• Antitrust Policy Notice: Attendees are reminded to adhere to the meeting agenda and not participate in activities prohibited under antitrust and competition laws. Only members of ToIP who have signed the necessary agreements are permitted to participate in this activity beyond an observer role.
• New Members:
  • Jesse Carter is a developer at CIRA.

Drummond will report on his lunch with Eric Scouten, Senior Engineering Manager on Adobe's Content Authenticity Initiative, to discuss forming the X.509 VID Task Force.

Also note this event to which Eric is inviting members of the ToIP community: 

CAI Symposium 2023, Thursday 07 December, Stanford University.

APAC:

Daniel Bachenheimer mentioned that the idea of applying CAI to biometrics such as headshots as one form of protection against fakes.

Jo Spencer pointed out the Leica camera post about the first camera that produces a C2PA aligned credential: 

• https://www.thephoblographer.com/2023/10/26/leica-m11p-review-money-can-buy-happiness/
• https://leica-camera.com/en-US/news/partnership-greater-trust-digital-photography-leica-and-content-authenticity-initiative
• ""Each image includes a forgery-proof signature that documents essential information such as camera model, manufacturer and image content."

Drummond Reed Wenjing Chu 

This week President Biden issued the Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence. It includes this directive:

• Protect Americans from AI-enabled fraud and deception by establishing standards and best practices for detecting AI-generated content and authenticating official content. The Department of Commerce will develop guidance for content authentication and watermarking to clearly label AI-generated content. Federal agencies will use these tools to make it easy for Americans to know that the communications they receive from their government are authentic—and set an example for the private sector and governments around the world.

Wenjing will provide some perspective as chair of our AI & Metaverse Task Force. He agreed that content authenticity is a critical piece of the puzzle and is the "low hanging fruit" for hooking into what we do. He pointed out that the LF C2PA (Linux Foundation Coalition for Content Provenance and Authenticity (C2PA.org) project) produces the standards that the Content Authenticity Initiative (CAI) implements. He clarified that there are different approaches to content authenticity for different media types. He recommended that if we have specific ways that the ToIP stack can be applied to providing content authenticity, we should focus on those as there is high demand for working solutions.

He recommends joining the AI & Metaverse Task Force to discuss where we can put ToIP to work on this problem space.

For anyone who has not seen how the CAI logo works, watch this: https://contentcredentials.org/. 

Kyle Robinson made the point that AI content can still be "authentic". 

Sam Smith shared https://www.theverge.com/2023/10/31/23940626/artificial-intelligence-ai-digital-watermarks-biden-executive-order and https://arxiv.org/pdf/2310.00076.pdf about how easy it is to defeat watermarking content.  The only proof of authenticity that will work is strong digital signatures.

Jim StClair said that the Executive Order follows several years of NIST working on AI risk management. So this is rushed out.

Drummond Reed observed that overall, the rapidly growing industry concern about the impact of AI on cybersecurity and cyberfraud is very significantly increasing interest in ToIP and our solutions. So we need to move as quickly as possible to take advantage of this.

APAC:

Eric Drury confirmed that in Asia, it is also a massive problem due to all the scams and the fact that Southeast Asia is a major source of those businesses. 

Eric added: "These guys are also working on content authenticity and provenance:
https://www.openorigins.com/online-media."

Jo Spencer affirmed the same thing in Australia. He presented at the Scam Summit in August on how verifiable credentials can help. Payment systems in particular need the help.

Daniel Bachenheimer confirmed the same from Accenture customers. The demand for authenticity is only growing.

Eric Drury said that there is a call to lock down the archives now, or they will get "polluted" in a way that will make it very hard to verify in the future. https://pressgazette.co.uk/publishing-services-content/to-protect-future-newsrooms-from-ai-fakery-we-must-first-protect-the-past/

Jo Spencer pointed out that the long-term storage of data that is signed is an issue because of key rotation and storage.

Drummond Reed used the analogy of building a civilization with wood and nails, which works fine for small scale and early development, but for serious larger scale civilization, you need concrete and steel. That's the migration we need to go through here from centralized and federated identity and trust systems to the full-strength decentralized digital trust infrastructure that we are building with ToIP.