AI companies including OpenAI, Alphabet and Meta Platforms have made voluntary commitments to the White House to implement measures such as watermarking AI-generated content to help make the technology safer, President Joe Biden announced on Friday.
OpenAI, Alphabet, Meta, Anthropic, Inflection, Amazon, and Microsoft committed to developing a system to "watermark" all forms of content, from text, images, audios, to videos generated by AI so that users will know when the technology has been used.
Of course the watermark will only apply to their consumer versions of things, maybe their business things, and absolutely none of their government or internal things.
The watermark would likely be comprised of a few different methods to embed marker pixel sets that would be difficult/impossible to see in addition to ones that are visible. Think printed currency. I’m not saying there won’t be an arms race to circumvent it like drm, or bad actors who counterfeit it, but the work should be done to try to ensure some semblance of reliability in important distributed content.
It's possible for AI generated text to be made such that detection is straight-forward, due to probability of word selection. https://youtu.be/XZJc1p6RE78
This is going to need to happen anyway if these companies want to differentiate between human generated and ai generated content for the purposes of training new models
LLMs choose words based on probabilities, i.e. given the word "blue", it will have a list of words and probabilities that those words should follow "blue". So "sky" would be a high probability, "car" might also be quite high, as well as a long list of other words. The LLM chooses the words not by selecting whatever has the highest probability, but with a degree of randomness. This has been found to make the text sound more natural.
To watermark, you essentially make this randomness happen in a predefined way, at least for cases where many different words could fit. So (to use a flawed example), you might make it so that "blue" is followed by "car" rather than "sky". You do this throughout the text, and in a way that doesn't affect the meaning of the text. It is then possible to write a simple algorithm to detect whether this text was written by an AI, because of the probability of different words appearing in particular sequences. Because its spread throughout the text, it's quite difficult to remove the watermark completely (although not impossible).