Google bans deepfake generating AI from Colab
Colaboratory, or Colab for short, spun out from an internal Google Research project in late 2017. It’s designed to allow anyone to write and execute arbitrary Python code through a web browser, particularly code for machine learning, education and data analysis. For the purpose, Google provides both free and paying Colab users access to hardware including GPUs and Google’s custom-designed, AI-accelerating tensor processing units (TPUs).
In recent years, Colab has become the de facto platform for demos within the AI research community. It’s not uncommon for researchers who’ve written code to include links to Colab pages on or alongside the GitHub repositories hosting the code. But Google hasn’t historically been very restrictive when it comes to Colab content, potentially opening the door for actors who wish to use the service for less scrupulous purposes.
Not all code triggers the warning. This reporter was able to run one of the more popular deepfake Colab projects without issue, and Reddit users report that another leading project, FaceSwap, remains fully functional. This suggests enforcement is blacklist — rather than keyword —based, and that the onus will be on the Colab community to report code that runs afoul of the new rule.
Archive.org data shows that Google quietly updated the Colab terms sometime in mid-May. The previous restrictions on things like running denial-of-service attacks, password cracking and downloading torrents were left unchanged.
Deepfakes come in many forms, but one of the most common are videos where a person’s face has been convincingly pasted on top of another face. Unlike the crude Photoshop jobs of yesteryear, AI-generated deepfakes can match a person’s body movements, microexpressions and skin tones better than Hollywood-produced CGI in some cases.
Deepfakes can be harmless — even entertaining — as countless viral videos have shown. But they’re increasingly being used by hackers to target social media users in extortion and fraud schemes. More nefariously, they’ve been leveraged in political propaganda, for example to create videos of Ukrainian President Volodymyr Zelenskyy giving a speech about the war in Ukraine that he never actually gave.
From 2019 to 2021, the number of deepfakes online grew from roughly 14,000 to 145,000, according to one source. Forrester Research estimated in October 2019 that deepfake fraud scams would cost $250 million by the end of 2020.
Os Keyes, an adjunct professor at Seattle University, applauded Google’s move to ban deepfake projects from Colab. But he noted that more must be done on the policy side to prevent their creation and spread.
“The way that it has been done certainly highlights the poverty of relying on companies self-policing,” Keyes told TechCrunch via email. “Deepfake generation should absolutely not be an acceptable form of work, well, anywhere, and so it’s good that Google is not making itself complicit in that … But the ban doesn’t occur in a vacuum — it occurs in an environment where actual, accountable, responsive regulation of these kinds of development platforms (and companies) is lacking.”
Others, particularly those who benefitted from Colab’s previously laissez faire approach to governance, might not agree. Years ago, AI research lab OpenAI initially declined to open source a language-generating model, GPT-2, out of fear that it would be misused. This motivated groups like EleutherAI to leverage tools including Colab to develop and release their own language-generating models, ostensibly for research.
When I spoke to Connor Leahy, a member of EleutherAI, last year, he asserted that the commoditization of AI models is part of an “inevitable trend” in the falling price of the production of “convincing digital content” that won’t be derailed whether or not the code is released. In his view, AI models and tools should be made widely available so that “low-resource” users, especially academics, can gain access to better study and perform their own safety-focused research on them.
We’ve asked Google whether it plans to make exceptions to the new deepfake policy for research. We’ll update this article if we hear back.