Welcome back to Neural Notes, a weekly column where I look at how AI is influencing Australia. In this edition: a developer may have found a fatal flaw in Google DeepMind’s SynthID AI watermark system. Here’s why that’s a big deal for businesses. Related Article Block Placeholder Article ID: 333345 Neural Notes: The problem with Google’s AI opt-out for search Tegan Jones A developer has claimed to have reverse-engineered Google DeepMind’s SynthID watermarking system. This is the near-invisible tagging tech used across tools to identify AI-generated images. The project, built using outputs from Gemini, suggests it’s possible to interfere with how the watermark is detected. The developer has documented the process and uploaded their work to GitHub. SynthID works by embedding a signal directly into the pixels of an image at the point of generation. It’s designed to be invisible to the human eye while still allowing detection systems to know whether it was created with AI. Google has positioned the tech as a scalable way to label AI content without relying on visible disclosures or manual moderation. Smarter business news. Straight to your inbox. For startup founders, small businesses and leaders. Build sharper instincts and better strategy by learning from Australia’s smartest business minds. Sign up for free. * indicates required Email Address * By continuing, you agree to our Terms & Conditions and Privacy Policy. It’s worth noting the SynthID system wasn’t entirely cracked. The developer wasn’t able to remove the watermark completely. Instead, they were able to demonstrate a method that confuses detection systems, which made the signal harder to read. In practice, this means the watermark was still there, but detection tools could potentially be thrown off. Google has pushed back on claims that the system can be reliably bypassed, maintaining that SynthID remains effective. Watermarking tools like SynthID are designed to make misuse harder, not impossible. The underlying assumption is that most actors won’t invest the time or technical effort required to tamper with these signals at scale, which has made the approach workable for many everyday use cases. Related Article Block Placeholder Article ID: 334126 Neural Notes: Inside Anthropic’s AI deal with the Australian government Tegan Jones But that becomes more complicated as these systems start to carry regulatory weight. Businesses are increasingly using AI-generated images across advertising, social content and customer communication. Meanwhile, platforms and policymakers are moving towards clearer expectations around labelling and transparency. The federal government’s guidance for Australian businesses already points towards visible labels, metadata, and technical watermarks as best practice for disclosing AI-generated content. However, none of these mechanisms is currently mandated by law.  But if watermarks can be disrupted, or potentially imitated, it becomes harder to rely on them as a clean way to discern what is and isn’t AI-generated. The other issue is that watermarking is often treated as a practical foundation for managing AI-generated content in discussions around misinformation, deepfakes and provenance. But it operates on probabilities and watermark detection, which don’t always align with regulatory frameworks that expect clearer boundaries. Draft and proposed measures, from voluntary watermarking codes through to potential changes to broadcasting and online safety rules, all assume that watermarks can be trusted at least most of the time. SynthID is still working as intended. The watermark can’t be cleanly removed, and interfering with it isn’t straightforward. But as more developers test these systems in the open, their limits are becoming easier to map.  For Australian businesses, that doesn’t mean ditching watermarking completely, especially as transparency guidance hardens into more formal expectations. But it could be worth treating them as just one layer in a broader mix of content governance, disclosure and risk management, rather than a fail-safe tech fix. Stay in the know Never miss a story: sign up to SmartCompany’s free daily newsletter and find our best stories on LinkedIn.