No Fakes Act Fingerprinting Threatens Open Source

The No Fakes Act proposes a mandatory 'fingerprinting' system for digital content to prevent unauthorized use of a person's likeness or voice. While the goal is to stop deepfakes, the technical implementation raises severe issues for open source Artificial Intelligence (AI). The legislation mandates that all digital content carry a hidden signal indicating its origin and usage rights.

The core problem lies in how this requirement interacts with AI training data. Open source AI models are trained on massive datasets scraped from the internet. If this data includes fingerprinted content, the resulting AI model effectively absorbs that fingerprint. Under the proposed law, distributing a model that contains these protected fingerprints could be treated as trafficking in counterfeit goods. This creates a legal minefield for developers who cannot guarantee their training data is 100% free of such embedded signals. The result is a de facto ban on open source AI, as the liability risk becomes unmanageable for individuals and small organizations.

The No Fakes Act relies on a technical standard for content verification. This standard embeds an invisible 'fingerprint' into audio and video files. This fingerprint is designed to be persistent, surviving editing, compression, and re-uploading. The intent is to allow rights holders to track their content and prove ownership or unauthorized use.

However, the mechanism creates a trap for machine learning models. When an AI model is trained, it learns patterns from the input data. If the input data contains these persistent fingerprints, the model learns to recognize and potentially reproduce those patterns. Legally, this means the model itself contains the proprietary data.

The legislation effectively makes the AI model a carrier of the protected 'fingerprint'. This transforms the open source model into a vector for potential infringement, regardless of the model's actual capabilities or the developer's intent.

Open source AI development relies on the freedom to use, modify, and distribute code and models. The No Fakes Act undermines this by introducing legal uncertainty. Developers of open source models, such as those found on platforms like Reddit communities or LocalLLaMA, operate with limited resources. They lack the legal teams necessary to navigate complex copyright landscapes.

The requirement to filter out fingerprinted data is technically impossible for most open source projects. The internet, the primary source of training data, would be flooded with fingerprinted content. A developer cannot reasonably be expected to scrub every byte of data of these hidden signals.

This leads to a chilling effect on innovation:

• Liability Risks: Developers face lawsuits for distributing models that inadvertently contain fingerprints.
• Barriers to Entry: Only large corporations with massive legal and technical resources can comply with the regulations.
• Censorship: Models may be forced to block queries or refuse to generate content that resembles fingerprinted data, limiting utility.

The No Fakes Act disproportionately benefits large technology corporations. Companies like those involved in Y Combinator startups or big tech giants have the capital to license content or build proprietary datasets that are compliant with the fingerprinting mandate. They can afford to implement rigorous filtering systems and absorb the cost of potential litigation.

In contrast, the democratization of AI through open source is threatened. The 'fingerprinting' trap ensures that the most powerful AI models remain under the control of entities that can navigate the regulatory hurdles. This centralization of AI power contradicts the ethos of the open source movement, which seeks to make advanced technology accessible to everyone.

By making open source distribution legally perilous, the act effectively hands the future of generative AI to a select few gatekeepers.

The No Fakes Act presents a significant challenge to the future of open source AI. While the protection of individual likeness is a valid concern, the proposed 'fingerprinting' mechanism creates a technical and legal trap. It renders the distribution of open source models effectively illegal due to the inability to filter training data.

This legislation threatens to stifle the innovation and accessibility that define the open source community. Without a clear exemption for open source AI or a technical solution that does not penalize model training, the act risks killing the very ecosystem that drives rapid advancement in the field. The debate highlights the urgent need for nuanced legislation that balances protection with the freedom to innovate.