Take a look at Machine Generated Text: A Comprehensive Survey of Threat Models and Detection Methods by Crothers, Japkowicz, and Viktor (open access preprint on the arXiv, from October 2022)

I had indeed made that assumption, thanks for pointing that out!

For 1:

This seems feasible to implement but easy to circumvent - a single change and the hash no longer matches. If you instead store an embedding in some semantic space you might be at least able to say "we generated something a lot like this for someone, once", but that's as good as you will get.

A similar idea is to embed watermarks in the artifacts. Stable Diffusion by default does this, (I believe using this package), but forkers down the line have intentionally removed it.

Unfortunately it seems as sensible and feasible (and serves the same purpose of attribution) as cryptographically signing output in other fields, and we haven't had much luck persuading people to do that either.

It also doesn't apply to models run locally.

For 2:

That page you link to points out that the model is not deemed fit for purpose by the researchers (at least, when on its own) and that they expect this problem to only get more challenging as model sizes increase.

For someone trying to circumvent the discriminator; if they have access to the discriminator then they can adjust their artifacts so the discriminator no longer flags them.

I don't believe either solution is robust against bad actors. I also don't think attribution itself solves the problems caused by human-plausible content generation, but that is almost certainly a perspective thing.

Finally: This is not my field. Any corrections to the above please let me know.

https://github.com/LAION-AI/CLIP-based-NSFW-Detector uses CLIP, all released under MIT

I would be wary - AI approaches tend to give you plausible answers, not true answers. Also it may be worth updating your post to make it clear that you're looking for AI solutions to your problem, rather than looking for data cleaning advice for a dataset that you are going to feed into a machine learning system (which is what I inferred)

Fuzzy matching will help with the typos, but from experience we crafted nicknames by hand.

If your jurisdiction(s) have accessible company records then you could match on those names to determine which rows are official names. This solves half your problem, as you then just need to match the remaining rows to an accepted official name.

You could also modify Levenshtein distance so that dropping characters is free in an attempt to match full names with shorter names, but this will be computationally expensive.

Absolutely, but this was the clearest counter-example I could think of.

A Bayesian-updated linear regression system will indeed give you a linear inference step and count as ML in my opinion.

Note that without the non-linear part each layer would just be a single linear map. The composition of multiple layers would then be a linear map again, so there would be no need for multiple layers in a model.

No - layers in neural networks are often a linear map followed by component-wise non-linear maps. The resulting operation is non-linear.