Personhood credentials: Artificial intelligence and the value of privacy-preserving tools to distinguish who is real online

Anonymity is an important principle online. However, malicious actors have long used misleading identities to conduct fraud, spread disinformation, and carry out other deceptive schemes. With the advent of increasingly capable AI, bad actors can amplify the potential scale and effectiveness of their operations, intensifying the challenge of balancing anonymity and trustworthiness online. In this paper, we analyze the value of a new tool to address this challenge: “personhood credentials” (PHCs), digital credentials that empower users to demonstrate that they are real people—not AIs—to online services, without disclosing any personal information. Such credentials can be issued by a range of trusted institutions—governments or otherwise. A PHC system, according to our definition, could be local or global, and does not need to be biometrics-based. Two trends in AI contribute to the urgency of the challenge: AI’s increasing indistinguishability from people online (i.e., lifelike content and avatars, agentic activity), and AI’s increasing scalability (i.e., cost-effectiveness, accessibility).

Introduction. Malicious actors have long used misleading identities to deceive others online. They carry out fraud, cyberattacks, and disinformation campaigns from multiple online aliases, email addresses, and phone numbers. Historically, such deception has sometimes seemed an unfortunate but necessary cost of preserving the Internet’s commitments to privacy and unrestricted access. But highly capable AI systems may change the landscape: There is a substantial risk that, without further mitigations, deceptive AI-powered activity could overwhelm the Internet. To uphold user privacy while protecting against AI-powered deception, new countermeasures are needed. With access to increasingly capable AI, malicious actors can potentially orchestrate more effective deceptive schemes. Two trends contribute to these schemes’ potential impact: 1. Indistinguishability.

Discussion / Conclusion. PHCs give digital services a tool to reduce the efficacy and prevalence of deception, especially in the form of: 1. Sockpuppets: deceptive actors purporting to be “people” that do not actually exist. 2. Bot attacks: networks of bots controlled by malicious actors to carry out automated abuse (e.g., breaking site rules and evading suspension by creating new accounts). 3. Misleading agents: AI agents misrepresenting whose goals they serve. PHCs offer people a tool to credibly signal that they are a real person operating an authentic account, without conveying their identity. PHCs also help service providers spot deceptive accounts, which may lack such a signal. In close collaboration with the public, we encourage governments, technologists, and standards bodies to invest in the development, piloting, and adoption of personhood credentials as a key tool in addressing scalable deception online: