Authenticity by Design 
What if we could embed provenance data throughout the lifecyle of a media asset?
Media Authenticity
At the conception of Starling Lab in 2018, we recognized a growing deficit in media quality. Society depends on systems that lack digital markers to establish the authenticity of content. That is when we came up with Authenticity by Design and started implementing this holistic set of strategies and organizational principles.
Society is now realizing the need to defend authenticity amid a decline in public trust, which is exacerbated by social issues like denialism and technologies like generative AI. In the early 21st Century, information systems were built for short-term goals like monetization, distribution, engagement, and ease of use. The tech industry continues to make substantial investments in each of these. Building trust into these systems requires an equally intentional approach.
Starling Lab has shown a path forward using Authenticity by Design, our holistic set of strategies and organizational principles that must be prioritized early in system development. It empowers organizations to establish trust in their data, and has been demonstrated in our projects and taught in courses at Stanford University.
The Problem
It’s getting harder to trace the origins of media we encounter on a daily basis. There is no universal method for attributing digital works to their creators. Worse, popular platforms routinely strip media of its metadata. With every share, tracing back to the source is more arduous.
The net result: no helpful context around content, rife inauthentic viral media, and frequent misattribution.
Our Approach
For decades, organizations have recognized that the best way to ensure privacy – for their customers or citizens – is to prioritize it in every phase of their activities. This led to Privacy by Design and the Fair Information Practice Principles.
With this inspiration, Authenticity by Design calls for a similar approach to information integrity.
Starling Framework
Our foundational methodology is the three-step Starling Framework. Our Lab applies this end-to-end thinking to authenticate assets and metadata across the entire lifecycle of information systems. It applies to any type of digital record.
Capture
We bind authenticity metadata to an asset as close as possible to the moment it’s created. We team up with world-class partners who develop hardware and applications to help verifiably capture data in a number of ways.
Store
We leverage tamper-evident data structures and decentralized technology to build distributed data collections. We verifiably demonstrate integrity over time with tamper-evident preservation techniques.
Verify
We create audit trails that surface expert attestations and cryptographic evidence of integrity, allowing audiences to evaluate the evidence for themselves, and embrace both human and technological approaches.
Principles
In every line of code that a computer programmer writes, they’re sending a set of instructions to a processor. But at the same time, the programmer is also coding ethics, morals, and even civics into what they write.
Authenticity by Design places tools and ethics on a level playing field. It aims to be inclusive, and bring as many people into the process who can help us design the right way to build and implement these tools.
Integrity
A piece of digital content should be cryptographically signed and stored using a tamper-evident data structure. If compromised, there should be a clear alert indicating why validation failed.
Privacy
Establishing authenticity should not sacrifice user privacy. Creators and publishers should use pseudonymous tools to first establish the integrity of digital content and provenance, and, separately, at a time of their choosing, disclose the underlying content once it is safe to do so.
Verifiability
Integrity of a digital asset should be verifiable through either embedded authenticity data or decentralized systems. In order to empower audiences to assess the trustworthiness of the assets for themselves, data and design must be accessible and easily understood.
Persistence
Digital content should have copies stored in multiple independent locations. An asset should not be lost due to time, neglect, or obsolescence.
Accountability
Digital integrity should be governed by reputational systems to help users determine the reliability of assessments or services. These systems should be pluralistic to account for multiple points of view and also mechanisms for consensus.
Anyone can adopt these principles. By prioritizing them during early-stage decisions, we can develop secure, effective ways of building trust in the authenticity of digital content, and build systems that leverage richer, more trustworthy data.
Design Questions
Dictionaries and even research by psychologists point to several kinds of authenticity. In a digital realm, authentic data is a trustworthy and reliable representation of the original.
A photograph’s authenticity markers often include common metadata like date, time and GPS location. Some images may require more sophisticated information like shutter speed or lens focal length.
Storing information or registering it with one central authority requires absolute trust in that authority. This exposes your data’s authenticity to extreme risk.
Regardless of whether the details are public or encrypted, multiple registrations make your data’s authenticity more resilient. Instead of requiring trust, consider how to make a system “trustless”.
Sometimes minimum amounts of information should be collected to avoid privacy infringement or surveillance. Commit to doing no harm. A lack of authenticity metadata may not mean an asset is inauthentic.
Authentication can be done at any time, including attestations added later by original witnesses. But early authentication can improve trust, including shifting your root from software to firmware to hardware – even in-sensor.
Embracing diverse perspectives and building from the bottom-up ensures consideration for participants with varying technological capabilities. Broadening and diversifying the participants making attestation adds assurances.
Self-provisioned identity can facilitate pseudonymous participation, but may be inaccessible to some participants. Provisioning authorities should be wary of collecting information that compromises privacy.
Data sets aren’t always static. Some may grow, while other types of assets are edited. What sorts of changes are permissible? For example, a photograph may be color corrected or cropped. A nondestructive process facilitates version comparison.
Storing information or registering it with one central authority requires absolute trust in that authority. This exposes your data’s authenticity to extreme risk.
Learn More
Join us in building an ecosystem of secure, effective, and interoperable tools for capturing, storing and verifying digital content.
Our flagship course at Stanford University’s School of Engineering “Designing for Authenticity” explores and teaches this methodology in detail.
A three-part series on discussing novel database designs and their enabling of investigative workflows.
A set of gathering of legal and technical practitioners aiming to design web archives for evidentiary purposes. Summarized in the whitepaper.