As artificial intelligence agents become more sophisticated, it may become increasingly difficult to distinguish between AI-driven users and real people on the internet. In a new white paperResearchers from MIT, OpenAI, Microsoft and other technology companies and academic institutions are proposing the use of identity credentials, a verification technique that allows someone to prove online that they are a real person while maintaining their privacy.

MIT News spoke with two of the paper’s co-authors, Nouran Soliman, an electrical engineering and computer science student, and Tobin South, a student in the Media Lab, about the need for such qualifications, the risks involved, and how to implement them in a safe and fair manner.

Q: Why do we need personality references?

Tobin South: AI capabilities are improving rapidly. While much of the public debate has focused on how chatbots are getting better, advanced AI offers many more possibilities than just better ChatGPT, such as the ability for AI to interact autonomously online. AI could create accounts, post content, generate fake content, impersonate a human online, or algorithmically amplify content on a massive scale. This comes with many risks. You can think of this as a “digital impostor” problem, where it becomes increasingly difficult to distinguish between advanced AI and humans. Persona credentials are a potential solution to that problem.

Nouran Soliman: Such advanced AI capabilities could help malicious actors launch large-scale attacks or spread misinformation. The internet could be filled with AIs re-sharing content from real people to fuel disinformation campaigns. The internet, especially social media, would become harder to navigate. One could imagine using personal credentials to filter and moderate content on your social media feed or to determine the trust level of information you receive online.

Q: What is a proof of identity and how can you ensure that this proof is secure?

South: Personhood credentials allow you to prove that you’re a human without revealing anything else about your identity. With these credentials, you can obtain information from an entity like the government that can vouch for you that you’re a human, and then through privacy technology, you can prove that fact without sharing sensitive information about your identity. To get a personhood credential, you have to appear in person or have some relationship with the government, like a tax identification number. There’s an offline component. You have to do something that only humans can do. For example, AIs can’t appear at the DMV. And even the most advanced AIs can’t forge or crack cryptography. So we’re combining two ideas — the security that we have through cryptography and the fact that humans still have some capabilities that AIs don’t have — to provide really robust guarantees that you’re a human.

Soliman: But personhood credentials can be optional. Service providers can let people choose whether or not to use one. Right now, there’s no reasonable way to do that if people only want to interact with real, verified people online. And in addition to creating content and talking to people, AI agents will eventually take action on people’s behalf. If I’m going to buy something online or negotiate a deal, I might want to make sure I’m interacting with entities that have personhood credentials to ensure they’re trustworthy.

South: Personal data is built on an infrastructure and set of security technologies that we have been using for decades, such as using identifiers like an email account to log in to online services. They can complement these existing methods.

Q: What are some of the risks associated with personality references and how can you mitigate these risks?

Soliman: One risk comes from the way personhood credentials might be implemented. There’s a concern about concentration of power. Suppose one specific entity is the sole issuer, or the system is designed to give all the power to one entity. This could raise a lot of concerns among a segment of the population — they might not trust that entity and feel safe doing business with them. We need to implement personhood credentials in a way that makes people trust the issuers, and we need to make sure that people’s identities are completely separated from their personhood credentials to maintain privacy.

South: If the only way to get a personhood credential is to physically go somewhere to prove you’re human, that can be scary if you’re in a sociopolitical environment where it’s difficult or dangerous to get to that physical location. That could prevent some people from sharing their messages online in an unfettered way, potentially stifling free speech. That’s why it’s important to have a variety of issuers of personhood credentials, and an open protocol to ensure that free speech is preserved.

Soliman: Our paper aims to encourage governments, policymakers, leaders and researchers to invest more resources in personhood credentials. We propose that researchers explore different implementation directions and investigate the broader impact of personhood credentials on the community. We need to make sure that we create the right policies and regulations on how personhood credentials should be implemented.

South: AI is moving at a rapid pace, certainly much faster than the speed at which governments are adapting. It’s time for governments and large companies to start thinking about how they can adapt their digital systems to be ready to prove that someone is a human being, but in a way that is privacy-preserving and secure, so that when we get to a future where AI has these advanced capabilities, we’re ready.