(1/n) Thrilled to launch our new preprint -- led by the brilliant Milena Rmus (@milenamr7) and with superstars Matt Hardy (@mdahardy) and Tom Griffiths (@cocosci_lab)
Meet Milena Rmus (@milenamr7) — engineering wizard, data visualization artist, and resident cat/meme/ClaudeCode extraordinaire at @RoundtableHQ_ .
Every team needs a Milena. Her love of the craft shows up everywhere: building elegant visualizations for exploratory statistical work, monitoring API errors from the middle of metal concerts, and keeping company culture alive with perfectly timed memes.
She’s a driving force behind Roundtable’s Proof of Human research agenda. We met through overlapping computational cognitive science circles — she holds a BA from Brown, a PhD from Anne Collins’ lab at UC Berkeley, and most recently completed a postdoc in Munich.
Her publication record is extensive: Nature, NeurIPS, PLOS Computational Biology. Again and again, she brings cutting-edge AI and ML approaches to understanding the human mind and brain.
At Roundtable, she leads continuous benchmarking and red-teaming of the Proof of Human API. Fraud evolves quickly — having our toughest critics in-house is a feature, not a bug.
And don’t underestimate her intellectual edge. She led our “AI Capabilities ≠ Humanness” piece, grounding a contrarian AI stance in cognitive science. More work is on the way, and we’re excited to share it soon :)
In the meantime — to honor Milena — here are a few cat memes.
Fraud has industrialized.
A lot of people still talk about scams like random bad actors doing random bad things on the internet. In reality, commercialized fraud now behaves like an industry.
Supply chains, specialization, reinvestment, geographic expansion when pressure rises.
AI adds fuel to the machine:
- Better impersonation,
- Better localization,
- Lower cost per attempt,
- Higher volume.
For people working in trust & safety, payments, adtech, market research, and identity: where do you think the biggest defensive gap sits today—distribution, decision-making, or monetization?
Your fraud filter can ruin a study even when it catches fraud.
A lot of research teams ask: “How do we block more bots?”
Fair question. Wrong frame.
Every fraud control makes a decision about people.
And every threshold creates two costs (1) rejecting valid respondents and (2) accepting invalid ones. Both can damage a study.
A fraud filter starts doing more damage than the fraud when teams make three mistakes:
1. They count the cost of fraud that slips through, but ignore the cost of rejecting real respondents.
2. They treat a risk score like a precise probability, even when the model was never calibrated to support that.
3. They block every borderline case instead of using softer steps like verification, extra checks, or review.
The practical move is simple.
Track two ledgers:
• who you wrongly rejected
• what invalid data you wrongly accepted
Then build action tiers: allow, soft verify, extra checks, manual review, block.
That gives you a way to protect the dataset without swinging a blunt instrument at the sample.
Fast fieldwork feels good. Clean dashboards feel good.
Neither proves you measured humans well.
The useful question is: what will this filter cost us if it is wrong?
That’s the number more teams should manage.
Reddit’s crackdown on AI bots and scrapers looks like a moderation story on the surface.
The deeper signal in Reddit’s move is that human participation is becoming premium infrastructure, and platforms are going to need proof of human presence.
When a platform fills with bots, scraped content, and synthetic engagement, your platform loses control of its value.
Every platform that depends on user-generated content is heading toward the same question: how do you preserve anonymous participation while still proving human presence?
That question is going to shape product design, trust and safety, identity infrastructure, and data licensing over the next few years.
The platforms that solve it well will protect trust.
The ones that don’t will watch their content, communities, and economics get hollowed out.
How do you think platforms should verify human presence without destroying privacy?
Halfway through the decade, the internet’s primary audience has shifted. The web is no longer built solely for humans.
According to Cloudflare’s latest data, AI crawlers now generate 4.2% of all global HTML page requests. While that sounds small, Cloudflare secures 20% of the web, meaning AI bots are making tens of billions of requests every day.
The shift is accelerating:
- 2023 1 in 200 site visits were AI bots.
- 2025: 1 in 31 site visits are AI bots.
Index vs. Ingest Search engines index the web to help people find things. AI crawlers ingest the web to help models learn. They aren’t just visiting; they are consuming forums, research, and documentation at a scale humans can't match.
The economics of the web are changing. For twenty years, the internet connected people to information. Today, it connects machines to data. The internet isn't just being read anymore. It’s being downloaded.
Online survey fraud is no longer a "glitch." It's now a structural feature of the system.
According to latest 2026 data from NORC and CloudResearch, the scale of the threat has reached an existential level:
1. The 40% Threshold
Industry authorities estimate that ~40% of all online, open-panel survey interviews in 2025 were fraudulent. This isn't just noise; it's a systematic rewriting of market reality.
2. The Human Click-Farm Reality
While we worry about AI, the current "boots on the ground" are human. Most fraud today is driven by coordinated click farms (real people using VPNs and scripts to mimic human behavior) and bypass traditional traps.
3. The 90% Danger Zone
In unprotected environments (especially social media recruitment), the numbers are staggering. Multiple peer-reviewed studies now report that 94% to 95% of responses can be bots or falsified profiles.
4. The Clustering Bias Fraudulent
Responses aren't random. They cluster. Bad actors systematically:
- Avoid disqualifying answers.
- Over-select socially desirable options.
- Mimic specific demographic profiles.
If you are still relying on simple "Attention Checks" or CAPTCHAs, you are unprotected.
In 2026, "clean data" requires a layered posture:
- Identity Proofing (Database-verified IDs)
- Device Forensics (Fingerprinting & Network telemetry)
- Behavioral Forensics (Keystroke & Mouse movement analysis)
Stop paying for "data cleaning" and start investing in authenticity verification.
#MarketResearch #ConsumerInsights #DataQuality #AI #SurveyFraud
Humans are now the minority of web traffic.
OpenClaw is the latest signal that the barrier to entry for “Agentic Traffic” has collapsed.
We are watching a specific shift in how the web is consumed.
With 161,000+ GitHub stars in a few months, OpenClaw demonstrates massive developer interest in browser-based automation. It allows engineers to deploy "Agents" that don't just scrape HTML, they run full browser instances, handle session tokens, and navigate complex UIs.
Tools like this signal the emerging class of applications that treat your website as their API.
Aggregators fetching real-time pricing. Tools automating survey responses. AI Assistants performing tasks.
These aren't necessarily malicious "botnets" in the traditional sense. They are often legitimate services built on an architecture of scraping.
This aligns with broader infrastructure trends. Imperva reports that automated requests hit 51% of web traffic in 2024, and Akamai noted a 300% YoY surge in AI-driven traffic specifically.
As these tools become easier to deploy, the volume of "Headless Browser" traffic will likely continue to rise relative to human traffic.
The Question for 2026: if a significant portion of your traffic is now autonomous agents "using" your site, are your analytics (and your defenses) calibrated to distinguish them from human users?
Alan Turing never intended for humanity to prove its existence by clicking on traffic lights
When CAPTCHA was invented (CMU, 2000), it was a “Reverse Turing Test.” The machine challenged you. For two decades, this worked. We moved from squiggly text to image grids, constantly raising the bar as scripts got smarter.
But recently, the logic broke.
The “99%” Reality vs. The “60%” Threat
You’ve likely read that specialized solver scripts now defeat CAPTCHAs with 99% accuracy. That is true for scripts.
But we are now facing a new threat class: Autonomous Agents. These aren’t simple scripts; they are digital employees (Claude, Gemini, GPT-5) navigating the web like us.
We just benchmarked the top 3 agents against Google’s reCAPTCHA v2. The results expose a fascinating “Behavioral Gap.”
Success Rates (Agent vs. CAPTCHA):
•Claude Sonnet 4.5: 60% ✅
•Gemini 2.5 Pro: 56% ✅
•GPT-5: 28% 📉
The “Overthinking” Paradox
Why did GPT-5 (the “smartest” model) fail the most? It wasn’t blind. It was anxious! Our analysis of the agent traces shows GPT-5 over-reasoning—generating massive chains of thinking tokens, hesitating, and timing out.
It failed the test not because it lacked intelligence, but because it lacked human entropy.
The Solution: A Process-Based Turing Test
We can no longer rely on the result of the test (selecting the motorcycle). We must analyze the process of taking it.
The future of verification isn’t a harder puzzle; it’s Continuous Behavioral Telemetry.
•Humans: Erratic mouse paths, variable typing speeds, intuitive clicks.
•Agents: Linear movements, “thinking” pauses, and mathematical precision.
If your security stack is still asking “What is in this picture?”, you are solving for 2015. You need to be asking: “How did this user arrive at the answer?”
We’ve compiled the full breakdown of how agents interact with standard defenses—and where they fail. See our research here: https://t.co/lXOx406uQJ
The next wave of fraud is here... and everyone from tech leaders to national security agencies are sounding the alarm:
Last week Nikita Bier wrote on X: "Prediction: In less than 90 days, all channels that we thought were safe from spam & automation will be so flooded that they will no longer be usable in any functional sense: iMessage, phone calls, Gmail.
And we will have no way to stop it."
X's response? Shut down all agentic behavior on their site.
Sam Altman at OpenAI has warned the world is on the edge of a fraud crisis because AI can mimic human verification signals, like voiceprints, well enough to fool banks and authentication systems. He said bad actors will continue to develop advanced autonomous systems, and our old identity checks won’t cut it anymore.
"AI is going to be a real problem for cyber security. AI is also a solution to those things. It's a solution to a lot of other problems as well. And I think we need like a society wide effort, to... provide the infrastructure for this resilience, not labs that we trust to sort of always block what they're supposed to block.
"
The FBI has also publicly alerted everyone that criminals are using generative AI to scale fraud at larger sizes and much higher believability than before. They point to AI-generated text, images, audio, and video that make fraud schemes more convincing and harder to detect.
This is where it gets extra uncomfortable…
We aren’t talking about some distant future. We already see this in communication channels falling under automation load. Panels, surveys, and research systems assume humans respond, and existing tools catch fraud…
AI breaks those assumptions.
That means our traditional checks will start failing silently long before we see red flags. And when that happens, data stops being reliable long before anyone realizes it.
This is what keeps the Roundtable team awake at night. What we go to work every day to solve.
If fraud has the computational power, perhaps 10x, even 100x, of humans, at scale... how do we provide proof of human?
We have research that shows as AI agents scale, their behavior starts to diverge in subtle but measurable ways from humans. That divergence might be the foothold we need to defend human-centric data. (https://t.co/1arc25MOXN)
Most people assume AI will become indistinguishable from humans.
At a small scale, maybe.
On a large scale, it doesn’t.
This is the gap we detect.
Hi X community,
I wanted to reiterate that we're hiring for TWO sales roles at @RoundtableHQ_ .
Internet companies need to verify their users are real human beings.
They want clean data.
They want real buyers.
They want peace of mind.
Come to SF. Let's change the world.
What makes @RoundtableHQ_ legible to Capital?
We sell verified human sessions.
Economies are built on human intent. Without verification, this TAM goes to zero.
Social media platforms amplify disinformation. Survey panels propagate fraud. Ticketing marketplaces get ripped off.
Each session we collects contributes to a smarter model, which results in a faster, more accurate verification system.
Eventually, society pays a micro-tax for invisible, frictionless verification.
There's no difference between idea and expression. Proof of Human is an Internet primitive.