About Digital Watermarks

Given the growing conversation around digital watermarking as a tool to deliver a safe and fair internet, and some recent confusion around the technology, we believe it is important to detail what we believe constitutes digital watermarking technology and what does not.

What is a Digital Watermark?

Digital watermarking is the science of hiding information about an item in the item itself. Images, audio, video, and documents are among the types of digital assets that are currently digitally watermarked at global scale. Embedding is the act of hiding the information in an asset and the process of discovering that information is referred to as detection. Often, this embedded information consists of a unique identifier, and that identifier is used to communicate content provenance, authenticity, and copyright information about a digital asset in way that is both secure and inextricably linked to the asset itself.

President Biden's recent Executive Order on managing the risks of AI defines “watermarking” as “the act of embedding information which is typically difficult to remove (…)”. As the pioneer and widely recognized leader in digital watermarking, Digimarc believes a digital watermark must have five specific characteristics, all of which are necessary to fulfill the definition set out in the Order:

1. Covert and Machine Readable: A digital watermark is meant to be read by machines, not humans. As such, in addition to the requirement of indeed being detectable and readable by machines, it can also be (and almost always is) invisible and inaudible.
2. Immutable: Once a digital watermark is applied to a digital asset, it becomes part of the digital asset itself, and thus the information cannot be changed. This also enables a digital watermark to transit all formats and distribution channels, ensuring its utility regardless of workflow.
3. Ubiquitous: Because a digital watermark is covert, it can cover the totality of a digital asset, thereby making it more difficult to damage, manipulate, or remove the information.
4. Redundant: Since a digital watermark can cover the totality of a digital asset, in addition to how the watermark itself is constructed, the digital asset can suffer significant damage or manipulation without impacting the digital watermark’s ability to be detected.
5. Secure: The information contained in a digital watermark should only be shared in encrypted form which, when combined with other properties listed above, results in a robust data carrier that cannot be trivially severed from an asset. This also means digital watermarks should also not be created using open-source technology as this introduces system risk caused by bad actors.

Variances in Digital Watermarks

Like any other technology, not all digital watermarks are created equal. Some are much better, more secure, and more technically complex than others—just like the locks to a home. For example, the lock to a screen door is much less secure than a multi-pronged deadbolt attached to a steel door. They are both locks, yes, and given the right tools they could both be broken, but one is markedly more secure than the other.

At Digimarc, we are focused on building the deadbolt, steel-door version of watermarks for both the physical and digital worlds, ensuring that the locks provide the security needed for a given application. That’s why our technology has been deployed at a significantly larger scale and for a much longer duration than other digital watermarking technology. It is for this reason that our technology has been trusted by the world’s central banks for over 25 years.

We are also adding other layers of security to our technology in addition to digital watermarks because the true security of any system isn’t defined by the security of any single layer, but how all those layers work in tandem to accomplish the goal. Just like choosing a secure lock for your door helps protect your home, adding additional security features like motion-activated floodlights, a home alarm system, and a video doorbell makes it safer.

Metadata and Manifests are Not Digital Watermarks

Information about a digital asset, such as provenance and ownership, is referred to as metadata. Sometimes this metadata is stored in a format called a manifest. This information is critical to determining the ownership or authenticity of digital content.

The term “digital watermarking” is sometimes erroneously used when discussing metadata, and this confusion has significant implications for system security. As an example, metadata attached to an image file differs from digital watermarking in that the image file is not immutable and the metadata contained therein is not ubiquitous or redundant. Moreover, metadata is noticeably insecure as it can be (and often is) easily removed from files, severing it from the content it was originally tied to. Then, new (and incorrect or nefarious) metadata can be inserted instead. The ease with which metadata can be removed or replaced is not lessened by any cryptographic techniques used to sign the metadata, and thus metadata does not meet the definition provided in the Order of being difficult to remove.

Digital watermarks are not only different than metadata, they are also necessary in a system that is built upon the accuracy of that metadata, because digital watermarks give metadata enduring value. A digital watermark can act as a tether to retrieve a digital asset’s correct and unaltered manifest, and hence its correct and unaltered metadata. A system built on metadata alone, without the enduring tethering of that metadata to a digital asset via a digital watermark, provides false certainty.