Media Provenance The risk of AI in media provenance
For transparent and trustworthy communications, we need to be able to monitor and check the source and edits of digital assets (also known as ‘provenance’ in media). But with AI on the rise and the increasing difficulty of recognising what’s real and what isn’t, media provenance is seriously under pressure. In this blog, we take a look at the real-life impact of AI-generated deepfakes, how the C2PA aims to safeguard media provenance with Content Credentials, and how it all comes together in the Arbor platform.
Why AI is a risk to media provenance and trust
Unsurprisingly, there are many ways in which the rise of AI has a negative impact on trust and media provenance:
- Growing danger of disinformation: AI media is already prevalent, and people are increasingly confused and influenced by highly realistic synthetic content.
- It’s hard to fight disinformation: consumers simply don’t have the tools or knowledge to differentiate what’s real or verified from what isn’t.
- Loss of source information during sharing: the original “who made this” data is often lost during content sharing, making it easy for false or manipulated versions to spread.
- Erosion of trust in all information: because manipulated and AI-generated media seem so legitimate, consumers lose trust in all digital information. And that unfortunately includes the authentic content governments and public organisations share.
3 real-life examples of impactful AI-generated deepfakes
Zelensky “Surrender” Deepfake (2022)A deepfake video showed Ukrainian President Volodymyr Zelensky urging troops to surrender to Russia. It was posted on hacked news platforms and spread on social media. Relevance The synthetic video exploited high-trust distribution channels. Impact Though quickly debunked, it illustrates how AV content pipelines can be weaponised if provenance isn’t preserved. |
Slovak Election Deepfake (2023)Days before the Slovak parliamentary elections, a convincing deepfake audio clip circulated online, falsely portraying a prominent opposition politician discussing election rigging. Relevance No metadata, no traceable source, just viral misinformation. Impact The clip helped sway public opinion, highlighting how easily AI-generated content can destabilise democratic processes. |
Fake Pentagon Explosion (2023)A deepfake image of an explosion near the Pentagon spread via verified X accounts (formerly Twitter), briefly causing panic and even leading to a dip in the stock market. Relevance The image looked like breaking news and was widely shared before it was debunked. Impact It’s powerful proof of how even a single AI-generated image, if not traceable, can manipulate markets and erode trust in real-time reporting. |
Protecting media provenance with the C2PA
The urgency is of protecting media provenance is clear. So, that’s where the Coalition for Content Provenance and Authenticity (C2PA) comes in.
C2PA is a Joint Development Foundation project, set up as an alliance between Adobe, Arm, Intel, Microsoft, and Truepic. The coalition addresses the prevalence of misleading online information through the development of technical standards for certifying the source and history of media content. And they make all the difference.
C2PA makes everyday digital life better by…
- Helping consumers check the provenance of the media they consume
- Increasing clarity around provenance and edits for journalistic work
- Offering publishers opportunities to improve their brand value
- Providing quality data for indexer / platform content decisions
- Assisting ‘Intelligence’ investigators to confirm provenance and integrity of media
- Improving the evidentiary value of critical footage
- Enforcing disclaimer laws on retouched and edited images
An open technical standard: Content Credentials
How C2PA does it? Through an open technical standard for publishers, creators and consumers to establish the origin and edits of digital content: Content Credentials.
With Content Credentials, trust decisions are made by the consumer of the asset based on the Signer of the provenance data, along with the information in the assertions contained in the provenance. This signing takes place at each significant moment in an asset’s life (like creation or editing) through the use of the Signer’s unique credentials. It makes sure that the provenance data remains cryptographically bound to the newly created or updated asset. And that information is immediately visible to the user via the Content Credentials pin.
The Content Credentials pin lets you know that the content contains information about its provenance. Simply click on the pin for an interactive component with key information, such as the method of creation and a record of the editing history.
The Content Credentials pin in an Arbor livestream
| What is Content Credentials?Content Credentials enables the secure binding of statements of provenance data to instances of content. These provenance statements are called ‘assertions’ and include information about who created the content and how, when, and where it was created. They can also include information about how it was edited throughout its life. |
Relying on Certificate Authorities
To help consumers make informed decisions about the provenance of an asset and prevent unknown attackers from impersonating others, it’s critical that each application and ecosystem reliably identifies the owner of the signing credential (also known as a digital certificate).
A certification authority (CA) performs this real-world due diligence to make sure signing credentials are only issued to verified entities. CAs that are recognized and trusted in a specific application or ecosystem are included in a trust list: a list of certification authorities that issue signing credentials for that application.
…But what if provenance is incomplete?
If an asset is cropped using a non-Content Credentials aware tool, the provenance data may not be updated to reflect that. But not all is lost. If the asset is then brought back into a Content Credentials aware tool for further modification or preparation for publication, the Signer of the new Content Credential also implicitly attests to the crop.
This means that, despite missing provenance information, the asset can still be trusted based on the Signer of the active Content Credential.
Simply put, Content Credentials help establish transparency in the work you do. And isn’t that the most important value in governmental and public sector communications?
Media provenance and C2PA at Arbor
We have a unique position at Arbor, as we capture, encode, and distribute official government streams, making our platform both the first and last touchpoint. Integrating C2PA into our workflow fully preserves authenticity, from capture to public playback.
With invisible watermarking, we can further strengthen provenance, so that authenticity can still be verified even if metadata is stripped or content is reshared. <Relevant? Do we want to insert more information about STARDUSTmark/Castlabs?>
Ultimately, C2PA restores confidence. It embeds verifiable proof of who created content and how it was edited directly into media files. That improves media collaboration, as newsrooms and broadcasters can instantly verify the authenticity of government content. But citizens and journalists can see visible proof that content is genuine and unaltered, too.
At the end of the day, that’s the only way we can collectively protect official messages, support transparency, and reinforce democratic trust. And that’s exactly why we work hard to be a key safeguard in trusted digital communication for governments.
Want to know more about media provenance, C2PA, or how we can navigate this together? We’d love to help. Contact xxx
Technical FAQ
How does C2PA address the use of AI/ML in the creation and editing of assets?
Each action that is performed on an asset is recorded in the asset’s Content Credentials. These actions can be performed by a human or by an AI/ML system. When an action was performed by an AI/ML system, it is clearly identified as such through its digitalSourceType field.
The Content Credential for an AI/ML model provides the consumer (e.g. a system operator designing an AI/ML system) with provenance and authenticity of the model.
When the model is included as an ingredient in the Content Credential of the output of an AI-ML system, the consumer of the output can check the validation state of the model and explore the model provenance to provide additional assurance that the output is trustworthy.
Where are manifests stored?
- Embedded in the File (Bundled Storage)
- The C2PA manifest is directly embedded within the media file (e.g., JPEG, PNG, MP4). This is the preferred method for formats that support metadata containers (e.g., JPEG with EXIF/XMP, or MP4 atoms).
It ensures the manifest travels with the content, making provenance information tamper-evident and self-contained.
- Detached and Hosted Separately (Remote or Detached Storage)
- The manifest is stored separately and referenced via a URI or external link.
This is useful for formats or workflows where embedding is not feasible or desirable (e.g., streaming content, live feeds, proprietary formats). It enables dynamic linking (i.e. watermarking), but requires a trusted manifest store and access control.
How does C2PA relate to IPTC?
IPTC is the metadata backbone journalists already rely on. This metadata describes:
- Who created this photo or video?
- When and where was it captured?
- What rights apply?
- How should it be credited?
While IPTC tells you what a media item is, C2PA tells you whether you can trust how it came to be. That’s why C2PA provides:
- Tamper-evident provenance (cryptographically signed metadata)
- A verifiable chain of custody from capture to editing to publication
- Protection against AI-generated or manipulated media
- Compatibility with newsroom tools (camera manufacturers, editing software, CMS systems)
So, where IPTC is descriptive, C2PA is verifiable. C2PA doesn’t replace IPTC; instead, it can make IPTC metadata trustworthy.
Does C2PA prevent deepfakes and disinformation?
Unfortunately not. C2PA is incredibly valuable, but it’s not a silver bullet against all risk of misinformation. It does not prevent deepfakes and does not stop scraping, copying, or re-uploading of digital assets.
It also doesn’t validate editorial decisions; it only records that an edit occurred, not whether it was ethical.
And, lastly, C2PA doesn’t judge truth or accuracy. Rather than making claims about what’s factually correct, it simply proves “this is what happened to this file.”