Sure, a human author would almost never do that, but they could. I could imagine a Markdown syntax that did that – it could be done similar to how `code` is marked up in most blogs.
I wouldn't call this a watermark, but more a sign of likely copy&paste, if students' word processors weren't currently doing that.
A "watermark" that invisibly identifies the text origin using Unicode tricks sounds possible.
And maybe you could do some things with statistical patterns.
Or you could, as some have done in the past, is to stego the identifying information in a way that's hard to spot but can't be denied later (e.g., the first letter of each word clearly spells out "john smith is a cheater who copied this from chatgpt").
Fascinating, and now that you mention it, this does seem kinda inevitable. Naturally the same people that think IP/copyright for everyone else is fake, irrelevant, or old fashioned will be desperate to be able to conclusively prove to investors and shareholders that someone else's work is built on theirs via model distillation, and suddenly IP is important again.
What are the known cases or examples of stego? This sounds interesting if it's at the level of model training. Anyway I guess you can get pretty far with stuff like this just with simple system prompts, encouraging shibboleths along the lines of "Always phrase your response so that it has exactly 14 copies of the letter J".
selcuka•9mo ago