Detecting AI-Generated Images: An Overview for Lawyers and Workplace Investigators

As an employment lawyer focusing on AI in the workplace, I've witnessed firsthand how artificial intelligence is reshaping our professional landscape. One area that demands our immediate attention is the authenticity of digital images, especially when they serve as critical evidence in legal disputes or workplace investigations. With AI tools capable of producing hyper-realistic images, distinguishing between genuine photos and AI-generated ones has become increasingly challenging.

Imagine you're handling a case where a photograph's authenticity could influence the outcome significantly. How can you determine if the image is real or a product of an AI generator like DALL-E or Midjourney? Fortunately, recent developments in legislation and technology offer ways to verify image authenticity, even for those without a technical background.

The New California Legislation: SB 942

California has taken a pioneering step to address this issue with the introduction of SB 942  Signed into law by Governor Newsom, this legislation requires generative AI systems to disclose when content is AI-generated by embedding this information into the content's provenance data, commonly known as metadata.

For example, images produced by OpenAI's DALL-E now include tags in the metadata indicating their AI origin. This move towards transparency is a crucial tool for verifying the authenticity of digital content and maintaining the integrity of legal processes.

Understanding Content Provenance with C2PA

One of the key technologies facilitating this transparency is the Coalition for Content Provenance and Authenticity (C2PA). C2PA is an open standard designed to help media consumers differentiate between genuine and manipulated or AI-generated content by embedding provenance data into digital files.

How C2PA Works

• Provenance Data Embedding: C2PA allows content creators to embed information about the origin and history of a digital file directly into the file itself.

• Verification, Not Validation: C2PA can confirm who signed the content but doesn't guarantee the truthfulness of the content itself.

• Openness and Choice: Designed to be flexible, allowing for both free and commercial solutions.

Limitations of C2PA

• Widespread Adoption Needed: For C2PA to be truly effective, it requires broad adoption across content creators and platforms.

• Trust Relationships: Users must establish trust with the content creators or organizations that sign the content.

• Not Foolproof: Malicious actors could remove or alter provenance data, or falsely sign AI-generated content as authentic.

Potential Challenges with C2PA

Malicious Actors: Someone could remove provenance data or falsely sign content, claiming it as authentic.

User Awareness: For C2PA to be effective, users must be aware of its existence and understand how to interpret the information.

Despite these challenges, as more creators adopt C2PA, users will become more confident in identifying authentic content and more cautious when provenance data is missing.

Practical Tools for Detecting AI-Generated Content

Even if you're not technologically inclined, there are user-friendly tools available to help you access and interpret provenance data.

Content Credentials

In addition to existing tools like metadata analysis, Content Credentials is an innovative solution developed by Adobe in collaboration with the Coalition for Content Provenance and Authenticity (C2PA). This open standard embeds verifiable information into the metadata of digital content, such as:

• Who created the content

• Whether generative AI tools were used (e.g., DALL-E, Midjourney)

• When and how the content was created or edited

Content Credentials provide a tamper-evident record that is cryptographically signed, meaning any changes to the content or its provenance data can be detected. If someone attempts to alter or remove these credentials, the system will indicate that the content has been modified.

Additionally, this technology supports watermarks and attribution, ensuring creators receive credit for their work, and it offers transparency about AI’s involvement in generating the content. Used in cameras like the Leica M11-P and platforms like Truepic, Content Credentials could be used as a promising tool to help legal professionals and investigators verify the authenticity of images and media.

Hive

Hive offers free AI detection tools across various media types, including text, images, videos, and audio. It can identify content created with several popular AI engines like ChatGPT, DALL-E, Midjourney, and Stable Diffusion.

• How It Works: Upload the media in question, and Hive scans it to provide a confidence score indicating the likelihood that it's AI-generated.

• Detailed Insights: It offers a breakdown of which AI model likely created the content.

• Additional Features: Hive also provides moderation tools to flag and remove spam or harmful content, which can be particularly useful for organizations managing large volumes of user-generated content.

Winston AI

Winston AI specializes in detecting AI-generated images and text.

• User-Friendly Interface: Simply upload an image, and Winston AI will analyze it to determine the probability of it being AI-generated.

• Metadata Analysis: The tool can read the embedded metadata (provenance data) to check for AI-origin tags required by laws like SB 942.

• Ideal for Non-Tech Users: Designed with simplicity in mind, making it accessible for professionals who may not have a technical background.

Step-by-Step Guide to Accessing Provenance Data Without Additional Software

You don't need specialized apps or services to view an image's metadata. Both Windows and Mac operating systems provide built-in tools to access this information. Below are detailed instructions suitable for individuals without a technical background.

For Windows Users

Step 1: Save the Image to Your Computer

• Right-click on the image in your web browser or email.

• Select Save Image As... and choose a location on your computer to save the file.

Step 2: Locate the Image File

• Navigate to the folder where you saved the image.

Step 3: Access the Image Properties

• Right-click on the image file.

• Select "Properties" from the context menu.

Step 4: View the Metadata

• In the Properties window, click on the "Details" tab.

• You'll see various fields with information about the image.

Step 5: Examine the Metadata for AI Indicators

• Look for fields like "Software,” "Creator," or "Description."

• If an AI system generated the image, you might see references such as:

• "Generated by DALL-E"

• “Created with Midjourney"

• “AI Generator: Stable Diffusion"

Step 6: Interpret the Findings

• If you find indications of AI generation in the metadata, this suggests the image may not be authentic.

• If the metadata lacks this information but you still suspect AI involvement, consider that metadata can be altered or stripped, and further investigation might be necessary.

For Mac Users

Step 1: Save the Image to Your Computer

• Control-click (or right-click) on the image. 

• Choose "Save Image As..." and select a destination folder.

Step 2: Locate the Image File

• Open Finder and navigate to the folder containing the image.

Step 3: Access the Image Information

• Control-click (or right-click) on the image file.

• Select "Get Info" from the context menu.

Step 4: View the Metadata

• In the Get Info window, expand the "More Info" section if it's not already visible.

• You'll see details about the image's properties.

Step 5: Examine the Metadata for AI Indicators

• Look for fields such as "Software," “Creator," “Description," or "Content Creator."

• Possible AI indicators include:

• "Generated by DALL-E"

• "Created with Midjourney"

• "AI Generator: Stable Diffusion"

Step 6: Interpret the Findings

• The presence of AI-related information suggests the image may be AI-generated.

• Absence of such data doesn't guarantee authenticity due to the possibility of metadata alteration.

Important Considerations

Metadata Can Be Altered: As explained more below, be aware that metadata can be edited or removed by users with the right tools. An absence of AI indicators doesn't conclusively prove the image is authentic.

File Formats Matter: Metadata is more likely to be intact in original image files (e.g., JPEG, PNG) rather than screenshots or images copied into documents.

Chain of Custody: In legal contexts, maintaining a clear chain of custody for digital evidence is crucial to ensure its integrity.

Understanding the Limitations of Provenance Data

While accessing metadata is a helpful first step, it's essential to understand the limitations:

Not Foolproof: Metadata can be stripped or manipulated. Malicious actors might remove AI indicators or falsify metadata to mislead.

Trust Relationships: Provenance data relies on trust in the entities that embed this information. Establishing the credibility of the content creator is important.

Requires Widespread Adoption: For provenance data to be a reliable tool, broad adoption across content creation platforms is necessary.

Manipulating or Erasing Provenance Data:

1. Metadata Removal (Stripping):

• How It's Done: Metadata, including provenance data, can be easily removed using basic photo editing software or specialized metadata removal tools. These tools are widely available and allow users to strip all embedded metadata from an image with just a few clicks.

• Impact: Once the metadata is removed, the image no longer contains information about its origin, creation date, or whether it was AI-generated. This makes it difficult to verify the authenticity of the image using metadata alone.

2. Metadata Alteration:

• How It's Done: Users can edit metadata fields using metadata editors or some image editing programs. They can change or falsify details such as the creator's name, creation date, software used, or any provenance tags.

• Impact: Altered metadata can mislead investigators into believing the image has a different origin or history. For example, someone could replace an AI generator's name with that of a professional camera model.

3. Falsely Signing Content:

• How It's Done: In systems like C2PA that support digital signatures, a malicious actor could sign AI-generated content using their own credentials or compromised keys from trusted entities. This falsely attributes authenticity and trustworthiness to the content.

• Impact: This deception can make forged or AI-generated images appear legitimate, potentially misleading users who rely on provenance data and digital signatures for verification.

Is There Any Way to Know This Has Been Done?

1. Absence of Expected Metadata:

• Detection: If an image lacks metadata where you would typically expect it (e.g., professional photographs usually contain metadata), this could be a red flag.

• Limitations: Many legitimate reasons exist for missing metadata. Some platforms automatically strip metadata to protect user privacy, so the absence alone doesn't confirm tampering.

2. Inconsistencies in Metadata:

• Detection: Examine any available metadata for inconsistencies or anomalies. For example:

• Mismatched dates or times.

• Unusual software names in the "Software" field.

• Creator names that don't align with the source.

• Limitations: Requires careful analysis and sometimes expertise to spot subtle discrepancies.

3. Digital Signature Verification (in C2PA):

• Detection: Use verification tools to check the validity of digital signatures attached to content.

• Verify the signature's certificate chain to ensure it's from a trusted authority.

• Check for any warnings or errors during the verification process.

• Limitations: If a signature is missing or invalid, it could indicate tampering. However, not all content will have a signature, and the lack of one doesn't necessarily mean the content is fraudulent.

4. Forensic Analysis:

• Detection: Utilize image forensics tools that analyze the image at a pixel level to detect signs of manipulation, such as:

• Error Level Analysis (ELA): Highlights areas with different compression levels.

• Metadata comparison: Checks consistency across multiple metadata fields.

• Noise analysis: Detects inconsistencies in image noise patterns.

• Limitations: These methods can be technical and may require expertise to interpret the results accurately.

5. Cross-Referencing with Original Sources:

• Detection: Compare the suspect image with versions obtained directly from original or trusted sources.

• Look for differences in metadata.

• Check for visual discrepancies.

• Limitations: Access to the original image may not always be possible.

6. Monitoring for Known Manipulation Techniques:

• Detection: Be aware of common manipulation tactics, such as:

• Cloning parts of the image.

• Splicing elements from different images.

• Using filters to obscure alterations.

• Limitations: Advanced AI-generated images may not exhibit obvious signs of manipulation.

Key Takeaways:

• Provenance Data Vulnerability: Metadata and provenance data can be easily removed or altered, which poses a significant challenge to verifying digital content's authenticity.

• Detection Challenges: There is no foolproof method to detect if metadata has been erased or manipulated, especially since legitimate content can also lack metadata.

• Multi-Faceted Approach Needed: Relying solely on metadata is insufficient. Combining metadata analysis with forensic tools, digital signature verification, and cross-referencing with trusted sources improves the chances of detecting tampering.

• Importance of Awareness: Being vigilant and knowledgeable about these manipulation methods enhances your ability to identify potential fraud.

Why This Matters for Legal and Workplace Contexts

The increasing sophistication of AI-generated content poses significant risks:

Legal Implications: Admitting an AI-generated image as evidence without verification can undermine a case and lead to wrongful judgments.

Workplace Integrity: AI-generated images can be used maliciously to defame or falsely accuse employees, leading to unjust disciplinary actions.

Reputation Management: Organizations need to protect themselves from potential fraud and misinformation that can damage their credibility.

By leveraging tools like Hive and Winston AI and understanding technologies like C2PA, legal professionals and investigators can better navigate the complexities of digital evidence in the AI era.

Conclusion

In today's rapidly evolving technological landscape, staying informed and proactive is not just an advantage—it’s a necessity. As AI reshapes both legal and workplace environments, safeguarding the integrity of the information we rely upon is paramount. By utilizing built-in tools, understanding the limitations of metadata, leveraging advanced AI detection tools, staying current with legislative developments, and promoting the widespread adoption of standards like C2PA, we can ensure a more transparent, trustworthy digital landscape for everyone.

Unlock the future of your organization with Lindsey Wagner’s expert insights on AI integration and compliance. Specializing in HR, employment law, data privacy, and upskilling strategies, Lindsey is committed to guiding businesses through the complexities of AI in the workplace. Don’t miss the opportunity to equip your team with the knowledge and tools they need to stay compliant and competitive in an AI-driven world. Book Lindsey for your next event and lead your organization confidently into the future of work!