Meaning of "picture" vs. "depiction" in contest proposal

[yi-sun]

In the contest proposal, taskers are asked to answer the following true false question:

This is a picture of a [real, live bird] / [real bicycle]. It is not a painting, drawing, sculpture, toy, stuffed animal, or any other sort of depiction. (It is okay if the object is a photorealistic rendering of a bird/bicycle.)

How is "depiction" defined in this question? For example:

1. Are images with distortion such as that seen in the center white portion or top right corner of the following image (from https://arxiv.org/pdf/1802.06806.pdf) allowed?

2. Are images which are edited versions of pictures of birds or bikes allowed? For example, are either of the following two images allowed?

[carlini]

Those are both fine. By depiction we mean drawing / painting / sculpture. Something that is intended to resemble a bird, but itself is not a bird.

Adding noise to an image that is clearly one of these object is okay.

[yi-sun]

Is there any limit to how much noise is allowed, or will this be determined by the taskers? For example, which of the following would be allowed?

[carlini]

The current description will just ask taskers if it is obviously a bird. The last one still looks like obviously a bird to me. It's a noisy image, but it's still pretty clear to me. (Also important: there's clearly nothing even resembling a bicycle in the image).

We're aware of the fact that this is a big attack surface.

Realize, however, models are allowed to abstain on any even slightly-noisy image. They must only be correct on the clean test images.