Grok 2 allows users to create highly realistic images from text prompts. Still, it lacks guardrails to prevent the creation of controversial or misleading content, such as realistic depictions of public figures. This lack of oversight raises concerns about X’s ability to manage misinformation, especially given Elon Musk’s reluctance to implement robust content moderation.

Also: Most people worry about deepfakes – and overestimate their ability to spot them

Similarly, Meta’s Imagine with Meta tool, powered by its Emu image generation model and Llama 3 AI, embeds GenAI directly into platforms like Facebook, WhatsApp, Instagram, and Threads. Given X and Meta’s dominance in AI-driven content creation, they should be deemed responsible for implementing robust content provenance tools that ensure transparency and authenticity.

Despite Meta joining the C2PA steering committee, it has not yet fully implemented C2PA standards across its platforms, leaving gaps in its commitment to content integrity. While Meta has made strides in labeling AI-generated images with “Imagined with AI” tags and embedding C2PA watermarks and metadata with content generated on its platform, this progress has yet to extend across all its apps, including providing a chain of provenance for uploaded materials that have been generated or externally altered, weakening Meta’s ability to guarantee the trustworthiness of media shared across its platforms.

Also: LinkedIn is training AI with your personal data. Here’s how to stop it

In contrast, X has not engaged with C2PA whatsoever, creating a significant vulnerability in the broader content verification ecosystem. The platform’s failure to adopt content verification standards and Grok’s unrestrained image generation capabilities expose users to realistic but misleading media. This gap makes X an easy target for misinformation and disinformation, as users lack tools to verify the origins or authenticity of AI-generated content.

By adopting C2PA standards, both Meta and X could better protect their users and the wider digital ecosystem from the risks of AI-generated media manipulation. Without such measures, the absence of robust content verification systems leaves critical gaps in safeguarding against disinformation, making it easier for bad actors to exploit these platforms. The future of AI-driven content creation must include strong provenance tools to ensure transparency, authenticity, and accountability.

Introducing a traceability blockchain for digital assets

A traceability blockchain can establish a tamper-proof system for tracking digital assets to enhance content verification. Each modification made to a piece of media is logged on a blockchain ledger, ensuring transparency and security from creation to distribution. This system would allow content creators, platforms, and users to verify the integrity of digital media, regardless of how many times it has been shared or altered.

• Cryptographic hashes: Each piece of content would be assigned a unique cryptographic hash at creation. Every subsequent modification updates the hash, which is then recorded on the blockchain.
• Immutable records: The blockchain ledger – maintained by C2PA members such as Google, Microsoft, and other key stakeholders – would ensure that any edits to media remain visible and verifiable. This would create a permanent and unalterable history of the content’s lifecycle.
• Chain of custody: Every change to a piece of content would be logged, forming an unbroken chain of custody. This would ensure that even if content is shared, copied, or modified, its authenticity and origins can always be traced back to the source.

By combining C2PA standards with blockchain technology, the digital ecosystem would achieve higher transparency, making it easier to track AI-generated and altered media. This system would be a critical safeguard against deepfakes and misinformation, helping ensure that digital content remains trustworthy and authentic.

Also: Blockchain could save AI by cracking open the black box

The recent announcement by the Linux Foundation to establish a Decentralized Trust initiative, which includes over 100 founding members, further strengthens this model. This system would create a framework for verifying digital identities across platforms, enhancing the blockchain’s traceability efforts and adding another layer of accountability by allowing for secure and verifiable digital identities. This would ensure that content creators, editors, and distributors are authenticated throughout the entire content lifecycle.

The path forward for content provenance

A collaborative effort between Google, Microsoft, and Apple is essential to counter the rise of AI-generated disinformation. While Google, Microsoft, and Meta have begun integrating C2PA standards into their services, Apple’s and X’s absence in these efforts leaves a significant gap. The Linux Foundation’s framework, combining blockchain traceability, C2PA content provenance, and distributed identity verification, offers a comprehensive solution for managing the challenges of AI-generated content.

Also: All eyes on cyberdefense as elections enter the generative AI era

By adopting these technologies across platforms, the tech industry can ensure greater transparency, security, and accountability. Embedding these solutions will help combat deepfakes and maintain the integrity of digital media, making collaboration and open standards critical for building a trusted digital future.