'A Global Watermarking Standard Could Help Safeguard Elections In the ChatGPT Era'

"To prevent disinformation from eroding democratic values worldwide, the U.S. must establish a global watermarking standard for text-based AI-generated content," writes retired U.S. Army Col. Joe Buccino in an opinion piece for The Hill. While President Biden's October executive order requires watermarking of AI-derived video and imagery, it offers no watermarking requirement for text-based content. "Text-based AI represents the greatest danger to election misinformation, as it can respond in real-time, creating the illusion of a real-time social media exchange," writes Buccino. "Chatbots armed with large language models trained with reams of data represent a catastrophic risk to the integrity of elections and democratic norms."

Joe Buccino is a retired U.S. Army colonel who serves as an A.I. research analyst with the U.S. Department of Defense Defense Innovation Board. He served as U.S. Central Command communications director from 2021 until September 2023. Here's an excerpt from his report: Watermarking text-based AI content involves embedding unique, identifiable information -- a digital signature documenting the AI model used and the generation date -- into the metadata generated text to indicate its artificial origin. Detecting this digital signature requires specialized software, which, when integrated into platforms where AI-generated text is common, enables the automatic identification and flagging of such content. This process gets complicated in instances where AI-generated text is manipulated slightly by the user. For example, a high school student may make minor modifications to a homework essay created through Chat-GPT4. These modifications may drop the digital signature from the document. However, that kind of scenario is not of great concern in the most troubling cases, where chatbots are let loose in massive numbers to accomplish their programmed tasks. Disinformation campaigns require such a large volume of them that it is no longer feasible to modify their output once released.

The U.S. should create a standard digital signature for text, then partner with the EU and China to lead the world in adopting this standard. Once such a global standard is established, the next step will follow -- social media platforms adopting the metadata recognition software and publicly flagging AI-generated text. Social media giants are sure to respond to international pressure on this issue. The call for a global watermarking standard must navigate diverse international perspectives and regulatory frameworks. A global standard for watermarking AI-generated text ahead of 2024's elections is ambitious -- an undertaking that encompasses diplomatic and legislative complexities as well as technical challenges. A foundational step would involve the U.S. publicly accepting and advocating for a standard of marking and detection. This must be followed by a global campaign to raise awareness about the implications of AI-generated disinformation, involving educational initiatives and collaborations with the giant tech companies and social media platforms.

In 2024, generative AI and democratic elections are set to collide. Establishing a global watermarking standard for text-based generative AI content represents a commitment to upholding the integrity of democratic institutions. The U.S. has the opportunity to lead this initiative, setting a precedent for responsible AI use worldwide. The successful implementation of such a standard, coupled with the adoption of detection technologies by social media platforms, would represent a significant stride towards preserving the authenticity and trustworthiness of democratic norms.

Embed it in the text?

[Fons_de_spons]

Couldn't we embed the watermark in the text? They did that a while with images. Change the values of pixels slightly here and there. Just subtly make sure that certain letters appear at predictable places.

Re:

[arglebargle_xiv]

Yup. And while we're at it the US should publish a global standard for world peace, to end hunger, and to give everyone a free iPhone.

While I have a great deal of respect for the military doing military things, their performance isn't so great when they go off piste. We once had a visiting general from the Pentagon ask us if we could write some software to analyze other software and determine whether it was malicious and, if so, block it. My boss replied that as long as the Pentagon would keep funding u

Re:

[fahrbot-bot]

Yup. And while we're at it the US should publish a global standard for world peace, to end hunger, and to give everyone a free iPhone.

And a pony. We'll have a world filled with horse ... shoes. :-)

But adding to your point, anytime the words "global" and/or "standard" are used, someone's going to complain about it.

Re:

[chas.williams]

I believe it's traditional in the US for the army to offer 40 acres and a mule.

Re:

[NFN_NLN]

> But adding to your point, anytime the words "global" and/or "standard" are used, someone's going to complain about it.

Except in the case of standardized weights and measurements. Name one country, one country that doesn't embrace the metric system.

Re:

[conorjh]

While I have a great deal of respect for the military doing military things,

https://en.wikipedia.org/wiki/... [wikipedia.org]

I mean, they arent even great at military things

Re:

[NFN_NLN]

> I mean, they arent even great at military things

Try finding a WMD in Iraq after the US military invaded. /s

Re:

[conorjh]

well sweet enola gay son!

Re:Embed it in the text?

[Rei]

Yes, you can**.

No, it won't solve anything. Because there are countless free models developed open source-style which anyone can run - and further train - on their own systems. So even if there were watermarking on every last one - which there won't be, ever - you could easily just train it away. In fact, virtually any finetuning, deliberate or not, would get rid of it. And we're not talking "months on a supercomputer", but rather "hours on a consumer-grade GPU".

** - An example text watermarking algo is to randomly group all tokens into groups (A) and (B). Then with each generated token, you alternate between boosting the probabilities of group (A) tokens and group (B) tokens. In most cases it won't matter that much because there's certain words which effectively need to follow, and their probabilities are so high that any boosting makes no difference; but where there's choices, it can make a difference. For example, in the previous sentence, "there's choices" vs. "there's options" vs. "there are options" etc. You end up surprisingly quickly with text that has an unnaturally regular distribution of group (A) and group (B) tokens, like a near statistical certainty in just a sentence or two. But is still fully natural text.

Re:

[Fons_de_spons]

There are not many drawbacks about opensource, but if you want to regulate something, it can be a nuisance.

Re:

[ThePawArmy]

Not if you outlaw opensource!

Re: Embed it in the text?

[antus]

Bingo. you know what you're talking about. And the main threats against the integrity of our elections are well funded, technically capable nation states. They have their own AI, I am sure. They don't need to pay a subscription to law abiding US companies. The solution is actually in education. Think now about advertising campains to educate adults about the risk and how to fact check information. Put the same in the school education system, and fund the schools better. Make sure enough people can see they

Re:

[MathewKeith]

This assumes the watermark is a standard image. what if it was instead a qr code of a short encryption key that we change throughout the day/week/whatever interval we decide? I don't think you can machine learn away encryption.

Re:

[Entrope]

You can, but you need to keep the details secret because anyone who knows how the watermark is embedded can defeat it. https://arxiv.org/pdf/2306.046... [arxiv.org] (section 4.5)

Re:

[chas.williams]

Of coURse, You cAn do tHis. You bArely evEn notice iT.

Re:

[The-Ixian]

Sure, but a simple copy/paste into a text editor would defeat that.

The only way that I could think of to do this is with hashing.

Create a central repository/blockchain to store the hashes of every textual output of a LLM response.

Then, if you can find the hash in the central repo, you know it is generated by a LLM.

The problem with that, is lack of evidence is not evidence. So people would quickly start saying "well, it's not in the central repo, so it must not have been generated by an LLM and is therefor t

Re:

[catprog]

I edit the output. Such as adding or removing a word or paragraph. That changes the hash.

Re:

[The-Ixian]

Yes, this is exactly my point.

Well that's the Turing test

[LindleyF]

We are freaking out about not being able to identify bots.

Re:

[martin-boundary]

No. We are freaking out about the bottom 50% of us not being able to identify bots. That's not the Turing test.

Re:

[Opportunist]

Politicians or anyone else. People still send money to astrologers, astroturfers and televangelists.

Re:

[ElimGarak000]

bots? the bottom 50% can't even tell when they are being lied to by politicians (and yes that includes both sides).

Both sides, perhaps, but certainly not equally. Studies show that conservatives fall for disinformation more so than liberals -- and only partly because, as Stephen Colbert likes to say, reality has a liberal bias. (One source: https://www.science.org/doi/10... [science.org])

Re:Well that's the Turing test

[Entrope]

It turns out that you only get that kind of result when you have a biased set of beliefs or conditions in your study. https://link.springer.com/arti... [springer.com] (citing the paper you linked as one example)

Re:

[Darinbob]

I suspect it skews because older people are more likely to fall for scams, and older people skew Republican (in USA anyway). My mom's spam folder, once I started marking stuff as spam, gets 50 spams a day, half of it political. My own spam, even at it's peak, has only a couple political spams in it. And almost all of that political spam is hyper exaggerated ultra conservative NewsMax style bullshit ("they're coming to take away your babies!"). Of course, she used to be on ultra conservative mailing list

Re:

[iMadeGhostzilla]

"as Stephen Colbert likes to say, reality has a liberal bias"

Here's an awesome compilation video with Stephen Colbert saying on his show, sometime in mid-to-late 2016 looks like, at 1:58, "and so right now mr. Trump to answer your call for political honesty I just want to say you're not going to be President! All right it's been fun it's been great we love you but come on, come on."

https://www.youtube.com/watch?... [youtube.com]

Re:

[RoccamOccam]

as Stephen Colbert likes to say, reality has a liberal bias.

A better and earlier quote: “The facts of life are conservative.” -- Margaret Thatcher

Re:

[ElimGarak000]

Earlier, yes.Better? Subjective; you appear to feel so. Truer? No.

Re:

[RoccamOccam]

Earlier, yes.Better? Subjective; you appear to feel so. Truer? No.

Not truer? Subjective; you appear to feel so.

Re:

[Darinbob]

The facts of life are that change happens, whether you want things to change or not. Traditionally, conservatives are anti-change at their core (keep the monarchy, etc).

Re:

[buck-yar]

Nailed it. When I read chatGPT, it looks like random garbage strewn together from various crap internet writings. Another person looks at that same text and says "OMG its brilliant!! OMG"

Re:

[Rei]

How confident are you in your ability to distinguish whether a text is written by ChatGPT or not?

Re:

[usedtobestine]

If its written using proper grammar, spelling, and punctuation its a certainty that it has been written by a bot.

Re:

[Rei]

Interesting take. I've found that the language models have improved a lot, but context and nuance can still be a giveaway. What cues do you typically look for to spot bot-generated content?

Re:

[nightflameauto]

Nailed it. When I read chatGPT, it looks like random garbage strewn together from various crap internet writings. Another person looks at that same text and says "OMG its brilliant!! OMG"

I would never say it's brilliant. But it is pretty similar to the way certain folks around the office write and talk. So, really, how far does "artificial intelligence" have to get to blend in with the general population? Apparently? Not all that far.

Re:

[fahrbot-bot]

We are freaking out about not being able to identify bots.

We could get a bot to do that... Wait, that sounds wrong.

Re:

[fruey]

We'll be sending each other CAPTCHAs soon enough

pointless.

[bloodhawk]

yeah because all the bad guys are going to adhere to a watermarking standard, bet you a weeks pay US military and Government would also be excluded from complying under the guise of "national security"

STUPID. Senators too. doomed?

[bussdriver]

My smart senator couldn't grasp a similar point I was making but unlike this guy, I was advocating digital signatures being standardized globally for HUMANS to use!

If I don't sign it, then it's not me. I can control if I sign it; I can't control everybody else. If you are media, it's fake unless they sign it. I can deny I posted this because I didn't sign it.

Re:

[Opportunist]

Well, if the standard becomes "it's not signed, so it is treated as not genuine", fine.

But we both know that the "alternative fact" bullshit peddlers will instantly jump on it because it would pretty much end their empire.

Re:STUPID. Senators too. doomed?

[Anubis IV]

I’d be fine if “signature or it didn’t happen” became the next generation’s version of “pics or it didn’t happen”.

Because the GP nailed it. You need to make these signatures opt-in and ubiquitous, at which point anyone acting in good faith will seek to use them, not only for the veracity of their content, but also for attribution purposes.

Re:

[Opportunist]

Like I said, they will be slandered and doubt will be seeded by those that know that if people actually started trusting signatures, their narrative would quickly be discounted.

Re:

[Anubis IV]

Perhaps, but isn't the more likely outcome simply that the people who peddle in misinformation will continue putting their name on "fake news", just as they do today? I see no reason why there'd be disagreement about signing one's work in the mainstream media from either end of the political spectrum. This is something that both MSNBC and Fox News should be able to agree on. Moreover, if someone's goal is to undermine signing, I can think of no better attack than signing all of your misinformation with a pe

Re:

[Opportunist]

Quite true, the average Joe out there will probably not even be capable of determining who signed something. If he cares at all.

It's signed, so it's true.

Re:

[bussdriver]

This goes beyond browsers and the weak web of trust the padlock icons provide us.

A photo's meta data containing a signature from the journalist and from the new org that published the photo being copied around the net on smart phones. The phone's apps can all refer back to the signatures and you could indicate the sender actually made the photo or a known content creator listed in your contacts or you have a sources database that works like contacts on the phone. Then you can see a source you know and adde

Re:

[ctilsie242]

I'm the same way. This doesn't have to be a hierarchy where some Ministry of Truth has the root keys, but more of a web of trust. If I trust this one person who trusts Alicenews, Bobnews, and Davenews, but doesn't trust Charlienews, then trusting that person which could be implicitly configured to allow Alicenews a better weight to be seen is important.

If the crypto people can push blockchain on everyone, then a basic decentralized web of trust system can be easily implemented for content control. Heck,

Re:STUPID. Senators too. doomed?

[unrtst]

If I don't sign it, then it's not me. I can control if I sign it; I can't control everybody else. If you are media, it's fake unless they sign it. I can deny I posted this because I didn't sign it.

100% THIS!!!

As the standard is proposed, it would be in metadata with the text. They openly note that a child could copy his AI created book report, change a few words, and drop the watermark. That much, I agree. Then they claim, "Disinformation campaigns require such a large volume of them that it is no longer feasible to modify their output once released." WHAT THE HELL IS THIS GUY SMOKING??!?!?

We're talking about AI and giant bot nets here, tools damn near designed for the task of bulk modifying massive volumes of text, and the claim is it's not feasible to modify all those results, even though it can create all those results in the first place AND modify them all to include a watermark? But somehow it can't modify them a second time to remove the watermark? And that doesn't even begin to address nefarious AI implementations (Ex. Russia using it in their botnets... as if they're going to comply with the watermark on things they're already trying to conceal?)

And that all goes back to a fatally flawed premise - that watermarking the text output is going to help in the worst cases.

As bussdriver noted, have real people digitally sign their stuff, and we can use that to reliably identify the real people. Bots are free to sign their stuff too, but we'll have whitelists of real people, so those will be easy to identify. It would move the problem area into identity theft (need to steal the private keys for real people to post as them), which is a much more manageable problem.

Re:

[Rei]

Current text watermarking schemes are a lot more robust than just "change a few words". That's not the actual problem. The actual problem is that this is entirely impractical of a requirement since there are free open source models which anyone can use and finetune.

Re:

[unrtst]

Current text watermarking schemes are a lot more robust than just "change a few words". That's not the actual problem. The actual problem is that this is entirely impractical of a requirement since there are free open source models which anyone can use and finetune.

Well, I even noted that, "Ex. Russia using it in their botnets... as if they're going to comply with the watermark on things they're already trying to conceal?"

My point was that, even if one could ensure that every AI implementation implemented a watermark (which we both know won't happen), it would be just as trivial to remove or obfuscate a watermark as it was to add it. And yet, they made specifically that claim; That, "it is no longer feasible to modify their output once released."

Re:

[Local ID10T]

If I don't sign it, then it's not me. I can control if I sign it; I can't control everybody else. If you are media, it's fake unless they sign it. I can deny I posted this because I didn't sign it.

Does not solve anything.

As long as you can have multiple signatures, an adversary can create a signature on your behalf, and sign with it.
You are denying that that is actually your signature? It is recorded as belonging to you in the database...

It merely shifts the problem to another location, while providing an illusion of security which will be easily believed by the public at large.

Re:

[unrtst]

As long as you can have multiple signatures, an adversary can create a signature on your behalf, and sign with it.

You jumped to a conclusion that isn't supported by your premise.
Having multiple signatures does not mean anyone can create signatures for other peoples identities.

Re:

[Local ID10T]

Having multiple signatures does not mean anyone can create signatures for other peoples identities.

That is just shifting the problem to securing the process of creating/owning signatures.

Not a solution.

Re:

[unrtst]

Shifting the problem to a very different area is a very valid path to a (potential) solution. Your altruism is wrong.

Compare:

A) Mandate that all AI's watermark their output. Users use the watermarks to distinguish human made content from AI generated content. To avoid it, the AI can simply not implement it, turn it off, or the user can strip it off afterwards, leaving no real assurance at all.

B) Have users optionally digitally sign their content with a secure signature. Users use the signature when they mus

Re:

[bussdriver]

No, it does solve the generated fakes problem. It doesn't solve problems which already existed and always will.

There always was a "web of trust" and always will be. If you trust Faux News, then you will be able to tell if their digitally signed content ("watermark" in metadata) came from Faux News or if it was The Daily Show doing a parody of them. Satire in one form will be dead as they can quickly detect it's source and filter it before they have a chance to learn something (assuming a Faux News consumer

Re:

[mattventura]

It's worse than that, because people will be tricked into a false sense of security. They'll assume that no watermark means it isn't AI, which just isn't true.

Watermark is dumb term

[OneOfMany07]

All you can do is hash stuff, and document it. I don't understand why they're using a video term when applied to stationary text.

Re:

[Rei]

All you can do is hash stuff

This is not correct. [slashdot.org]

Re:

[Opportunist]

Batshit crazy conspiracy nuttery isn't created exclusively in the US. Like with everything else that is consumed in the US, most of it is manufactured abroad.

April's fool a bit early this year

[elcor]

watermarking text lol

Re:

[vbdasc]

Some politicians tend to overthink problems that are way above their heads. Just shut down the Internet and be done with it.

In a nutshell, you can have

Internet

Healthy electoral democracy

Low-intelligence population

You can't have all three of these. Choose two. And you can't un-choose the Low-intelligence population.

Re:April's fool a bit early this year

[Malenfrant]

'Healthy electoral Democaracy' is an oxymoron. Voting for a temporaray dictator is not Democracy. When the Greeks were inventing Democracy they considered this method and rejected it, because they felt it would lead to Rule by charismatic Tyrants who shouldn't be allowed anywhere near power. As we can see from how it's worked in practice, they weren't wrong.

Re:

[Zumbs]

The Romans had an interesting variation: Instead of electing a temporary dictator, they elected two, who could veto each other. Again, to avoid the rule by tyrant. But us clever people in the modern era are too smart to need things like that ... oh ... wait ...

Re:

[Opportunist]

C'mon, you know what this ends up with. Either you have two crooks that have each other in the pocket and fleece the population together. If you want that, you can just keep the current Prez/VP system in place. Or you end up with two goofballs who will veto each other's ideas, even if they had the solution to world peace, just to not let the other one have an inch and appear "soft" on the political opposition. That's pretty much what you got when prez and congress are not in sync.

So we already have that. It

Re:

[martin-boundary]

In the early days of the Republic, the Romans also had a law, that if anyone was caught trying to be a king in Rome (or just wanting it too hard), then that person had to be killed on the spot by any nearby Roman citizen, no penalty.

Re:

[Pinky's Brain]

Aristotle also thought citizens should neet around while slaves would somehow without objection keep society going.

Don't put to much faith in them.

Re:

[kvezach]

Aristotle was actually not a fan of Greek democracy - he preferred aristocracy, "rule by the best".

As for the Athenians keeping slaves, objecting to democracy based on random selection because slaves were excluded is kind of like objecting to electoral democracy because it initially didn't have universal suffrage. If we don't discount early proponents of electoral democracy for such reasons, we shouldn't discount proponents of democracy by random selection either.

Re:

[Pinky's Brain]

I wasn't commenting on Athenian keeping slaves. I was making fun of Aristotle's utopian ideal of natural citizens just doing politics and games while the natural slaves just did everything else.

If pigs could fly his ideal political system could work.

Re:

[wyHunter]

Well after the war that seems to be rushing toward us with great speed, I daresay the world population will be thinly scattered and probably less than 1 billion. I guess direct democracy will work for the unfortunate survivors.

Re:

[markdavis]

Unfortunately, direct democracy absolutely doesn't work.

The populous can't and won't have the time, energy, skills, education, resources, or inclination to research things properly and put out informed decisions on specific issues. That is why representative democracy. And if there is no republic (having a constitution) the majority will completely tyrannize the minority in countless issues.

No system is perfect. That is for sure. But the American setup is probably one of the least bad; with a Constitut

Re:

[wyHunter]

I think there's hope but we lack an educated population capable of critical thinking. We also lack politicians who actually try not to violate the constitution. If you read the document, a huge number of laws on the books are...unconstitutional.

Re:

[strikethree]

Apparently, the Democratic party is trying to get a message across that says that a vote for Trump is a vote against Democracy.

That is a dangerous idea to pursue since Democracy (as currently practiced) has led us to a place where the common person has to work every moment of their life to survive. They just might want to get rid of the current version of Democracy. Democrats are playing a dangerous game.

Re:

[Opportunist]

Well, technically you can. But it's a hassle to round up people, subject them to tests and neutralize the ones that fail. Sooner or later the dolts will stop to show up, and they're also the ones that are more likely to be armed...

Re:

[dgatwood]

And you can't un-choose the Low-intelligence population.

The problem isn't a low-intelligence population. It's the fact that people who are chronically uninformed still exercise their right to vote. You can't prevent them from voting in a way that would pass constitutional muster in the U.S., but if you're setting up a new country government from scratch, that's at least theoretically avoidable in any number of ways. And even in the U.S., if you convince them that their vote doesn't really matter much anyway, you might be able to at least diminish it. Unfortu

Re:

[dgatwood]

The problem isn't a low-intelligence population. It's the fact that people who are chronically uninformed still exercise their right to vote.

Does the difference matter in the real world?

Maybe? I mean, one could theorize that people who don't care enough to be informed also won't care to do much work to find out when the election is, so if you held the elections over the course of a week and required people to call in to find out when their voting day is, that might weed out a chunk of that group, whereas if it were caused by low intelligence, rather than apathy, that strategy wouldn't work at all.

but if you're setting up a new country government from scratch, that's at least theoretically avoidable in any number of ways.

Theoretically avoidable? Is this how ideas should be evaluated? I noticed you refrained from enumerating any "ways"... why? I suspect the answer is you knew full well whatever you said would be fundamentally flawed.

Oh, absolutely. Every approach I can think of would be fundamentally flawed/biased in one wa

Very military solution

[Opportunist]

"I command it so it happens. What do you mean, people could simply not do it? They are not allowed to!"

if they can put serial numbers on paper money

[FudRucker]

then they can implement paper ballots with serial numbers that includes a tearoff receipt with matching serial numbers, the reason they like electronic voting machines is because they are easily hacked, and vote counting must be open and transparent,

Use it for counterfeit money too!

[votsalo]

Why don't they make a global standard for watermarking counterfeit money, so we know not to accept it!

Re:

[diffract]

don't worry, CBDC's are on the way. enjoy your privacy while you still can

Re:

[strikethree]

Why don't they make a global standard for watermarking counterfeit money, so we know not to accept it!

Someone has this backwards. They watermark the GOOD money, not the bad. It is more important to identify the good than the bad. There is an infinite amount of bad but only a limited supply of good, so you watermark the good.

Just don't watermark

[Todd Knarr]

What's going to stop the disinformation campaigns from using their own version of the software that runs the same model but is compiled without the watermarking code? This proposal is just the evil bit in another form, and that never works for obvious reasons.

It's about trust

[VeryFluffyBunny]

Ultimately, it's about trust, i.e. who do you trust to gather, verify, & report valid, reliable information? When you know who the source is & it's someone you trust, then that's OK. All you have to do is verify the source. So what's wrong with integrating PGP digital signatures into files so that everyone can verify them with the public encryption key? I mean, HTTPS has been working pretty well for the past 30-ish years, right? PGP digital signatures can do the same for files.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[VeryFluffyBunny]

That can't work. For example, it's too much work & too technically demanding for each individual to do their own journalism & that's why we trust professionals to do it for us. Likewise with computer code, photos, videos, etc.. I know I can trust certain people & organisations more than others. If I know who it came from, I have a reasonable idea of how much I can trust it from reputation/trust. Plus, it's done openly, in an active, critical community, I can get the additional benefit of the exp

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[account_deleted]

Comment removed based on user account deletion

Pointless

[alecdacyczyn]

Here's a Computerphile video on what they mean by 'watermarking text', (probably): https://www.youtube.com/watch?... [youtube.com] But this only works if someone using a well-known LLM. Anyone who is using this tech for something nasty could just make their own specialized system (much smaller, cheaper) or modify an existing opensource model with additional training.

could bitcoin miners be rpurposed?

[v1]

this seems like something that's right up the alley of NFT and bitcoin mining. There's certainly a market for proof of authenticity, and blockchain was basically designed around that, although for a different purpose.

What exactly?

[aldousd666]

There's a number of problems with this, but one of them is what are you specifically watermarking? Most people when they generate text don't use it. Verbatim just copy and paste. They'll take a piece of it and reword a little bit. And turn a bit of it inside out... If you had water marked the original generated text. You would miss all the edits and it wouldn't matter anyway.

I'd be curious

[argStyopa]

...to hear from those who understand the issues better, but how is any watermark not immediately vulnerable to being copied by these same "AI" systems?

The student can what spammers can't?

[allo]

Other than the student, spammers will not care about minor mistakes in the text due to automatic word replacement to destroy watermarks. Shuffling grammar a bit and exchanging words can be automated.

DoD mouthpiece - motivation?

[bradley13]

Dear colonel, you are a clueless dweeb. There is so much wrong with the suggestion of watermarking, but I'll leave other commenters to point out those problems.

I would like to focus on the colonel. The guy was an official mouthpiece for CenCom. His BA was in history and his maters in PR. His poor leadership abilities don't speak well of him either. [militarytimes.com] He retired a couple of months after that article appeared. He is now "an A.I. research analyst with the U.S. Department of Defense Defense Innovation Board." That was a soft landing, after being "encouraged" to retire, especially for someone with zero technical expertise.

He has written a number of articles in the few months he has been at the "Defense Innovation Board". They all follow a common theme: fear-mongering followed by a call for federal regulation. So he is still just being a mouthpiece. The question is: Why is the DoD pushing for federal regulation of AI?

Re:

[wyHunter]

Come now, you know why the DoD is pushing for federal regulation of AI. It isn't hard to grasp why, now, is it? These creatures aren't even hiding their goals anymore and the citizenry (what a laugh) are completely OK with them.

Re:

[kwerle]

Now for the million dollar question: did he use AI to write the opinion piece?

Useless

[nospam007]

If a tiny chip in cameras can do it, a giant AI can fake it.

An american standard

[Growlley]

so once again money will be classed as speech,

Couldn't get past the Intro Stupidity

[NotInKansas]

The article opens with an image of a hand holding a phone. The caption is:

"A ChatGPT prompt is shown on a device near a public school ..."

Oh my god, someone is using a phone within sight of a school! (From a roof top)

Ah, the silliness compounds...

[tiqui]

so, adding a few more bits to a pile of digital data will make it "secure"?

Has anybody ever heard of the concept of gradually increasing computing power? gradually more capable software? Is anybody contemplating anything called quantum computing or anything that might be called "AI"?

Digital stuff will NEVER be secure. Digital stuff can be duplicated, altered, or erased with ZERO verifiable proof later. It's in the nature or ones and zeroes, and no extra ones and zeroes will "fix" this problem (which is actu