14:58:11 RRSAgent has joined #authentic-web 14:58:15 logging to https://www.w3.org/2024/09/25-authentic-web-irc 14:58:15 RRSAgent, do not leave 14:58:16 RRSAgent, make logs public 14:58:17 Meeting: Content Authenticity and the Web 14:58:17 Chair: Daniel Appelquist 14:58:17 Agenda: https://github.com/w3c/tpac2024-breakouts/issues/70 14:58:17 Zakim has joined #authentic-web 14:58:18 Zakim, clear agenda 14:58:18 agenda cleared 14:58:18 Zakim, agenda+ Pick a scribe 14:58:19 agendum 1 added 14:58:20 Zakim, agenda+ Reminders: code of conduct, health policies, recorded session policy 14:58:20 agendum 2 added 14:58:20 Zakim, agenda+ Goal of this session 14:58:21 agendum 3 added 14:58:22 Zakim, agenda+ Discussion 14:58:22 agendum 4 added 14:58:22 Zakim, agenda+ Next steps / where discussion continues 14:58:24 agendum 5 added 14:58:24 tpac-breakout-bot has left #authentic-web 15:24:43 shigeya has joined #authentic-web 16:40:16 ryuichi9 has joined #authentic-web 18:07:18 TallTed has joined #authentic-web 18:11:03 wendyreid has joined #authentic-web 18:11:39 ohmata has joined #authentic-web 18:12:25 mustaq has joined #authentic-web 18:12:59 mustaq_ has joined #authentic-web 18:15:50 mustaq has left #authentic-web 18:16:06 gendler has joined #authentic-web 18:16:12 hober has joined #authentic-web 18:16:17 cwilso has joined #authentic-web 18:16:23 betehess has joined #authentic-web 18:16:23 kaz has joined #authentic-web 18:16:23 Andante has joined #authentic-web 18:16:26 DKA has joined #authentic-web 18:16:26 present+ 18:16:27 estark has joined #authentic-web 18:16:27 present+ 18:16:31 present+ 18:16:37 present+ Kaz_Ashimura 18:16:38 dsinger has joined #authentic-web 18:16:38 annette_g has joined #authentic-web 18:16:39 kuriyama3 has joined #authentic-web 18:16:41 kenneth has joined #authentic-web 18:16:42 wschi has joined #authentic-web 18:16:43 tzviya8 has joined #authentic-web 18:16:47 mt has joined #authentic-web 18:16:48 present+ 18:16:53 present+ 18:16:56 ora has joined #authentic-web 18:16:56 scribe+ 18:16:58 Jay has joined #authentic-web 18:17:00 present+ 18:17:03 mustaq has joined #authentic-web 18:17:05 present+ Wolfgang Schildbach 18:17:07 present+ 18:17:12 Max has joined #authentic-web 18:17:14 present+ 18:17:14 present+ 18:17:16 mt has changed the topic to: The Inauthentic Web is the Best Web 18:17:29 DKA: I don't have slides prepared, beyond what was written in the proposal for the breakout 18:17:32 present+ 18:17:35 kazho has joined #authentic-web 18:17:36 agenda: https://github.com/w3c/tpac2024-breakouts/issues/70 18:17:39 present+ 18:17:56 ... the idea here, is to try and think about this in terms of scoping a workshop that we might run next year on the topic of web aquthenticity 18:18:18 ... as many may be aware, we have a problem on the web with misinformation, disinformation, intentional or unintentional 18:18:23 hiroki_endo has joined #authentic-web 18:18:30 Bert has joined #authentic-web 18:18:31 cpn has joined #authentic-web 18:18:32 ... increasingly sophisiticated tools to create photorealistic imagery 18:18:41 present+ Chris_Needham 18:18:41 HXavier has joined #authentic-web 18:18:42 ... static images and video of people, doing or saying things they did not 18:19:08 cc has joined #authentic-web 18:19:15 ... we also have a proliferation of tools that people are using on the devices they buy, that allow them to use sophisticated tools to edit and adapt their content 18:19:23 ivan has joined #authentic-web 18:19:23 ... it's difficult to know what is real, and what is not 18:19:37 present+ 18:19:41 prisent+ 18:19:47 ... the high level topic, what role can web technologies, W3C, play in tackling this problem? 18:19:52 ... at its heart, there is a social issue here 18:19:53 btriebw has joined #authentic-web 18:19:54 present+ 18:19:57 present+ Kazuhiro_Hoya 18:20:07 ... like many things we focus on here, security, privacy, accessibility 18:20:17 ... we can look at things from the platform level 18:20:20 I trust all have awareness of https://www.w3.org/community/credibility/, https://www.w3.org/groups/wg/vc/, and the general applicability of cryptographically signing documents 18:20:30 ... some of the remedy is at the social, legislative, regulatory level 18:20:34 ... out of scope for us 18:20:52 ... we need to be aware of the regulatory landscape as well 18:20:53 ... that's my opening 18:20:59 s/prisent/present/ 18:21:05 q+ to present publisher perspective 18:21:16 lambda has joined #authentic-web 18:21:21 q+ to comment on a long-standing tension 18:21:25 ... just for disclosure, my day job is with Samsung as a contractor, part of that work is in C2PA, content authenticity 18:21:43 ... a particular kind of digital watermarking technology, I want to disclose my biases, 18:21:50 q+ 18:21:58 ... I don't want to bring my biases into this session, I want to focus more broadly on what we can do here 18:22:01 igarashi has joined #authentic-web 18:22:04 ... makes sense? 18:22:07 present+ 18:22:08 q? 18:22:09 q+ 18:22:33 ack gendler 18:22:33 gendler, you wanted to present publisher perspective 18:22:41 gendler: Speaking in my capacity as AC rep for NewsCorp, thanks Dan for putting this together 18:23:05 ... I'd like to present one publisher's perspective on this problem, a general perspective, this doesn't represent all publishers 18:23:09 chike has joined #authentic-web 18:23:20 ... Dan's comment on societal issues on trust and misinformation, incredibly important to think about 18:23:37 ... there's any number of groups that would love to take on solving trust on the internet at a human level 18:23:41 ... bigger than we can solve 18:23:55 ... that also applies to solutions that may try to cover all types of content, all domains 18:24:17 ... in my experience and conversations with others, tailored solutions to individual formats tend to be much more solveable and useful to publishers 18:24:29 ... Dan mentioned C2PA, it focuses on questions of image provenance 18:24:35 ... useful to publishers in many contexts 18:24:40 gerald has joined #authentic-web 18:24:43 ... it doesn't solve all issues with images 18:24:54 q? 18:24:57 ... similarly there are domain-level solutions that solves some problems for us, but not all 18:25:27 ... I recommend we avoid trying to solve for one solution, there is not a single solution to this, we need to give space to multiple things 18:25:38 ... maybe multiple workshops, more focused on specific areas 18:25:40 ack dsinger 18:25:40 dsinger, you wanted to comment on a long-standing tension 18:25:42 q? 18:25:59 dsinger: Personal opinion, one of the low-hanging fruits in authenticity, citing sources 18:26:06 ... we can do this with URLs, linking to places 18:26:12 ... bumps into modern problems 18:26:22 ... deep-linking, it's complex 18:26:39 ... and many sites aren't statically instructed, finding a stable URL may be hard to find 18:26:42 ... or not exist 18:26:48 q? 18:26:52 ... just being able to cite something, before anything else, is hard 18:27:01 ack tallted 18:27:26 +1 to awareness of past work 18:27:29 TallTed: It's important if this is going to be a workshop on this, people be familiar with Cred Web CG and ??? 18:27:37 ... this has been going on for some years now 18:27:52 ... being able to say definitively "entity x emitted this thing" 18:27:58 ... two perspectives on the importance of this 18:28:01 +1, and I forgot to mention OP is using VC standard in our previous session. 18:28:05 ... the publishers' perspective 18:28:07 hadleybeeman has joined #authentic-web 18:28:13 ... and the consumers', more valid and more important 18:28:15 W3C Credible Web Report https://www.w3.org/2018/10/credibility-tech/ 18:28:27 ... I need to be able to know who said this thing, so I can trust them in future 18:28:47 ... when consuming things, there are varying levels of trustworthiness, being able to publish and affirm trustworthiness 18:28:49 I think the "???" above was Verifiable Credentials WG? 18:29:03 ... not trivial, it's a decade-long conversation 18:29:05 +1 to tangle! 18:29:05 ack mt 18:29:08 s/????Verifiable Credentials WG 18:29:08 q? 18:29:28 mt: This is a challenge in that the web as a whole has been in an epistemilogical crisis for a long time 18:29:43 ... society grapples with these questions since forever 18:29:50 s/???/Verifiable Credentials WG 18:30:00 ... people point to tools, social media, AI, each creates the same crisis 18:30:08 ... this is not something that the web can do easily 18:30:20 ... C2PA is maybe not suited for this purpose, but I'll do that later 18:30:31 ... we need to determine the problem to be tackled 18:30:31 s/web can do/w3c can do/ 18:30:40 ... a single workshop will not solve authenticity 18:30:49 ... a single workshop would need to look at a specific problem 18:30:52 +1 to scope of workshops, thus my point about multiple workshops likely being the right approach 18:30:58 ... scope seems not determined yet 18:30:58 q+ to respond to martin 18:31:09 ... each person who has spoken has cited a slightly different problem 18:31:17 ack tzviya8 18:31:20 tzviya: I think a lot of excellent points have been made 18:31:23 ack tzviya 18:31:23 tzviya, you wanted to respond to martin 18:31:33 ... I agree with Martin, any change that comes will need to be incremental 18:31:43 bigbluehat has joined #authentic-web 18:31:49 ... one thing Ted mentioned is looking at this from the eyes of the user, and that is important 18:31:56 present+ 18:32:03 ... we have looked at things from the development perspective for a long time 18:32:17 q? 18:32:33 ... we can look at it like "content comes from x", some publications have resources like the Pinocchio Radar 18:32:41 ... fact-checking, we assume publications do it 18:32:42 q+ 18:32:47 ... we assume, doesn't mean it works! 18:33:05 ... I provided a link to the report from the Credible Web CG, it is useful 18:33:23 ... we won't eliminate bad actors, but we can look at ways to inform 18:33:37 ... "this was produced by AI", "this article was peer-reviewed" 18:33:52 carlosj has joined #authentic-web 18:33:52 ... the idea of having a workshop to get into a room to discuss the problems 18:34:01 DKA: One of the discussions on scope is the user needs 18:34:06 q+ 18:34:22 ... in the TAG, we get a lot of submissions or requests to look at different specifications 18:34:28 me gendler, I find it encouraging that you think I make perfect decisions 18:34:32 ... we often push back with "what is the user need?" 18:34:36 q? 18:34:38 ... we need to really focus on the user need 18:34:41 q+ 18:34:51 DKA: That would be a starting point for me 18:34:57 ack bigbluehat 18:34:58 s/me gendler...// 18:35:06 bigbluehat: One of the key words is "authenticity", but half of what we have said is about "trust" 18:35:13 q? 18:35:16 ... authenticity we can provide, trust is subjective 18:35:23 ... the web as constructed now is not authentic 18:35:26 +1 bigbluehat 18:35:30 +1 18:35:40 q+ 18:35:42 ... we publish in other entitities' platforms, it's a mess, things can disappear or move 18:36:00 ... trying to quantify trust as a deliverable is hard, but we can't create trust without authenticity 18:36:07 ... the internet is a conman's game 18:36:34 DKA: I'd like to put cpn on the spot, I live in the UK, one of the bright spots in verification sides is BBC verify 18:36:42 ... is there a BBC perspective to this? 18:36:55 cpn: About to repeat what I said in a earlier session 18:37:02 ... there's a few aspects to this 18:37:06 ... trust is a social problem 18:37:10 this also calls out for general use of DIDs, across publisher sites. reddit-style up/down-votes are also strongly relevant. crowd-sourced judgement of authenticity/credibility is imperfect, but consumers can at least choose which crowd they look to for such judgement. 18:37:15 lgombos has joined #authentic-web 18:37:21 ... one of the specific problems we have is impersonation 18:37:37 ... if you go to our website, there's verification of who we 18:37:44 ... when we publish to social channels, other platforms 18:37:49 q+ 18:37:52 q? 18:38:00 ... in that context, there are creators that use our branding and purport to be us 18:38:08 ... it looks like the BBC, but is it them? 18:38:21 ... I can't speak to the end user experience, but as an org it's problematic 18:38:42 ... to have some kind of affordance that allows users to be able to see it comes from where it claims to 18:38:57 q? 18:38:58 ... one of the key things where we are looking at a solution 18:39:10 q+ 18:39:13 Wonsuk has joined #authentic-web 18:39:14 ... technology can help with this, traceability to original sources 18:39:18 q? 18:39:24 ... can be applied to all kind of creators, orgs 18:39:26 q- 18:39:27 ack c 18:39:32 re: "traceability to original sources" == PROVenance 18:39:36 ack martin 18:39:38 ack mt 18:39:51 mt: A little while ago there was a news story about an org encouraging people to put glue on their pizzas 18:40:12 ... it was traced back to a reddit user 18:40:21 ... when people ask for authenticity in these settings, its a judgement call 18:40:38 ... that person was probably being their authentic self, their alias let them do that 18:40:47 ... and they made the world a beautiful place as a result 18:41:19 ... when we talk about building systems in this, when we allow someone to make a decision about what is or is not authentic, it has consequences 18:41:29 DKA: Are you arguing in favour of anonymity? 18:41:47 q+ chaals 18:41:53 mt: This is a problem that I see these systems creating 18:42:06 ... in medicine, there are no side effects, only effects 18:42:19 hober: Most humans don't know the difference between the web and the internet 18:42:25 q+ to mention the Berlin AC talk, and what we believe to be true 18:42:29 ... my question, what is specifically about the web here? 18:42:52 q? 18:43:02 ... there are methods on the internet, but what is it about the web architecture that might address tthis? 18:43:02 q+ 18:43:11 ... what comes to mind if the user agent, it's unclear to me what the appetite would be for the user agent? 18:43:12 +1 uniqueness of exitsence of user-agent 18:43:16 DKA: It's a question of scope 18:43:20 ... I agree with that 18:43:38 ... the origin of content, the web site, is something we've talked about in the TAG 18:43:42 ... a whole finding about this 18:43:42 +1 hober, but I will note workshops are happening in the IETF space as well on similar topics 18:43:57 ... the importance of the user agent to be able to surface the origin 18:44:12 ... you know the article is coming from BBC because you can see the chain of trust 18:44:19 q+ 18:44:20 ... the user agent surfaces that to the user 18:44:21 see PROV-O: The PROV Ontology — https://www.w3.org/TR/prov-o/ 18:44:26 ack 18:44:32 ... I see it in that vein 18:44:45 ... what else could we do to support authenticity with those kind of tools? 18:44:50 ack hober 18:45:05 ... what can the user agent do to provide the user help navigating the web? 18:45:08 q- 18:45:16 +1 dka 18:45:22 ... more importantly, the browser can signal to you when something is suspect 18:45:29 ... are there similar mechanisms 18:45:31 q? 18:46:10 Hadley: The only thing I was going to add is that there are already UAs that discriminate on domain 18:46:23 ... whitelist or blacklist domains, surface with a warning or block 18:46:31 ... there are other things along those lines to explore 18:46:37 ... as the users' representative on the web 18:46:39 ack iga 18:47:09 igarashi: Personal view, relating to the discussion of user agent, we think of more than just the UA consumption use case 18:47:35 Jake has joined #authentic-web 18:47:37 ... the content is not just used by the browser, there is scraping, web content authenticity in the broad scope, how to prove provenance 18:47:55 ... is the content retreived from the right place, this should be considered 18:47:55 +1 to the issues that Igarashi is raising, but to hober's point, I think crawler issues are best handled from an Internt infrastructure level, not a web level, happy to hear arguments though 18:47:57 ack chaa 18:48:36 chaals: The US has this central role for the user, the web is a web of content, I'm concerned about talking about what the UA will do 18:48:48 cc has joined #authentic-web 18:48:56 q? 18:48:59 ... most of us use one of a few UAs, and trust it with our lives, and I'm not sure if that is a pattern we should be reinforcing exclusively 18:49:14 ... looking at how content itself can contain it's own provenance 18:49:28 louay has joined #authentic-web 18:49:31 ... came from thinking about what was said earlier, it's important to trace back the content to its source 18:49:40 q+ on traceability and publisher norms 18:49:52 Present+ Louay_Bassbouss 18:50:03 ... I want to be certain that the scope of what we do enables individuals and large entities the same abilities 18:50:14 present+ 18:50:17 ... the chain of authenticity needs to be feasible for all 18:50:20 present+ 18:50:28 +1 chaals 18:50:56 ... think of those two things, making sure we're not relying on the UA to mediate this, and not enabling only large entities to use this system 18:50:59 ack ds 18:50:59 dsinger, you wanted to mention the Berlin AC talk, and what we believe to be true 18:51:02 DKA: +1 18:51:19 dsinger: We had a panel session at the AC meeting a long time ago, with publishers 18:51:33 ... we mentally tried to distinguish between authenticity and truth 18:51:36 ... but they are entwined 18:51:50 ... much of what we think is true is based on what is told to us from people we trust 18:51:58 ... built on trust and authenticity 18:52:03 q+ mnot 18:52:22 TallTed: I think what I am hearing is a quest towards best practice 18:52:27 true and trust of content should be handled differently from authencity. 18:52:29 ... applying things we have already built 18:52:33 ... provenance ontology 18:52:47 ... I wrote this, it was edited by this person, then broadcast here 18:52:52 ... no one uses it, it's not easy to use 18:53:00 ... it's not built into tools, but it ought to be 18:53:13 ... it's a user focused question, and there are two users, readers and publishers 18:53:35 ... most of us consume most of our information through the UA, and the UA can tell us if the TLS connection is solid 18:53:49 ... the chain that matters is who originated what is presented to me 18:53:53 cc has joined #authentic-web 18:53:59 kleber has joined #authentic-web 18:54:00 q? 18:54:02 ... and what happened along the way to get it from originator to me 18:54:05 ack tallted 18:54:06 q+ to respond to ted 18:54:24 ... reading CNN vs the Onion, when the Onion tells me what is going on in the world is a bad day 18:54:50 ... but when I see it on CNN, I need to trust it, it needs to be visible to the consumer 18:55:02 ... the ease of this is vital 18:55:04 q? 18:55:22 ... reddit lets you up and down vote, I build credibility, and people see that 18:55:28 q+ 18:55:32 ... it's not easy to do 18:55:53 ack gendler 18:55:53 [room bursts with love for cat] 18:55:54 gendler, you wanted to comment on traceability and publisher norms 18:56:09 gendler: There's a couple of things here we touched on in terms of publisher norms 18:56:19 ... things publishers have learned to do from years of publishing 18:56:32 hirata has joined #authentic-web 18:56:40 "A Modest Proposal".... 18:56:41 ... it should be as easy for individuals and publishers to follow the chain, access the chain 18:56:55 ... there's a perception publishers have special tools, we don't, they're people 18:57:04 ... anything we build should be in service of people 18:57:10 +1 to people first 18:57:22 ... tracing back to where things came from, publishers have an obligation to each other 18:57:48 ... if you publish something on CNN, and we report, you say something like "[fact], as reported first by CNN" 18:58:03 ... it not just applies to publishers, it applies to sources 18:58:10 q? 18:58:13 ... when we can cite them, we do, and it builds on the chain 18:58:21 ... we can learn from these practices 18:58:34 ... publishers aren't perfect, but these practices are informative to the problem 18:58:40 ack mnot 18:58:54 mnot: I missed the first bit so apologies if I repeat anyone 18:59:12 ... there are a lot of policymakers making assertions like "if we had this we could solve problem" 18:59:22 ... and the problem is misinformation 18:59:39 ... we need to make it clear that technology won't solve all the problems 18:59:43 ... temper expectations 18:59:47 ack cpn 18:59:47 cpn, you wanted to respond to ted 19:00:01 cpn: I wanted to speak to what Max and Ted mentioned, the chain of information 19:00:16 ... BBC verify was mentioned, what we've been doing is trialling C2PA 19:00:25 q+ chaals 19:00:34 ... when we publish a video clip in an article, we have a dropdown that appears that outlines the checks we've done 19:00:40 ... showing user-generated content 19:01:05 ... showing this information on the origin of the content, or changes we've made before publication 19:01:10 ... the user research we've done shows it does increase user trust 19:01:13 q+ 19:01:31 cpn: What we've done increases the perception of trust 19:01:44 ... we've applied C2PA to properly bind the checks to the asset 19:01:50 q+ 19:02:05 Breaking the reputation silos is also key -- my (in)credible/(un)trusted/(de)valued reddit votes might/should mean that my YouTube votes are granted greater (or lesser) weight, and thence on RandomNewsSite, etc. Back to the need for pseudonyms and/or DIDs and the like. 19:02:13 ... we haven't yet done a study of this outside of C2PA, seeing similar content elsewhere or outside the context of our site 19:02:21 ack ann 19:02:40 annette_g: I wanted to highlight we're getting different solutions from different levels of the stack 19:02:53 +100 annette 19:02:57 ... it's a sign in my experience that this is something that needs to be tackled in depth 19:03:09 ... I would urge us to avoid dismissing any part of the stack 19:03:32 q? 19:03:35 ... concern about user agents and reliance on them, I think it's important to be mindful, but UAs are fundamental to interaction with the web 19:03:51 ... on a different level, there's a proposal for trust.txt, similar to robots.txt 19:03:53 ... trusted domain 19:04:00 q+ to talk about trust.txt 19:04:07 ... media provenance, media file itself may have identifying information 19:04:08 q? 19:04:19 ... being aware that the solution is complex and no single solution 19:04:25 ... like climate change 19:04:37 ack gendler 19:04:37 gendler, you wanted to talk about trust.txt 19:04:42 gendler: Want to start by +100 to annette_g 19:04:44 q? 19:04:51 ... a little bit of context on trust.txt 19:04:57 ... it was presented to publishers in the US 19:05:08 ... it does present information in a user legible way 19:05:08 *Really* addressing this will be a multi-year process, involving the browser vendors, and the OS vendors, and the large publishers, and the large hosts of small publishers, and the individual vanity website publisher, etc. This is not a problem space that's suited to (even partial) solution by a 2 year WG nor a 10 year CG. 19:05:22 ... publishers were skeptical because it was only a solution relating to reputational verification 19:05:31 ... others like you agree with you that you're a good publisher 19:05:40 ... there are useful things to learn 19:05:51 ... but we need to be mindful of first factor effects 19:06:00 ... there are knock-ons for business models all over 19:06:01 +1 19:06:18 chaals: I said I don't want UAs to be the centre of this, but they are important 19:06:25