I Don’t Believe It
Everything is fake (and, as Jamie Bartlett says, no-one cares.)
Dateline: Toronto, 14th May 2026.
Since our human consciousness first evolved our brains have been wired to believe. That tree that you can see is real. That smell comes from lion dung, so beware. The elephant’s trumpeting suggests the presence of an actual elephant. Of course, you can fool people. Skilled magicians, for example, do it all the time. I have stood next to an entertainer who made a card vanish from my pocket and show up under my shoe. I almost fainted. But I knew it was a trick. Tricks are fun. I respect and admire the 10,000 hours that went in to the things I saw Shen Li do on stage in Las Vegas.
Fakes and News
Unfortunately, tricks aren’t always fun. And AI means that tricksters don’t have to do the 10,000 hours any more. Ten minutes is good enough to generate a fake person good enough to fool most of the people, most of the time. The story of “Sam”, the Indian medical student who made a fortune from an AI generated entirely fake woman is emblematic of our age, frankly. He tried a couple of ideas that didn’t work and then asked AI (in this, case Google’s Gemini) for advice. It suggested he target the “MAGA/conservative niche” because “the conservative audience (especially older men in the US) often has higher disposable income and is more loyal”.
The Ai was right and within a month, the wholly imaginary silicon beauty “Emily Hart” had more than 10,000 Instagram followers, many of whom also subscribed to her Grok-generated nude photos on Fanvue, where they could also message “her”. Sam got a cut from the subscriptions and the merch (yes, the non-existent MAGA model had her own merchandise too) was making a few thousand dollars a month.
(Sam is my hero. In that Wired magazine piece he is quoted as saying “I was basically doing nothing,“ he says. “And it was just flooded with money”. What an inspiration.)
Technology has always been associated with trickery. In Stalin’s time a skilled bit of airbrushing could get a troubling acquaintance literally out of the picture. But, generally speaking, most of what we saw or heard was true. Now, however, we are through the looking glass now and as Riley Hughes recently put it, we need to default to disbelief. He’s right, and not only business but society will become unsustainable unless we do something at the infrastructural level.
I think I already do this to a large extent. I don’t believe anything I see on social media and assume that everything there is for entertainment purposes only, but not everyone thinks this way. Indeed, a significant fraction of the population get their news from social media. In our United Kingdom six in ten adults use some form of intermediary (such as social media) for their news, with Meta the most commonly used online source. While it remains the leader, the use of Meta’s platforms (that is, Facebook, Instagram, Threads and WhatsApp) is actually declining among people using social media for news year. Among adults who get their news direct from news organisations, almost two-thirds use BBC news. Overall, half of UK adults get their news online.
(Across the pond, a fifth of U.S. adults now regularly get their news from TikTok. No social media platform has experienced faster growth in news consumption. According to Pew Research Center data, nearly half of 18- to 29-year-olds said they regularly get news from TikTok in 2025, up from a third in 2023.)
These figures are very worrying in an environment where truth and fiction look the same, not least because fake news is an obvious way for agents of foreign powers to sow discontent and encourage disruption. The UK Press Gazette has named more than 50 apparently fake experts who have offered commentary to the British press in recent years and featured more than 1,000 times in newspapers, magazines and online titles. Not fake in the sense that they do not have any real knowledge of the topic under discussion but fake in the sense that they do not exist. Yes, you read that right: newspapers are quoting experts who do not exist.
(Completely fake content is not only in news stories, by the way. The Chicago Sun-Times “Summer reading list for 2025” supplement recommended titles including “Tidewater Dreams” by Isabel Allende and “The Last Algorithm” by Andy Weir—books that don’t exist. The creator of the list, Marco Buscaglia, confirmed to 404 Media that he used AI to generate the content. In fact a check by Ars Technica showed that only five of the fifteen recommended books in the list were real.).
The technology-enabled mass production of fakes is steadily polluting every mundane aspect of life. DoorDash just banned one of their drivers who used an AI-generated photo to lie about making a delivery in Austin Texas. A French woman sent $800,000 to a fake Brad Pitt who had expressed is heartfelt desire for her. A company officer sent $25 million to fraudsters after a fake version of his CFO reached out on a video conference.
(You don’t need me to tell you that fraud is out of control and that AI is making it worse. I almost clicked on a very convincing e-mail from “Docusign” a few minutes ago.)
The security world’s response is to shift to zero trust. The National Institute for Science and Technology (NIST) has a helpful primer about this that sets out the basic principles, which are essentially “never trust, always verify”. In other words, treat every user, device, app and AI and untrusted and dynamically authenticate and explicitly authorise every activity. Thus all activity takes place within a context of assumed breach: that is, systems assume that the bad guys are already on the inside Hopefully proper implementation of zero trust should do something to mitigate hacks such as happened at Jaguar Land Rover last year (a hack so devastating that it affected the UK’s GDP figures).
Round and Round
What does this mean outside the enterprise environment though? How is the lovesick French woman supposed to know whether she is really looking at a picture that was sent by the real Brad Pitt? How are you supposed to know that it is me on Zoom and not an AI-generated simulacrum? How am I supposed to know whether that WhatsApp really came from you?
Actually, WhatsApp is an interesting example. In a recent UK court case, a judge ruled that WhatsApp messages are not contracts. He said that “WhatsApp messaging is now a well-established method of sending encrypted messages linked to the telephone numbers of mobile phones”, which is uncontroversial. Then he went on to say that the phone number does not, itself, identity the sender. In other words, you will not be surprised to hear me say, we need some kind of digital identity. With digital identity in place, we can then begin to really do something positive and switch to disbelief as the default.
With disbelief as the default, your browser and your instachat and your tikbook and everything else could be set to blank any image, video or text that does not carry a verifiable digital signature. The digital signature would not, of course, tell you whether what you are looking at is true or not, but it would tell you where it came from: did it come from Sky Sports or some guy? Then at least the viewer would know whether the clip of money saving expert Martin Lewis on the BBC recommending that you buy DaveCoin did actually come from the BBC or not.
Homo Slopiens
From the gun-toting MAGA porn star’s subscriptions to the counterfeit celebrities cons, from the bogus CEO in the Teams meeting to the pernicious pretend newsreader on X, we are under daily assault from machine-generated homo slopiens with silicon DNA evolving at a thousand times the rate of ours. Our sceptical senses are overwhelmed and without help we are doomed. It’s a small step, in my opinion, from AI-generated Korean pop stars attracting legions of fans to AI-generated demagogues attracting legions of armed followers.
What on Earth are we supposed to do? Well, I’m with Tracey Follows on this. She says that text-based ‘fake people’ are an inevitable part of the new online world and that current deepfake detection techniques may not be able to keep up, going on to observe “We’ll probably get to an online world where everybody is required to have much more of a digital identification, some verification, that not only are you a person – but you are this person or that person”.
Spot on, and note the difference between the two: for a great many online activities, it is not important that you are this person or that person, merely that you are a person. A first step towards cutting down on identity fraud is to remove the need for people to provide their identities at all, shifting to online interactions based on what you are rather than who you are, to transactions based on credentials not identities.
(One of the most important credentials will be, I hardly need to remind you, IS-A-PERSON.)
Our ape brains are easy to fool, but they have come up with some mathematics that are not. We’ve invented cryptography, so let’s use it.